Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/MaNg2WPI-q4to7SVp52zO_QNsfw.roa
File: MaNg2WPI-q4to7SVp52zO_QNsfw.roa (raw, json)
Hash identifier: HsUZQaqhFj/mJrXYPb29143giiHL5X0iJfJWhLhO0VU=
Subject key identifier: 31:A3:60:D9:63:C8:FA:AE:2D:A3:B4:95:A7:9D:B3:3B:F4:0D:B1:FC
Certificate issuer: /CN=c2746ccb7e73a9cc30ef04edd7cf16cc1d946894
Certificate serial: 01949EADA09D065BDD9D611BFCF72D969FAB
Authority key identifier: C2:74:6C:CB:7E:73:A9:CC:30:EF:04:ED:D7:CF:16:CC:1D:94:68:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnRsy35zqcww7wTt188WzB2UaJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/MaNg2WPI-q4to7SVp52zO_QNsfw.roa
Signing time: Sat 25 Jan 2025 18:16:06 +0000
ROA not before: Sat 25 Jan 2025 18:16:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209828
IP address blocks: 178.255.218.0/24 maxlen: 24
185.203.67.0/24 maxlen: 24
185.204.187.0/24 maxlen: 24
193.163.88.0/24 maxlen: 24
194.69.162.0/24 maxlen: 24
2a0c:ae80::/29 maxlen: 29
2a10:7cc0::/29 maxlen: 29
2a11:940::/29 maxlen: 29
2a11:1ec0::/29 maxlen: 29
2a12:e440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9e:ad:a0:9d:06:5b:dd:9d:61:1b:fc:f7:2d:96:9f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2746ccb7e73a9cc30ef04edd7cf16cc1d946894
Validity
Not Before: Jan 25 18:16:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31a360d963c8faae2da3b495a79db33bf40db1fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d0:76:39:04:cd:e3:99:82:2e:31:b6:89:3e:
6f:48:fa:b2:0a:46:fc:5e:27:98:1b:4a:1c:e4:f8:
b9:8e:9f:6e:d9:61:6f:0c:7c:db:02:35:85:9a:7d:
56:76:03:4b:b8:ec:6f:c6:ec:17:6d:33:76:fd:b6:
3b:9a:9e:93:c5:ec:85:8d:a6:81:ef:3e:61:5d:f9:
74:60:8e:0a:cf:6e:ff:3a:c9:43:e5:43:b5:a9:5c:
f3:6f:cb:55:cb:cf:aa:12:6e:7a:8d:3f:62:1f:47:
08:ed:dd:b9:60:02:85:b4:7f:11:ab:b4:34:76:6e:
d1:af:59:3a:78:a6:fc:95:73:c4:10:d8:50:8e:6b:
fb:9b:9c:bb:d2:5d:9b:52:68:77:1a:44:d2:9c:ed:
d6:3c:85:55:99:c8:5f:93:d2:a3:cc:50:d9:b2:2c:
37:34:72:03:e5:62:c5:96:27:cf:5d:0e:a8:b5:72:
7e:8d:0d:3c:9c:5c:b7:b0:c0:52:8c:86:92:b1:6d:
5a:30:40:e0:46:b9:7b:d0:67:4f:ab:17:b1:09:fc:
8c:96:9b:2b:de:25:3e:a5:3a:b4:58:6c:ff:e8:c3:
15:6e:d5:ff:dd:a1:a6:77:fe:c3:84:14:8c:ed:a7:
1a:28:ce:68:7f:9a:41:16:97:67:09:3a:62:1d:ec:
67:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A3:60:D9:63:C8:FA:AE:2D:A3:B4:95:A7:9D:B3:3B:F4:0D:B1:FC
X509v3 Authority Key Identifier:
keyid:C2:74:6C:CB:7E:73:A9:CC:30:EF:04:ED:D7:CF:16:CC:1D:94:68:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnRsy35zqcww7wTt188WzB2UaJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/MaNg2WPI-q4to7SVp52zO_QNsfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/wnRsy35zqcww7wTt188WzB2UaJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.218.0/24
185.203.67.0/24
185.204.187.0/24
