Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/mBRybgbi4l5b1TP10WGTYjfaScE.roa
File: mBRybgbi4l5b1TP10WGTYjfaScE.roa (raw, json)
Hash identifier: MBt1Iccqknodtznd1X0GEa7lHxtAV1JRhF2BklW2OFs=
Subject key identifier: 98:14:72:6E:06:E2:E2:5E:5B:D5:33:F5:D1:61:93:62:37:DA:49:C1
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 019576B70253AC18122D81901D542FEF0837
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/mBRybgbi4l5b1TP10WGTYjfaScE.roa
Signing time: Sat 08 Mar 2025 17:04:19 +0000
ROA not before: Sat 08 Mar 2025 17:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 45.43.66.0/24 maxlen: 24
87.239.249.0/24 maxlen: 24
87.239.252.0/24 maxlen: 24
107.181.147.0/24 maxlen: 24
107.181.151.0/24 maxlen: 24
107.181.155.0/24 maxlen: 24
198.105.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:76:b7:02:53:ac:18:12:2d:81:90:1d:54:2f:ef:08:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Mar 8 17:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9814726e06e2e25e5bd533f5d161936237da49c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:14:8a:6e:c7:fb:93:18:9d:69:c3:9b:79:fc:
0f:cf:a1:86:15:60:c1:05:55:65:3d:07:05:f6:47:
bd:cf:0a:51:e9:51:c9:1d:16:d1:91:16:6e:8d:f2:
1e:5f:8e:07:ca:11:ea:61:0d:d0:f4:69:91:4b:ce:
8a:e9:0e:cc:d3:76:eb:6b:45:32:bf:0b:98:3f:af:
19:f7:d4:e0:b3:08:c7:58:3e:36:e6:43:ef:da:7a:
ab:b9:6a:da:5b:56:2a:3c:b2:76:cf:41:23:d1:85:
7a:a0:ce:40:d7:4f:94:ba:30:4e:ea:d3:b4:d1:e1:
34:f1:70:2a:36:53:5e:13:3c:1e:d8:6b:67:8d:3b:
e3:e4:55:96:b7:f3:7c:d5:78:d2:4f:f1:73:b0:60:
7d:ee:54:8b:35:e7:16:3f:bb:2f:f4:ba:9f:04:e4:
14:d0:46:17:ab:37:f5:7b:a8:fd:9b:27:14:49:e0:
b8:62:56:93:87:4a:f3:49:61:da:6b:80:6b:f6:c5:
4c:f5:be:15:74:6e:0c:f1:1c:54:fb:29:8c:6c:ff:
3c:96:48:0c:94:8b:4a:93:9e:7c:8b:fc:25:bb:f1:
0a:97:2c:56:01:3a:30:43:e0:0f:9d:ad:28:cd:47:
80:af:3f:9b:59:0a:05:d6:b7:80:b9:26:55:95:7d:
e2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:14:72:6E:06:E2:E2:5E:5B:D5:33:F5:D1:61:93:62:37:DA:49:C1
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/mBRybgbi4l5b1TP10WGTYjfaScE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.66.0/24
87.239.249.0/24
87.239.252.0/24
107.181.147.0/24
107.181.151.0/24
107.181.155.0/24
198.105.118.0/24
Signature Algorithm: sha256WithRSAEncryption
46:fd:1c:93:bf:cf:5e:2e:70:66:3f:96:36:3a:89:c0:75:69:
51:f6:40:0d:82:4f:58:2b:7f:ea:4a:ef:ad:75:30:f9:06:29:
b4:e0:c4:e7:cf:52:d9:d8:00:21:fe:54:15:a7:81:fc:33:fa:
82:5b:06:62:c4:0d:2d:b0:01:08:a0:80:02:73:ce:04:7f:78:
6f:70:89:d4:28:aa:72:56:36:1b:ca:36:ef:c6:cb:cf:44:f7:
44:2e:8c:fc:49:d5:68:6e:0a:da:fd:99:6b:e8:94:1f:5e:b2:
27:55:56:51:a9:07:43:9e:c5:f3:e1:fa:44:93:72:69:3e:c8:
34:71:78:6c:04:ab:00:cd:e0:b1:f1:66:25:23:b2:2b:11:7a:
f5:55:93:1b:18:74:21:55:31:ce:85:c9:85:09:aa:32:d0:3b:
d2:34:e6:a1:4d:3e:6e:a3:e5:ab:73:21:93:7a:f6:0d:cf:e9:
21:60:bc:cc:6c:fa:0e:21:5e:05:23:64:af:dd:ab:5e:25:77:
ee:b7:93:1a:cc:2a:1b:5e:2c:76:6f:a3:eb:19:14:2e:d4:5b:
d3:1d:34:dd:0e:dc:c9:a9:bf:48:bf:46:b9:99:6c:5f:8e:5b:
42:e1:ca:05:92:d3:4e:03:fd:0e:22:79:14:c4:f3:68:db:e4:
7d:27:86:a3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZV2twJTrBgSLYGQHVQv7wg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMzA4MTcwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODE0NzI2ZTA2ZTJlMjVlNWJkNTMzZjVkMTYxOTM2MjM3ZGE0OWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixSKbsf7kxidacObefwPz6GGFWDB
BVVlPQcF9ke9zwpR6VHJHRbRkRZujfIeX44HyhHqYQ3Q9GmRS86K6Q7M03bra0Uy
vwuYP68Z99TgswjHWD425kPv2nqruWraW1YqPLJ2z0Ej0YV6oM5A10+UujBO6tO0
0eE08XAqNlNeEzwe2GtnjTvj5FWWt/N81XjST/FzsGB97lSLNecWP7sv9LqfBOQU
0EYXqzf1e6j9mycUSeC4YlaTh0rzSWHaa4Br9sVM9b4VdG4M8RxU+ymMbP88lkgM
lItKk558i/wlu/EKlyxWATowQ+APna0ozUeArz+bWQoF1reAuSZVlX3iqQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJgUcm4G4uJeW9Uz9dFhk2I32knBMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvbUJSeWJnYmk0bDViMVRQMTBXR1RZamZhU2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALStCAwQA
V+/5AwQAV+/8AwQAa7WTAwQAa7WXAwQAa7WbAwQAxml2MA0GCSqGSIb3DQEBCwUA
A4IBAQBG/RyTv89eLnBmP5Y2OonAdWlR9kANgk9YK3/qSu+tdTD5Bim04MTnz1LZ
2AAh/lQVp4H8M/qCWwZixA0tsAEIoIACc84Ef3hvcInUKKpyVjYbyjbvxsvPRPdE
Loz8SdVobgra/Zlr6JQfXrInVVZRqQdDnsXz4fpEk3JpPsg0cXhsBKsAzeCx8WYl
I7IrEXr1VZMbGHQhVTHOhcmFCaoy0DvSNOahTT5uo+WrcyGTevYNz+khYLzMbPoO
IV4FI2Sv3ateJXfut5MazCobXix2b6PrGRQu1FvTHTTdDtzJqb9Iv0a5mWxfjltC
4coFktNOA/0OInkUxPNo2+R9J4aj
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:12:33 2025 by rpki-client