Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/MtEXuCqg99HVm7hOcze0dpfZnnA.roa
File: MtEXuCqg99HVm7hOcze0dpfZnnA.roa (raw, json)
Hash identifier: v4OV8k6jle5YXYAyVQPb6Y7fX/rpt753RwiXmbTJrIg=
Subject key identifier: 32:D1:17:B8:2A:A0:F7:D1:D5:9B:B8:4E:73:37:B4:76:97:D9:9E:70
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 0192961A7FC6500D3C411687C2446A1E16DB
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/MtEXuCqg99HVm7hOcze0dpfZnnA.roa
Signing time: Wed 16 Oct 2024 16:12:51 +0000
ROA not before: Wed 16 Oct 2024 16:12:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51713
IP address blocks: 77.95.113.0/24 maxlen: 24
192.250.224.0/24 maxlen: 24
192.250.234.0/24 maxlen: 24
192.250.239.0/24 maxlen: 24
195.250.23.0/24 maxlen: 24
198.38.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:96:1a:7f:c6:50:0d:3c:41:16:87:c2:44:6a:1e:16:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Oct 16 16:12:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32d117b82aa0f7d1d59bb84e7337b47697d99e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:01:18:64:f2:c6:45:28:92:b2:b8:8c:24:b7:
4d:7e:5e:ec:8f:98:b8:1b:a2:9c:df:2a:22:93:25:
ac:6e:51:89:b1:15:38:b5:e0:fe:0e:54:c7:ae:e6:
b5:75:81:76:b4:53:1b:da:cc:cc:10:90:c0:7f:98:
70:90:b6:81:53:f6:56:60:69:f6:80:59:1a:e0:91:
e6:b2:63:7e:d8:89:e9:ac:ea:ca:fd:b7:ca:c6:c9:
ed:f2:5e:a3:9c:2c:92:33:ea:c8:f9:0c:4f:74:c2:
7d:60:0a:eb:14:5f:f1:27:e0:5f:ad:be:5e:09:a0:
98:3e:1f:91:77:50:3a:df:40:af:ad:c4:ee:50:86:
f5:d5:b5:ad:0b:3f:6c:90:17:be:5d:d1:a3:3a:f6:
c3:df:12:60:94:63:59:dd:f1:c9:5a:20:68:84:d8:
89:02:83:ad:d7:37:83:e8:e4:2b:24:eb:79:98:ed:
95:43:f3:f2:30:e3:3b:10:fa:73:26:3c:eb:5d:7e:
af:18:41:59:94:b6:d6:c7:6c:45:fd:fd:26:79:e3:
7a:3f:26:a5:79:85:32:99:c8:ed:05:0c:b2:76:62:
75:25:f2:c5:36:d4:6f:2e:d3:a5:15:0b:81:dc:da:
a2:fa:4e:c1:c4:6b:93:84:61:64:23:2a:b1:f2:85:
0f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D1:17:B8:2A:A0:F7:D1:D5:9B:B8:4E:73:37:B4:76:97:D9:9E:70
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/MtEXuCqg99HVm7hOcze0dpfZnnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.113.0/24
192.250.224.0/24
192.250.234.0/24
192.250.239.0/24
195.250.23.0/24
198.38.80.0/24
Signature Algorithm: sha256WithRSAEncryption
32:e0:6a:ad:cb:39:d2:1e:ab:71:2d:90:dc:7b:d9:c6:01:18:
d1:83:ce:41:aa:fc:4a:35:4a:50:5d:e4:18:1a:4b:10:95:fe:
72:87:21:6d:29:ed:60:11:20:38:8a:6d:55:2a:80:11:5f:6e:
eb:30:1c:70:d2:91:79:73:57:0b:3f:07:0b:b4:f4:47:fc:8e:
1a:85:a9:b5:8f:74:a3:1f:56:8b:c9:6f:86:3b:30:56:30:07:
83:ac:42:0e:af:9a:49:dc:cb:0d:4f:0e:50:7f:0c:f9:a5:2e:
29:c5:d4:bd:82:82:a4:9e:c6:ad:09:9f:3c:a4:2e:aa:7a:5a:
cf:2f:3e:fe:fb:6b:e4:2e:5e:e3:b9:77:85:16:1b:97:3b:b9:
8f:61:29:20:cf:1d:68:4f:5f:76:bb:e4:90:7a:58:a1:fa:af:
15:8d:99:0c:dd:4d:c6:69:d8:c2:ff:d2:f0:3b:bd:58:af:b0:
aa:05:9a:86:61:42:d7:5d:3b:db:c5:0e:6b:e1:8a:19:5e:fe:
fb:d1:a0:3a:92:75:ea:e0:da:78:df:e2:a7:0d:ec:e4:7e:25:
7c:77:71:2d:b6:45:c6:34:be:94:fc:06:6c:e9:1f:5c:a7:ff:
23:5b:eb:6d:88:5d:c6:0d:f7:2e:29:0c:4b:30:20:98:34:7f:
b6:e9:e8:44
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZKWGn/GUA08QRaHwkRqHhbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQxMDE2MTYxMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQxMTdiODJhYTBmN2QxZDU5YmI4NGU3MzM3YjQ3Njk3ZDk5ZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAEYZPLGRSiSsriMJLdNfl7sj5i4
G6Kc3yoikyWsblGJsRU4teD+DlTHrua1dYF2tFMb2szMEJDAf5hwkLaBU/ZWYGn2
gFka4JHmsmN+2InprOrK/bfKxsnt8l6jnCySM+rI+QxPdMJ9YArrFF/xJ+Bfrb5e
CaCYPh+Rd1A630CvrcTuUIb11bWtCz9skBe+XdGjOvbD3xJglGNZ3fHJWiBohNiJ
AoOt1zeD6OQrJOt5mO2VQ/PyMOM7EPpzJjzrXX6vGEFZlLbWx2xF/f0meeN6Pyal
eYUymcjtBQyydmJ1JfLFNtRvLtOlFQuB3Nqi+k7BxGuThGFkIyqx8oUPnwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDLRF7gqoPfR1Zu4TnM3tHaX2Z5wMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvTXRFWHVDcWc5OUhWbTdoT2N6ZTBkcGZabm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATV9xAwQA
wPrgAwQAwPrqAwQAwPrvAwQAw/oXAwQAxiZQMA0GCSqGSIb3DQEBCwUAA4IBAQAy
4GqtyznSHqtxLZDce9nGARjRg85BqvxKNUpQXeQYGksQlf5yhyFtKe1gESA4im1V
KoARX27rMBxw0pF5c1cLPwcLtPRH/I4aham1j3SjH1aLyW+GOzBWMAeDrEIOr5pJ
3MsNTw5Qfwz5pS4pxdS9goKknsatCZ88pC6qelrPLz7++2vkLl7juXeFFhuXO7mP
YSkgzx1oT192u+SQelih+q8VjZkM3U3GadjC/9LwO71Yr7CqBZqGYULXXTvbxQ5r
4YoZXv770aA6knXq4Np43+KnDezkfiV8d3EttkXGNL6U/AZs6R9cp/8jW+ttiF3G
DfcuKQxLMCCYNH+26ehE
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:06:24 2025 by rpki-client