Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/Mkl44sEh_I1NJhSRpZogcHN-KpQ.roa
File: Mkl44sEh_I1NJhSRpZogcHN-KpQ.roa (raw, json)
Hash identifier: UFBdvkUQHMElnZ7pMex1cDJSyxO3mce2NK6vzaKBwPg=
Subject key identifier: 32:49:78:E2:C1:21:FC:8D:4D:26:14:91:A5:9A:20:70:73:7E:2A:94
Certificate issuer: /CN=f278acbcc46f133efd393f51160fdbb7607e1e16
Certificate serial: 01941FFAAAC9A8686D603B2570D66EE4D6F2
Authority key identifier: F2:78:AC:BC:C4:6F:13:3E:FD:39:3F:51:16:0F:DB:B7:60:7E:1E:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nisvMRvEz79OT9RFg_bt2B-HhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/Mkl44sEh_I1NJhSRpZogcHN-KpQ.roa
Signing time: Wed 01 Jan 2025 03:48:28 +0000
ROA not before: Wed 01 Jan 2025 03:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208596
IP address blocks: 185.191.248.0/22 maxlen: 22
185.191.248.0/23 maxlen: 23
185.191.250.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:aa:c9:a8:68:6d:60:3b:25:70:d6:6e:e4:d6:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f278acbcc46f133efd393f51160fdbb7607e1e16
Validity
Not Before: Jan 1 03:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=324978e2c121fc8d4d261491a59a2070737e2a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:23:f0:4f:0d:df:4f:50:4f:88:61:97:b1:64:
33:8e:04:ed:1d:eb:13:93:f1:6a:ba:d7:5d:17:14:
67:fc:37:6a:53:91:21:89:37:ce:6c:8b:4c:60:bc:
12:1c:55:2e:52:b6:e2:81:70:04:76:39:97:63:54:
d2:7a:7b:8d:9d:bc:0d:79:47:52:57:90:3e:8a:f5:
9a:46:f7:89:1a:41:f9:e9:29:bc:df:de:86:65:0b:
2f:cd:9f:ee:d6:9f:88:64:50:f4:3c:e9:6b:35:ac:
7b:82:ca:99:92:97:76:68:28:5d:86:04:8a:de:c1:
40:a7:92:3d:96:24:0e:37:8c:51:ef:5f:2c:94:d7:
34:b0:18:b2:0a:aa:bc:9e:e0:d3:7e:bb:f2:93:e1:
1d:cd:bc:cd:3e:7f:10:12:f7:1c:e3:48:1c:1f:94:
34:30:74:29:a2:ee:89:f9:9f:5d:e6:f1:cf:23:8d:
13:89:bf:11:19:8b:26:f2:ef:60:54:50:03:2a:50:
fd:0b:87:b6:30:24:32:3b:bb:83:11:30:d9:77:c9:
f4:36:32:bf:eb:2f:23:c5:d1:6b:49:a6:60:1f:4a:
56:6f:0b:e5:ca:57:07:df:55:86:ac:91:51:66:6a:
88:ee:51:db:7a:67:d9:f9:08:fa:ff:06:46:0c:c5:
00:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:49:78:E2:C1:21:FC:8D:4D:26:14:91:A5:9A:20:70:73:7E:2A:94
X509v3 Authority Key Identifier:
keyid:F2:78:AC:BC:C4:6F:13:3E:FD:39:3F:51:16:0F:DB:B7:60:7E:1E:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nisvMRvEz79OT9RFg_bt2B-HhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/Mkl44sEh_I1NJhSRpZogcHN-KpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/8nisvMRvEz79OT9RFg_bt2B-HhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.248.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:5e:d1:03:ad:03:b2:00:77:0e:4d:2b:57:bb:e9:a7:93:a4:
