Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/45beb4-9d55-4262-99c1-e8a5784734bb/1/mWVrtdocog3hlm-mzPkd_MMcpE8.roa
File: mWVrtdocog3hlm-mzPkd_MMcpE8.roa (raw, json)
Hash identifier: bOQLY16k9G0Pk4hVlENInXVecxKNVITv+arXnhHW73c=
Subject key identifier: 99:65:6B:B5:DA:1C:A2:0D:E1:96:6F:A6:CC:F9:1D:FC:C3:1C:A4:4F
Certificate issuer: /CN=0b1c467eb9408b11d06f1f67e5a9cc423c39ac2f
Certificate serial: 018572A806C450DD4FCA92A378ED25CCE961
Authority key identifier: 0B:1C:46:7E:B9:40:8B:11:D0:6F:1F:67:E5:A9:CC:42:3C:39:AC:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxxGfrlAixHQbx9n5anMQjw5rC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/45beb4-9d55-4262-99c1-e8a5784734bb/1/mWVrtdocog3hlm-mzPkd_MMcpE8.roa
Signing time: Mon 02 Jan 2023 13:24:52 +0000
ROA not before: Mon 02 Jan 2023 13:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 185.167.76.0/24 maxlen: 24
185.167.77.0/24 maxlen: 24
2a0b:4e00::/48 maxlen: 48
2a0b:4e00:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a8:06:c4:50:dd:4f:ca:92:a3:78:ed:25:cc:e9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1c467eb9408b11d06f1f67e5a9cc423c39ac2f
Validity
Not Before: Jan 2 13:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99656bb5da1ca20de1966fa6ccf91dfcc31ca44f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1f:e7:62:1f:95:6b:ee:e1:ad:4e:7d:b4:e1:
69:fd:4b:43:66:96:d4:f6:bf:e9:08:05:9c:cb:84:
47:98:76:1c:30:5f:c5:75:34:a3:74:e0:47:79:8b:
c9:0f:f9:f6:48:a9:de:4f:b5:c7:c7:41:f3:08:d0:
66:88:b7:0c:a2:13:ad:b2:7e:69:0c:b8:7b:c2:b7:
b6:cc:e4:26:3f:60:d5:ae:6d:8b:2c:70:ee:0b:bb:
a3:1a:62:69:6a:b6:be:a3:cd:95:05:bc:0c:d5:c4:
02:ab:67:0a:a0:2a:0b:3b:75:26:65:86:41:a7:1b:
8b:e4:d8:79:7c:1e:88:60:b2:a1:fd:8c:49:60:b9:
59:e0:4f:b1:36:3f:a4:6c:d0:4d:fb:40:a8:20:64:
c4:c4:0a:48:b6:4c:55:8f:07:e0:9e:9d:d6:81:b3:
da:82:1c:2c:d3:9f:c0:d7:48:71:90:32:34:3a:89:
44:99:51:c6:68:40:fe:04:6d:e6:4d:a2:17:d2:54:
b6:97:4f:f0:94:f3:f4:7f:14:b6:2a:d8:be:9e:80:
2a:a3:e3:9e:96:d1:bc:91:47:24:86:ed:84:80:75:
13:66:3e:ff:61:d0:a2:4f:05:0d:52:2d:b6:45:3f:
a2:ac:ec:d6:9f:4a:7e:19:00:4d:12:d1:46:93:08:
82:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:65:6B:B5:DA:1C:A2:0D:E1:96:6F:A6:CC:F9:1D:FC:C3:1C:A4:4F
X509v3 Authority Key Identifier:
keyid:0B:1C:46:7E:B9:40:8B:11:D0:6F:1F:67:E5:A9:CC:42:3C:39:AC:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxxGfrlAixHQbx9n5anMQjw5rC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/45beb4-9d55-4262-99c1-e8a5784734bb/1/mWVrtdocog3hlm-mzPkd_MMcpE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/45beb4-9d55-4262-99c1-e8a5784734bb/1/CxxGfrlAixHQbx9n5anMQjw5rC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.76.0/23
