Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/mxjVTNPICIRYI_rq8_KftOMsSuM.roa
File: mxjVTNPICIRYI_rq8_KftOMsSuM.roa (raw, json)
Hash identifier: OHFR9Mtx7MeyvykDWT8+ZQZnPgmUnyaHb2NrV2ZfpjI=
Subject key identifier: 9B:18:D5:4C:D3:C8:08:84:58:23:FA:EA:F3:F2:9F:B4:E3:2C:4A:E3
Certificate issuer: /CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Certificate serial: 0183A0C8F14E58E25D5982F23B285F7C927A
Authority key identifier: 60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/mxjVTNPICIRYI_rq8_KftOMsSuM.roa
Signing time: Tue 04 Oct 2022 02:17:46 +0000
ROA not before: Tue 04 Oct 2022 02:17:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141718
IP address blocks: 194.120.164.0/24 maxlen: 24
194.120.171.0/24 maxlen: 24
194.120.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a0:c8:f1:4e:58:e2:5d:59:82:f2:3b:28:5f:7c:92:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Validity
Not Before: Oct 4 02:17:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b18d54cd3c808845823faeaf3f29fb4e32c4ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e2:83:e9:10:53:4b:a9:f7:42:0c:65:4e:62:
fe:a5:ce:fc:64:23:66:36:d2:6f:9a:d7:a4:ba:6a:
47:f2:c6:6e:ec:fb:eb:35:b8:5a:8f:42:33:d7:5a:
6f:d4:2e:40:9d:3e:b0:ef:6d:77:0e:07:06:2d:2e:
ad:e6:b6:8c:29:8a:1b:7e:80:92:7b:3a:05:b8:7f:
9a:4f:8b:9e:39:b8:8d:d6:c3:03:7f:f9:ce:88:2d:
65:8e:a7:60:4f:4a:73:d8:c1:4f:56:67:66:f5:77:
f0:36:aa:4a:7d:9d:fa:6e:64:c2:57:a3:e5:6c:97:
19:c1:21:b6:b1:88:ea:68:22:e3:e3:04:1d:81:75:
3e:52:43:a8:6a:38:01:e2:31:c2:39:05:de:aa:e3:
5a:9c:80:d7:7b:b9:d9:e9:b3:36:53:73:49:fa:58:
71:de:af:b0:34:b0:fb:33:39:1f:d4:88:45:60:bf:
b4:8a:49:8f:8e:f9:d0:49:49:d5:00:34:84:8a:b7:
c0:ee:43:4d:5c:62:ad:89:1f:c8:99:53:90:26:e7:
96:77:71:e0:96:c0:7a:43:b4:94:b0:6d:c8:84:e3:
79:15:93:47:ba:31:27:41:32:87:57:5d:db:70:3b:
a3:db:d7:47:da:a2:e6:a6:26:fe:1d:f0:05:e0:0e:
7e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:18:D5:4C:D3:C8:08:84:58:23:FA:EA:F3:F2:9F:B4:E3:2C:4A:E3
X509v3 Authority Key Identifier:
keyid:60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/mxjVTNPICIRYI_rq8_KftOMsSuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.120.144.0/24
194.120.164.0/24
194.120.171.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:1d:9e:dd:d1:c2:66:57:21:ed:85:76:b6:92:8a:bd:24:03:
28:15:53:a3:b6:c1:78:20:40:23:29:6f:28:b9:4e:e9:8c:97:
4e:5a:d1:8f:44:52:14:48:1f:60:89:25:a5:b8:c2:1a:d4:99:
72:65:1e:c7:2a:2d:47:be:36:dd:4c:5f:88:51:0a:39:97:67:
da:9e:af:c3:46:77:24:5a:d8:de:2b:de:c8:df:84:21:b2:40:
5f:1e:e4:05:33:cf:c6:7f:bb:21:47:36:c7:df:a9:5b:fc:b7:
cd:50:b6:e6:55:90:d3:47:55:e5:a8:0e:ba:03:97:2e:17:04:
d9:c1:84:66:20:bb:47:30:00:6b:e3:dc:31:42:0b:42:e0:58:
ac:d2:d2:66:11:28:ef:0e:19:65:ff:f5:dc:ad:8e:f8:3c:7c:
bb:07:72:c9:96:2f:0e:0e:ec:67:17:9f:89:b3:0f:16:79:41:
9b:44:d9:63:94:b5:77:7c:fe:6e:96:59:f2:94:94:15:a4:f0:
65:40:08:0c:b1:9e:6e:12:c3:6d:78:71:9a:da:2a:9a:0d:a7:
ed:12:bc:54:7c:d0:f0:ba:94:0d:52:b1:5b:bf:5e:af:56:fc:
23:62:2c:c2:40:2a:c9:47:c0:05:0c:20:2d:d8:da:6d:0f:85:
4c:12:91:51
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOgyPFOWOJdWYLyOyhffJJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzlhYThiNzFlNTQ4YmQ3NTY1YmE2NjNmYTMyZjdkMWFl
YzQxYWIwHhcNMjIxMDA0MDIxNzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjE4ZDU0Y2QzYzgwODg0NTgyM2ZhZWFmM2YyOWZiNGUzMmM0YWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruKD6RBTS6n3QgxlTmL+pc78ZCNm
NtJvmtekumpH8sZu7PvrNbhaj0Iz11pv1C5AnT6w7213DgcGLS6t5raMKYobfoCS
ezoFuH+aT4ueObiN1sMDf/nOiC1ljqdgT0pz2MFPVmdm9XfwNqpKfZ36bmTCV6Pl
bJcZwSG2sYjqaCLj4wQdgXU+UkOoajgB4jHCOQXequNanIDXe7nZ6bM2U3NJ+lhx
3q+wNLD7Mzkf1IhFYL+0ikmPjvnQSUnVADSEirfA7kNNXGKtiR/ImVOQJueWd3Hg
lsB6Q7SUsG3IhON5FZNHujEnQTKHV13bcDuj29dH2qLmpib+HfAF4A5+QQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJsY1UzTyAiEWCP66vPyn7TjLErjMB8GA1UdIwQY
MBaAFGDJqotx5Ui9dWW6Zj+jL30a7EGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTIt
YzhhY2NlMTU2ZjBkLzEvbXhqVlROUElDSVJZSV9ycThfS2Z0T01zU3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTItYzhhY2NlMTU2ZjBk
LzEvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwniQAwQA
wnikAwQAwnirMA0GCSqGSIb3DQEBCwUAA4IBAQDLHZ7d0cJmVyHthXa2koq9JAMo
FVOjtsF4IEAjKW8ouU7pjJdOWtGPRFIUSB9giSWluMIa1JlyZR7HKi1HvjbdTF+I
UQo5l2fanq/DRnckWtjeK97I34QhskBfHuQFM8/Gf7shRzbH36lb/LfNULbmVZDT
R1XlqA66A5cuFwTZwYRmILtHMABr49wxQgtC4Fis0tJmESjvDhll//XcrY74PHy7
B3LJli8ODuxnF5+Jsw8WeUGbRNljlLV3fP5ullnylJQVpPBlQAgMsZ5uEsNteHGa
2iqaDaftErxUfNDwupQNUrFbv16vVvwjYizCQCrJR8AFDCAt2NptD4VMEpFR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:10 2024 by rpki-client on console-fra.rpki-client.org