4c:29:89:10:a5:fb:d8:e0:64:42:93:8c:86:b0:3d:8c:1e:fc:
60:b2:34:e6:a0:3c:c7:21:aa:3d:21:2d:91:35:d9:38:90:b4:
b7:29:71:0a:1a:66:37:17:a2:58:c9:00:20:9a:06:55:0a:9d:
c2:71:38:9b:39:c9:4c:4c:ef:db:12:b1:39:55:a1:7c:f5:0c:
5e:bb:23:01:85:05:ef:38:e8:5c:2c:08:cb:0a:cc:72:1c:3e:
40:d7:17:10:2d:69:4e:bc:ab:26:58:c1:fc:c3:12:2c:5e:77:
4e:5d:f1:f3:b9:ba:18:40:49:75:21:fa:23:78:ec:18:df:d6:
47:ec:a7:79:17:2e:88:56:2b:97:77:f4:10:cc:f8:28:25:2d:
f8:ad:62:89:3d:5d:41:54:61:63:b5:9e:8f:d4:fe:78:bb:f2:
30:52:cb:85:6c:54:43:f0:6b:df:ed:d7:08:ba:b9:2e:d9:45:
bf:6d:ac:57:e7:9c:02:e7:c0:07:4f:04:0b:85:7c:73:59:c7:
bd:45:2d:9e:58:e2:b0:bf:62:30:04:58:63:e8:75:bb:0a:49:
7d:16:03:a3:fb:90:ba:93:b2:f8:ec:18:c7:15:ae:39:58:61:
6b:9b:19:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qrJqGhtYDslcNZu5NbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNzhhY2JjYzQ2ZjEzM2VmZDM5M2Y1MTE2MGZkYmI3NjA3
ZTFlMTYwHhcNMjUwMTAxMDM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQ5NzhlMmMxMjFmYzhkNGQyNjE0OTFhNTlhMjA3MDczN2UyYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCPwTw3fT1BPiGGXsWQzjgTtHesT
k/FqutddFxRn/DdqU5EhiTfObItMYLwSHFUuUrbigXAEdjmXY1TSenuNnbwNeUdS
V5A+ivWaRveJGkH56Sm8396GZQsvzZ/u1p+IZFD0POlrNax7gsqZkpd2aChdhgSK
3sFAp5I9liQON4xR718slNc0sBiyCqq8nuDTfrvyk+EdzbzNPn8QEvcc40gcH5Q0
MHQpou6J+Z9d5vHPI40Tib8RGYsm8u9gVFADKlD9C4e2MCQyO7uDETDZd8n0NjK/
6y8jxdFrSaZgH0pWbwvlylcH31WGrJFRZmqI7lHbemfZ+Qj6/wZGDMUAxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJJeOLBIfyNTSYUkaWaIHBzfiqUMB8GA1UdIwQY
MBaAFPJ4rLzEbxM+/Tk/URYP27dgfh4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG5pc3ZNUnZFejc5T1Q5UkZnX2J0MkItSGhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MzcyNjctYjI0My00NjU3LTk5ZmYt
OTRiNTE0NDMzYzExLzEvTWtsNDRzRWhfSTFOSmhTUnBab2djSE4tS3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MzcyNjctYjI0My00NjU3LTk5ZmYtOTRiNTE0NDMzYzEx
LzEvOG5pc3ZNUnZFejc5T1Q5UkZnX2J0MkItSGhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub/4MA0G
CSqGSIb3DQEBCwUAA4IBAQBKXtEDrQOyAHcOTStXu+mnk6RMKYkQpfvY4GRCk4yG
sD2MHvxgsjTmoDzHIao9IS2RNdk4kLS3KXEKGmY3F6JYyQAgmgZVCp3CcTibOclM
TO/bErE5VaF89QxeuyMBhQXvOOhcLAjLCsxyHD5A1xcQLWlOvKsmWMH8wxIsXndO
XfHzuboYQEl1IfojeOwY39ZH7Kd5Fy6IViuXd/QQzPgoJS34rWKJPV1BVGFjtZ6P
1P54u/IwUsuFbFRD8Gvf7dcIurku2UW/baxX55wC58AHTwQLhXxzWce9RS2eWOKw
v2IwBFhj6HW7Ckl9FgOj+5C6k7L47BjHFa45WGFrmxk6
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:04 2025 by rpki-client