IPv6:
2a0b:4e00::/47
Signature Algorithm: sha256WithRSAEncryption
5c:f2:5b:1f:c8:8c:91:6b:c3:1c:0d:da:b9:6b:f1:4d:5f:18:
b7:91:2d:7c:c2:8f:11:65:de:d5:fd:2d:bf:6c:2a:33:0a:d7:
24:94:81:1e:eb:32:e8:f0:f1:ee:aa:38:99:a6:93:a2:0a:cd:
57:99:9c:b4:ce:40:39:27:aa:dd:10:cb:ca:58:d1:b7:57:c9:
55:0f:00:aa:79:4a:09:1b:27:c3:85:1b:eb:15:dd:0a:f4:bc:
52:e1:64:01:6b:06:57:60:53:d8:90:c6:a1:32:a3:f2:8d:2d:
e7:72:91:9c:0d:b0:82:f8:68:85:bc:15:61:95:aa:23:af:ae:
32:e4:26:41:fb:1e:ec:4c:78:6f:a7:34:86:f6:9e:6c:35:5b:
80:61:e9:6b:05:8a:2d:97:b6:f0:f4:bd:b9:ed:e4:16:9f:2b:
95:f4:86:f4:0b:6d:7c:62:61:fc:4f:61:3d:c7:2a:2f:a6:13:
9a:38:ce:d2:27:07:c9:7a:60:f6:b2:9d:3f:97:c2:74:99:3b:
3e:30:56:03:1e:45:05:ab:4c:ff:4e:d2:62:4e:80:5b:8f:2e:
92:b5:87:8f:9c:4f:10:34:4c:50:af:c6:f5:39:80:87:f0:be:
9d:cd:20:98:d4:ed:74:35:59:61:30:8b:33:21:f6:79:64:57:
ea:e7:3b:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyqAbEUN1PypKjeO0lzOlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWM0NjdlYjk0MDhiMTFkMDZmMWY2N2U1YTljYzQyM2Mz
OWFjMmYwHhcNMjMwMTAyMTMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTY1NmJiNWRhMWNhMjBkZTE5NjZmYTZjY2Y5MWRmY2MzMWNhNDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiB/nYh+Va+7hrU59tOFp/UtDZpbU
9r/pCAWcy4RHmHYcMF/FdTSjdOBHeYvJD/n2SKneT7XHx0HzCNBmiLcMohOtsn5p
DLh7wre2zOQmP2DVrm2LLHDuC7ujGmJpara+o82VBbwM1cQCq2cKoCoLO3UmZYZB
pxuL5Nh5fB6IYLKh/YxJYLlZ4E+xNj+kbNBN+0CoIGTExApItkxVjwfgnp3WgbPa
ghws05/A10hxkDI0OolEmVHGaED+BG3mTaIX0lS2l0/wlPP0fxS2Kti+noAqo+Oe
ltG8kUckhu2EgHUTZj7/YdCiTwUNUi22RT+irOzWn0p+GQBNEtFGkwiCIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJlla7XaHKIN4ZZvpsz5HfzDHKRPMB8GA1UdIwQY
MBaAFAscRn65QIsR0G8fZ+WpzEI8OawvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3h4R2ZybEFpeEhRYng5bjVhbk1Ranc1ckM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi80NWJlYjQtOWQ1NS00MjYyLTk5YzEt
ZThhNTc4NDczNGJiLzEvbVdWcnRkb2NvZzNobG0tbXpQa2RfTU1jcEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi80NWJlYjQtOWQ1NS00MjYyLTk5YzEtZThhNTc4NDczNGJi
LzEvQ3h4R2ZybEFpeEhRYng5bjVhbk1Ranc1ckM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuadMMA8E
AgACMAkDBwEqC04AAAAwDQYJKoZIhvcNAQELBQADggEBAFzyWx/IjJFrwxwN2rlr
8U1fGLeRLXzCjxFl3tX9Lb9sKjMK1ySUgR7rMujw8e6qOJmmk6IKzVeZnLTOQDkn
qt0Qy8pY0bdXyVUPAKp5SgkbJ8OFG+sV3Qr0vFLhZAFrBldgU9iQxqEyo/KNLedy
kZwNsIL4aIW8FWGVqiOvrjLkJkH7HuxMeG+nNIb2nmw1W4Bh6WsFii2XtvD0vbnt
5BafK5X0hvQLbXxiYfxPYT3HKi+mE5o4ztInB8l6YPaynT+XwnSZOz4wVgMeRQWr
TP9O0mJOgFuPLpK1h4+cTxA0TFCvxvU5gIfwvp3NIJjU7XQ1WWEwizMh9nlkV+rn
Ow8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:49 2025 by rpki-client