Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/mP0KR8qjiNVVziS_navTGUPwqiA.roa
File: mP0KR8qjiNVVziS_navTGUPwqiA.roa (raw, json)
Hash identifier: xZa0pPgGKaK3igZY01F/k1ukXOLEVZhp0AOMi/bszSk=
Subject key identifier: 98:FD:0A:47:CA:A3:88:D5:55:CE:24:BF:9D:AB:D3:19:43:F0:AA:20
Certificate issuer: /CN=65226ee5ea0406592df975c6f4c84f10f14d15cb
Certificate serial: 0194228D501FB8EFA535F9ABD5863BD60F16
Authority key identifier: 65:22:6E:E5:EA:04:06:59:2D:F9:75:C6:F4:C8:4F:10:F1:4D:15:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/mP0KR8qjiNVVziS_navTGUPwqiA.roa
Signing time: Wed 01 Jan 2025 15:47:53 +0000
ROA not before: Wed 01 Jan 2025 15:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201422
IP address blocks: 185.75.128.0/22 maxlen: 22
185.75.128.0/24 maxlen: 24
185.75.129.0/24 maxlen: 24
2a03:4d24::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:50:1f:b8:ef:a5:35:f9:ab:d5:86:3b:d6:0f:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65226ee5ea0406592df975c6f4c84f10f14d15cb
Validity
Not Before: Jan 1 15:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98fd0a47caa388d555ce24bf9dabd31943f0aa20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1c:6f:c5:0a:1f:8c:94:17:92:ee:b1:d0:63:
11:99:12:24:59:e0:c8:ec:ee:07:e3:a0:21:33:16:
4a:2b:35:70:61:48:68:32:9d:12:93:5f:1f:66:0b:
27:70:60:5d:15:6a:f8:b9:9d:b8:f0:01:32:f8:61:
c0:63:f0:63:3d:7a:1e:67:4a:a0:9c:11:d8:34:34:
41:59:32:7a:ac:d6:de:26:f6:23:54:25:3e:06:a4:
d0:22:8a:52:18:98:32:ac:34:a6:a8:2a:8c:8c:63:
1d:bb:c2:e9:d5:1e:72:ff:b3:f4:ad:db:9a:ba:d6:
a4:f0:09:7d:fa:a5:5a:f3:f2:98:5e:6d:15:53:a1:
31:75:fa:c8:f4:b2:01:3f:c1:08:47:82:18:26:b5:
fd:9b:0f:25:ff:da:ba:d4:c3:f3:d9:e1:26:1b:e7:
30:c1:8c:d7:44:67:88:ee:9e:83:71:9e:c0:cb:a5:
6e:5b:14:17:da:f2:e2:2b:04:13:5d:8a:c6:07:09:
6b:80:dd:88:99:43:07:fd:b7:68:8c:be:95:91:1e:
36:17:78:ab:48:73:cd:82:99:ad:8f:c1:aa:a3:62:
af:0e:07:dd:02:2c:7b:31:b0:42:f2:32:ef:2e:71:
0c:b9:78:02:ca:da:df:54:cc:37:10:29:ed:78:f3:
43:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FD:0A:47:CA:A3:88:D5:55:CE:24:BF:9D:AB:D3:19:43:F0:AA:20
X509v3 Authority Key Identifier:
keyid:65:22:6E:E5:EA:04:06:59:2D:F9:75:C6:F4:C8:4F:10:F1:4D:15:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/mP0KR8qjiNVVziS_navTGUPwqiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.128.0/22
IPv6:
2a03:4d24::/32
Signature Algorithm: sha256WithRSAEncryption
12:b0:ac:23:b5:ac:d6:4d:94:4f:d6:8c:2d:28:c2:45:44:1f:
