Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/1b4dfa-c0de-44a8-9fc5-5f44537e72a5/1/mb9ZpAHKS4sP1_GzpHlsoE1NSOg.roa
File: mb9ZpAHKS4sP1_GzpHlsoE1NSOg.roa (raw, json)
Hash identifier: qw9EIP2yheSUS0ue2xy/Z3Sy5Eyrn2lywj/2Gm4rt/I=
Subject key identifier: 99:BF:59:A4:01:CA:4B:8B:0F:D7:F1:B3:A4:79:6C:A0:4D:4D:48:E8
Certificate issuer: /CN=59afc9faee4f4359a286afe5d0768525958342b5
Certificate serial: 01856BE59A42F5E6F60BE03697F929DC7B57
Authority key identifier: 59:AF:C9:FA:EE:4F:43:59:A2:86:AF:E5:D0:76:85:25:95:83:42:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wa_J-u5PQ1mihq_l0HaFJZWDQrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/1b4dfa-c0de-44a8-9fc5-5f44537e72a5/1/mb9ZpAHKS4sP1_GzpHlsoE1NSOg.roa
Signing time: Sun 01 Jan 2023 05:54:47 +0000
ROA not before: Sun 01 Jan 2023 05:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200428
IP address blocks: 185.92.60.0/22 maxlen: 22
2a05:ef40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:9a:42:f5:e6:f6:0b:e0:36:97:f9:29:dc:7b:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59afc9faee4f4359a286afe5d0768525958342b5
Validity
Not Before: Jan 1 05:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99bf59a401ca4b8b0fd7f1b3a4796ca04d4d48e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:42:b6:52:c4:01:2a:ae:88:6a:e0:86:e2:0d:
bb:c2:7a:82:8f:a9:9c:ee:77:90:e2:6d:b1:53:d1:
08:bd:4f:14:0d:75:35:85:97:cd:56:0c:f2:5d:03:
39:09:c6:6e:6b:e6:fa:38:27:a8:11:a3:67:a0:db:
9b:82:81:f5:c9:6c:a4:b4:af:a1:8d:26:37:29:69:
5c:c2:dd:a1:36:00:f8:bb:8e:c0:39:43:e8:41:9c:
66:d8:41:e1:cc:ba:7d:50:55:ce:91:43:5d:1c:25:
b5:0e:95:17:32:74:ce:d0:86:63:68:a6:b9:95:8b:
2d:1a:0b:b3:95:2b:35:11:9b:63:c9:96:68:cc:37:
1d:e0:fd:6a:f0:81:b9:af:04:87:2a:fb:da:8c:e3:
85:24:ce:1e:76:af:89:fd:5d:a2:00:25:c1:38:48:
f8:e3:53:d3:53:00:e7:d9:7f:23:cd:67:cf:d0:a1:
f6:f6:8b:bc:eb:15:ed:02:3d:fd:1b:0c:5e:52:97:
54:aa:18:e0:75:ae:c6:e6:08:6d:da:2e:8e:e1:f4:
f3:2d:c3:e3:c9:35:57:3c:35:39:d6:6e:b3:52:4e:
39:fc:51:80:71:6f:f0:d5:68:b4:31:b5:bd:2e:54:
6f:54:f0:1a:09:f6:40:7f:76:80:16:fc:af:24:96:
cc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:BF:59:A4:01:CA:4B:8B:0F:D7:F1:B3:A4:79:6C:A0:4D:4D:48:E8
X509v3 Authority Key Identifier:
keyid:59:AF:C9:FA:EE:4F:43:59:A2:86:AF:E5:D0:76:85:25:95:83:42:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wa_J-u5PQ1mihq_l0HaFJZWDQrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/1b4dfa-c0de-44a8-9fc5-5f44537e72a5/1/mb9ZpAHKS4sP1_GzpHlsoE1NSOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/1b4dfa-c0de-44a8-9fc5-5f44537e72a5/1/Wa_J-u5PQ1mihq_l0HaFJZWDQrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.60.0/22