193.163.88.0/24
194.69.162.0/24
IPv6:
2a0c:ae80::/29
2a10:7cc0::/29
2a11:940::/29
2a11:1ec0::/29
2a12:e440::/29
Signature Algorithm: sha256WithRSAEncryption
59:e9:c8:d1:e3:88:bd:17:80:5f:97:f8:d1:24:ed:98:95:dc:
83:da:6f:b0:d9:18:f4:8a:e6:4d:96:45:0e:59:e0:ba:a8:21:
9c:97:67:c2:85:cd:5f:e6:c7:50:21:ab:18:89:af:ed:9f:ab:
6e:7b:79:da:60:cb:c7:c2:72:c5:60:8e:63:90:66:59:bf:3e:
48:01:e8:1d:8b:a9:32:a2:a7:b3:f8:e6:d8:a2:91:25:21:ee:
3d:3a:30:29:fd:4e:30:53:a2:45:41:6f:ec:86:54:82:f9:30:
14:bf:6b:e1:b9:06:ec:e6:bf:53:e4:e4:11:b1:ad:c5:27:ac:
82:7b:46:8e:67:93:58:b7:e2:5d:44:c3:33:40:cc:12:41:ab:
1e:ac:c5:54:d0:06:92:74:46:e5:2a:b5:08:3e:38:2e:81:a3:
94:a9:6e:ba:c0:05:75:7d:9b:ce:e4:aa:9f:d4:b0:e7:37:5f:
97:a8:37:8d:b4:e3:fe:59:37:fd:e9:25:16:b1:f1:8f:9a:73:
15:25:0d:d2:51:93:0a:1a:9c:e0:83:46:1c:02:98:1d:66:4f:
a0:4d:30:05:10:94:ab:cc:1f:45:b0:56:39:06:e6:63:a2:07:
f1:1e:db:37:ca:1e:ed:87:79:ad:d9:33:7a:d8:0e:59:7e:ef:
68:f4:9d:28
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZSeraCdBlvdnWEb/Pctlp+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzQ2Y2NiN2U3M2E5Y2MzMGVmMDRlZGQ3Y2YxNmNjMWQ5
NDY4OTQwHhcNMjUwMTI1MTgxNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWEzNjBkOTYzYzhmYWFlMmRhM2I0OTVhNzlkYjMzYmY0MGRiMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptB2OQTN45mCLjG2iT5vSPqyCkb8
XieYG0oc5Pi5jp9u2WFvDHzbAjWFmn1WdgNLuOxvxuwXbTN2/bY7mp6TxeyFjaaB
7z5hXfl0YI4Kz27/OslD5UO1qVzzb8tVy8+qEm56jT9iH0cI7d25YAKFtH8Rq7Q0
dm7Rr1k6eKb8lXPEENhQjmv7m5y70l2bUmh3GkTSnO3WPIVVmchfk9KjzFDZsiw3
NHID5WLFlifPXQ6otXJ+jQ08nFy3sMBSjIaSsW1aMEDgRrl70GdPqxexCfyMlpsr
3iU+pTq0WGz/6MMVbtX/3aGmd/7DhBSM7acaKM5of5pBFpdnCTpiHexn7wIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFDGjYNljyPquLaO0laedszv0DbH8MB8GA1UdIwQY
MBaAFMJ0bMt+c6nMMO8E7dfPFswdlGiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25Sc3kzNXpxY3d3N3dUdDE4OFd6QjJVYUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS81OTcwM2YtZjAwMy00ODQ1LTk4M2Et
OTNlOTE4ZDEwZWM1LzEvTWFOZzJXUEktcTR0bzdTVnA1MnpPX1FOc2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS81OTcwM2YtZjAwMy00ODQ1LTk4M2EtOTNlOTE4ZDEwZWM1
LzEvd25Sc3kzNXpxY3d3N3dUdDE4OFd6QjJVYUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAkBAIAATAeAwQAsv/aAwQA
uctDAwQAucy7AwQAwaNYAwQAwkWiMCkEAgACMCMDBQMqDK6AAwUDKhB8wAMFAyoR
CUADBQMqER7AAwUDKhLkQDANBgkqhkiG9w0BAQsFAAOCAQEAWenI0eOIvReAX5f4
0STtmJXcg9pvsNkY9IrmTZZFDlnguqghnJdnwoXNX+bHUCGrGImv7Z+rbnt52mDL
x8JyxWCOY5BmWb8+SAHoHYupMqKns/jm2KKRJSHuPTowKf1OMFOiRUFv7IZUgvkw
FL9r4bkG7Oa/U+TkEbGtxSesgntGjmeTWLfiXUTDM0DMEkGrHqzFVNAGknRG5Sq1
CD44LoGjlKluusAFdX2bzuSqn9Sw5zdfl6g3jbTj/lk3/eklFrHxj5pzFSUN0lGT
Chqc4INGHAKYHWZPoE0wBRCUq8wfRbBWOQbmY6IH8R7bN8oe7Yd5rdkzetgOWX7v
aPSdKA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:37:23 2025 by rpki-client