Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/mKqKGE7VEk0fR_oGWuLvOPPQAUg.roa
File: mKqKGE7VEk0fR_oGWuLvOPPQAUg.roa (raw, json)
Hash identifier: YMPqFT+t2HG3a/ckQ7vJxNm0FXlP7d5WuD905ydZXtQ=
Subject key identifier: 98:AA:8A:18:4E:D5:12:4D:1F:47:FA:06:5A:E2:EF:38:F3:D0:01:48
Certificate issuer: /CN=13a0f7143ffa22113442dc8589ee1352ebe3daa3
Certificate serial: 01867343541A388791A5E234508CF7770188
Authority key identifier: 13:A0:F7:14:3F:FA:22:11:34:42:DC:85:89:EE:13:52:EB:E3:DA:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/mKqKGE7VEk0fR_oGWuLvOPPQAUg.roa
Signing time: Tue 21 Feb 2023 09:17:17 +0000
ROA not before: Tue 21 Feb 2023 09:17:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50889
IP address blocks: 185.136.71.0/24 maxlen: 24
185.136.69.0/24 maxlen: 24
185.136.70.0/24 maxlen: 24
77.111.250.0/24 maxlen: 24
77.111.251.0/24 maxlen: 24
77.111.248.0/24 maxlen: 24
77.111.249.0/24 maxlen: 24
80.84.166.0/24 maxlen: 24
80.84.160.0/24 maxlen: 24
80.84.164.0/24 maxlen: 24
80.84.165.0/24 maxlen: 24
80.84.163.0/24 maxlen: 24
80.84.161.0/24 maxlen: 24
80.84.162.0/24 maxlen: 24
80.84.167.0/24 maxlen: 24
80.84.171.0/24 maxlen: 24
80.84.172.0/24 maxlen: 24
80.84.170.0/24 maxlen: 24
80.84.168.0/24 maxlen: 24
80.84.169.0/24 maxlen: 24
80.84.174.0/24 maxlen: 24
80.84.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:73:43:54:1a:38:87:91:a5:e2:34:50:8c:f7:77:01:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13a0f7143ffa22113442dc8589ee1352ebe3daa3
Validity
Not Before: Feb 21 09:17:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98aa8a184ed5124d1f47fa065ae2ef38f3d00148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:51:b7:cf:d9:fc:02:80:15:0c:9f:70:e7:39:
3c:00:77:2d:b6:59:6c:ec:3e:c8:f5:d0:f3:0c:62:
52:16:f7:e6:63:90:ed:a7:60:36:2a:ec:ff:50:87:
ec:a2:2c:23:55:52:6e:4b:18:5b:4b:78:c7:25:25:
77:2d:cb:2a:e0:3e:93:f7:1d:6d:14:56:21:ef:83:
af:42:85:b6:f0:8f:85:49:b4:2c:44:60:eb:4f:27:
b5:79:f9:ea:e1:6d:93:15:b3:d2:b2:13:bf:b7:a0:
45:7f:ad:b7:eb:5f:6d:bf:8d:a6:a1:c3:b2:77:5b:
63:61:bd:02:86:5b:50:ae:83:e3:fb:d8:8a:38:03:
bf:fd:d4:2b:54:e7:0f:e7:72:0b:02:06:d3:c3:f7:
d4:38:23:c2:3b:81:58:2e:e0:ed:92:64:e2:44:95:
79:92:7e:7a:76:3f:c1:92:fc:a0:11:78:d3:21:d5:
d8:20:33:59:a5:64:29:9c:5d:40:a1:47:38:bc:d5:
03:11:f2:7c:17:db:33:58:b0:65:57:bb:af:ea:c6:
b9:59:bc:68:18:e8:e9:d4:26:87:e6:fb:84:d3:cc:
6c:8a:5d:ac:65:93:28:23:1e:b8:d9:e1:2e:3f:7e:
42:79:70:7f:43:d4:d3:f3:b6:89:3f:5b:d1:39:e1:
de:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AA:8A:18:4E:D5:12:4D:1F:47:FA:06:5A:E2:EF:38:F3:D0:01:48
X509v3 Authority Key Identifier:
keyid:13:A0:F7:14:3F:FA:22:11:34:42:DC:85:89:EE:13:52:EB:E3:DA:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/mKqKGE7VEk0fR_oGWuLvOPPQAUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/E6D3FD_6IhE0QtyFie4TUuvj2qM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.248.0/22