IPv6:
2a05:ef40::/29
Signature Algorithm: sha256WithRSAEncryption
91:43:1a:a0:44:aa:9c:2b:6b:7b:03:11:c1:8a:f3:7f:66:5d:
da:d2:71:b6:5b:a3:08:5d:bb:bb:1f:53:74:b1:0f:53:de:27:
d9:5c:95:51:32:01:7c:c7:f3:ed:79:52:e5:e6:3b:d4:50:ad:
26:52:e1:1d:9a:12:82:fe:20:bc:1a:c4:87:9e:d3:e6:75:f6:
c3:12:aa:02:df:b0:c0:6e:4c:c1:ed:50:f6:16:a5:f6:0f:b0:
35:bb:62:0f:74:8a:41:a9:94:f3:ea:6e:2d:ed:24:7a:43:56:
e8:d9:b7:1f:99:53:7d:35:0a:4d:30:2d:ca:4a:45:ba:0c:ee:
7d:0a:dd:c9:1d:65:02:f4:07:77:7b:ad:03:4e:7f:cb:68:ef:
74:72:73:be:e4:02:d2:fc:95:93:98:16:2e:b2:b6:9a:36:34:
91:6a:7d:92:61:e5:af:03:fe:e4:21:74:86:9e:ae:1c:b9:96:
8a:2b:96:69:d7:ac:cf:d4:a0:74:60:c6:1e:ee:bf:3b:a7:8e:
58:fa:a7:f9:2b:8f:b8:be:36:07:46:96:f2:32:83:b8:d2:f7:
99:24:b3:e4:4a:13:67:f8:92:4c:af:81:53:c8:ba:a5:20:87:
af:ca:7f:11:a7:0b:8f:65:a4:32:9c:27:9e:ca:e3:05:c9:d7:
31:be:bc:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr5ZpC9eb2C+A2l/kp3HtXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YWZjOWZhZWU0ZjQzNTlhMjg2YWZlNWQwNzY4NTI1OTU4
MzQyYjUwHhcNMjMwMTAxMDU1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWJmNTlhNDAxY2E0YjhiMGZkN2YxYjNhNDc5NmNhMDRkNGQ0OGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEK2UsQBKq6IauCG4g27wnqCj6mc
7neQ4m2xU9EIvU8UDXU1hZfNVgzyXQM5CcZua+b6OCeoEaNnoNubgoH1yWyktK+h
jSY3KWlcwt2hNgD4u47AOUPoQZxm2EHhzLp9UFXOkUNdHCW1DpUXMnTO0IZjaKa5
lYstGguzlSs1EZtjyZZozDcd4P1q8IG5rwSHKvvajOOFJM4edq+J/V2iACXBOEj4
41PTUwDn2X8jzWfP0KH29ou86xXtAj39GwxeUpdUqhjgda7G5ght2i6O4fTzLcPj
yTVXPDU51m6zUk45/FGAcW/w1Wi0MbW9LlRvVPAaCfZAf3aAFvyvJJbM2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJm/WaQBykuLD9fxs6R5bKBNTUjoMB8GA1UdIwQY
MBaAFFmvyfruT0NZooav5dB2hSWVg0K1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2FfSi11NVBRMW1paHFfbDBIYUZKWldEUXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8xYjRkZmEtYzBkZS00NGE4LTlmYzUt
NWY0NDUzN2U3MmE1LzEvbWI5WnBBSEtTNHNQMV9HenBIbHNvRTFOU09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8xYjRkZmEtYzBkZS00NGE4LTlmYzUtNWY0NDUzN2U3MmE1
LzEvV2FfSi11NVBRMW1paHFfbDBIYUZKWldEUXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVw8MA0E
AgACMAcDBQMqBe9AMA0GCSqGSIb3DQEBCwUAA4IBAQCRQxqgRKqcK2t7AxHBivN/
Zl3a0nG2W6MIXbu7H1N0sQ9T3ifZXJVRMgF8x/PteVLl5jvUUK0mUuEdmhKC/iC8
GsSHntPmdfbDEqoC37DAbkzB7VD2FqX2D7A1u2IPdIpBqZTz6m4t7SR6Q1bo2bcf
mVN9NQpNMC3KSkW6DO59Ct3JHWUC9Ad3e60DTn/LaO90cnO+5ALS/JWTmBYusraa
NjSRan2SYeWvA/7kIXSGnq4cuZaKK5Zp16zP1KB0YMYe7r87p45Y+qf5K4+4vjYH
RpbyMoO40veZJLPkShNn+JJMr4FTyLqlIIevyn8RpwuPZaQynCeeyuMFydcxvrzD
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:24:00 2025 by rpki-client