31:2f:77:9c:b5:b0:11:c1:fa:36:3d:1c:51:6e:5e:79:75:5a:
ae:72:38:9e:93:a1:d4:69:5a:39:ec:04:49:48:21:dc:34:b7:
3a:f9:bd:20:8c:a5:c2:03:03:3e:e1:da:05:59:d8:cb:c7:43:
12:a8:72:51:30:59:d5:64:1b:df:51:73:3f:75:a0:69:1d:4e:
bc:4d:69:65:f5:2a:34:6a:63:82:9a:52:e5:52:8f:83:09:20:
a0:fb:f8:47:14:4a:09:91:c2:47:ef:38:c6:92:c2:6b:8a:ce:
3f:6e:a2:b9:df:dd:44:a6:b6:2f:2a:0a:57:6a:a9:89:9c:e6:
30:a1:36:ee:3a:75:06:cb:e0:bb:80:bc:bb:75:95:b5:77:9d:
05:89:00:55:8d:e6:bc:77:18:2c:ac:13:d9:8f:90:6b:c2:55:
25:71:c1:50:fd:09:7f:e3:38:62:d0:f6:db:b6:75:14:34:b8:
53:d6:12:46:63:ec:2a:f3:df:b3:e9:ec:8e:ce:51:24:ff:1d:
91:9a:9a:1e:a3:c8:17:67:cd:16:c0:7b:6e:8f:13:72:db:9c:
04:21:b4:95:05:a0:31:de:eb:f3:f5:ac:1a:71:67:55:fb:f6:
13:d1:88:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijVAfuO+lNfmr1YY71g8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MjI2ZWU1ZWEwNDA2NTkyZGY5NzVjNmY0Yzg0ZjEwZjE0
ZDE1Y2IwHhcNMjUwMTAxMTU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGZkMGE0N2NhYTM4OGQ1NTVjZTI0YmY5ZGFiZDMxOTQzZjBhYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRxvxQofjJQXku6x0GMRmRIkWeDI
7O4H46AhMxZKKzVwYUhoMp0Sk18fZgsncGBdFWr4uZ248AEy+GHAY/BjPXoeZ0qg
nBHYNDRBWTJ6rNbeJvYjVCU+BqTQIopSGJgyrDSmqCqMjGMdu8Lp1R5y/7P0rdua
utak8Al9+qVa8/KYXm0VU6ExdfrI9LIBP8EIR4IYJrX9mw8l/9q61MPz2eEmG+cw
wYzXRGeI7p6DcZ7Ay6VuWxQX2vLiKwQTXYrGBwlrgN2ImUMH/bdojL6VkR42F3ir
SHPNgpmtj8Gqo2KvDgfdAix7MbBC8jLvLnEMuXgCytrfVMw3ECntePNDnwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJj9CkfKo4jVVc4kv52r0xlD8KogMB8GA1UdIwQY
MBaAFGUibuXqBAZZLfl1xvTITxDxTRXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNKdTVlb0VCbGt0LVhYRzlNaFBFUEZORmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81OTRmYTgtZDMxNS00YTM4LWE2MzEt
ZGVjMDI0ODhjMzdjLzEvbVAwS1I4cWppTlZWemlTX25hdlRHVVB3cWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81OTRmYTgtZDMxNS00YTM4LWE2MzEtZGVjMDI0ODhjMzdj
LzEvWlNKdTVlb0VCbGt0LVhYRzlNaFBFUEZORmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUuAMA0E
AgACMAcDBQAqA00kMA0GCSqGSIb3DQEBCwUAA4IBAQASsKwjtazWTZRP1owtKMJF
RB8xL3ectbARwfo2PRxRbl55dVqucjiek6HUaVo57ARJSCHcNLc6+b0gjKXCAwM+
4doFWdjLx0MSqHJRMFnVZBvfUXM/daBpHU68TWll9So0amOCmlLlUo+DCSCg+/hH
FEoJkcJH7zjGksJris4/bqK5391EprYvKgpXaqmJnOYwoTbuOnUGy+C7gLy7dZW1
d50FiQBVjea8dxgsrBPZj5BrwlUlccFQ/Ql/4zhi0PbbtnUUNLhT1hJGY+wq89+z
6eyOzlEk/x2Rmpoeo8gXZ80WwHtujxNy25wEIbSVBaAx3uvz9awacWdV+/YT0Yji
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:18 2025 by rpki-client