80.84.160.0-80.84.172.255
80.84.174.0/23
185.136.69.0-185.136.71.255
Signature Algorithm: sha256WithRSAEncryption
21:6b:91:7b:bd:df:8f:3e:59:e1:8d:ba:50:f6:3c:a3:76:af:
ab:3d:97:ae:46:bf:6c:91:24:a9:82:4b:00:0d:9b:52:5b:7b:
ba:d4:03:14:75:4f:9d:b4:d5:3e:14:11:42:e9:aa:6a:e8:01:
c7:f0:09:96:e8:ca:24:95:08:df:f6:70:9d:3c:64:5c:0e:8f:
0d:55:eb:1f:aa:72:f1:9e:21:0e:ab:e5:8f:d0:aa:72:40:4e:
7d:58:19:a2:e3:4b:e1:64:74:03:56:10:9e:61:f5:a8:0e:25:
9b:89:8b:64:ce:7a:bb:a5:7f:c6:14:29:4c:ff:da:17:f5:8a:
08:a7:5d:cd:a2:3b:2b:95:e4:38:29:12:00:81:24:ed:d8:99:
81:30:60:b5:6a:a4:89:f7:e6:56:79:6f:59:77:b3:d2:4d:73:
92:c8:da:7b:bb:1a:6f:67:2f:c9:7a:08:ff:32:f7:e5:7a:93:
50:d3:04:e7:b2:4a:75:2c:76:c6:32:d5:6f:91:99:67:9f:1c:
4d:54:2f:4f:25:c2:59:2f:c9:51:b3:e3:f9:84:2c:34:86:b6:
41:07:ab:71:d1:80:84:45:0d:b6:ed:53:74:04:08:06:31:e1:
92:8b:02:77:7b:17:b8:1a:e7:6d:43:13:95:77:60:56:28:1d:
8f:3d:49:f4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYZzQ1QaOIeRpeI0UIz3dwGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYTBmNzE0M2ZmYTIyMTEzNDQyZGM4NTg5ZWUxMzUyZWJl
M2RhYTMwHhcNMjMwMjIxMDkxNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFhOGExODRlZDUxMjRkMWY0N2ZhMDY1YWUyZWYzOGYzZDAwMTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVG3z9n8AoAVDJ9w5zk8AHcttlls
7D7I9dDzDGJSFvfmY5Dtp2A2Kuz/UIfsoiwjVVJuSxhbS3jHJSV3Lcsq4D6T9x1t
FFYh74OvQoW28I+FSbQsRGDrTye1efnq4W2TFbPSshO/t6BFf623619tv42mocOy
d1tjYb0ChltQroPj+9iKOAO//dQrVOcP53ILAgbTw/fUOCPCO4FYLuDtkmTiRJV5
kn56dj/BkvygEXjTIdXYIDNZpWQpnF1AoUc4vNUDEfJ8F9szWLBlV7uv6sa5Wbxo
GOjp1CaH5vuE08xsil2sZZMoIx642eEuP35CeXB/Q9TT87aJP1vROeHedQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJiqihhO1RJNH0f6Blri7zjz0AFIMB8GA1UdIwQY
MBaAFBOg9xQ/+iIRNELchYnuE1Lr49qjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTZEM0ZEXzZJaEUwUXR5RmllNFRVdXZqMnFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80NDNmODctNGFlMC00MTk4LWJjYjgt
MTA0YTMzNDM3NjY1LzEvbUtxS0dFN1ZFazBmUl9vR1d1THZPUFBRQVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80NDNmODctNGFlMC00MTk4LWJjYjgtMTA0YTMzNDM3NjY1
LzEvRTZEM0ZEXzZJaEUwUXR5RmllNFRVdXZqMnFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCTW/4MAwD
BAVQVKADBABQVKwDBAFQVK4wDAMEALmIRQMEA7mIQDANBgkqhkiG9w0BAQsFAAOC
AQEAIWuRe73fjz5Z4Y26UPY8o3avqz2Xrka/bJEkqYJLAA2bUlt7utQDFHVPnbTV
PhQRQumqaugBx/AJlujKJJUI3/ZwnTxkXA6PDVXrH6py8Z4hDqvlj9CqckBOfVgZ
ouNL4WR0A1YQnmH1qA4lm4mLZM56u6V/xhQpTP/aF/WKCKddzaI7K5XkOCkSAIEk
7diZgTBgtWqkiffmVnlvWXez0k1zksjae7sab2cvyXoI/zL35XqTUNME57JKdSx2
xjLVb5GZZ58cTVQvTyXCWS/JUbPj+YQsNIa2QQercdGAhEUNtu1TdAQIBjHhkosC
d3sXuBrnbUMTlXdgVigdjz1J9A==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:51:15 2025 by rpki-client