Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/Mbm6QXqJoPSY8lmJ2uuYnoixdss.roa
File: Mbm6QXqJoPSY8lmJ2uuYnoixdss.roa (raw, json)
Hash identifier: YVUXdFTCHChTHodePJ+65GQKTip7VafzN3LWZ67guNY=
Subject key identifier: 31:B9:BA:41:7A:89:A0:F4:98:F2:59:89:DA:EB:98:9E:88:B1:76:CB
Certificate issuer: /CN=d1bbf3680cdae6c267a98d03d08f6b23d0ed1d46
Certificate serial: 019421B18CB45FA6D8085DA03DAFF7CB71DB
Authority key identifier: D1:BB:F3:68:0C:DA:E6:C2:67:A9:8D:03:D0:8F:6B:23:D0:ED:1D:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0bvzaAza5sJnqY0D0I9rI9DtHUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/Mbm6QXqJoPSY8lmJ2uuYnoixdss.roa
Signing time: Wed 01 Jan 2025 11:47:51 +0000
ROA not before: Wed 01 Jan 2025 11:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209714
IP address blocks: 193.168.152.0/24 maxlen: 24
193.168.153.0/24 maxlen: 24
193.168.154.0/24 maxlen: 24
193.168.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:8c:b4:5f:a6:d8:08:5d:a0:3d:af:f7:cb:71:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1bbf3680cdae6c267a98d03d08f6b23d0ed1d46
Validity
Not Before: Jan 1 11:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31b9ba417a89a0f498f25989daeb989e88b176cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:60:03:fb:66:89:56:06:42:d7:f4:2d:15:9f:
fe:88:66:c6:63:42:0a:b3:64:cd:dc:5a:a7:02:49:
61:45:e8:44:56:10:54:58:6f:ff:bc:cc:38:dc:c0:
20:86:03:ee:63:b3:0e:58:19:08:22:d5:d9:84:ea:
96:64:97:41:1a:7e:88:a1:55:a9:ec:8b:bc:15:68:
65:f4:45:86:1a:3f:9b:17:94:f7:15:d6:31:2d:5b:
11:8b:08:c2:40:e7:b0:8c:68:f4:66:7f:e3:cd:26:
12:4b:c6:da:5e:a9:c7:4a:57:fe:2b:b4:c5:96:ae:
cf:1a:e0:5b:58:dc:04:c7:13:5c:09:48:86:78:d0:
34:76:0f:78:2a:f8:d1:98:09:3e:bb:70:b7:b1:e2:
18:de:50:f3:70:5c:8a:e8:45:81:82:ed:85:0c:7e:
ad:a1:54:97:22:4d:f4:26:97:02:e9:13:b4:d6:7e:
0a:aa:19:7c:fa:76:2e:5b:f2:89:8b:18:b0:de:b9:
bd:b2:ae:2c:b5:07:55:ae:5d:6a:c8:93:99:a1:0e:
2f:01:15:e5:43:1f:52:9b:d8:64:0e:1c:83:8e:f0:
39:68:d2:89:20:96:04:5a:3c:95:c6:0a:f0:89:03:
9b:d9:26:0a:9a:3b:a7:2c:81:9c:23:ca:5b:4c:d7:
ed:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B9:BA:41:7A:89:A0:F4:98:F2:59:89:DA:EB:98:9E:88:B1:76:CB
X509v3 Authority Key Identifier:
keyid:D1:BB:F3:68:0C:DA:E6:C2:67:A9:8D:03:D0:8F:6B:23:D0:ED:1D:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bvzaAza5sJnqY0D0I9rI9DtHUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/Mbm6QXqJoPSY8lmJ2uuYnoixdss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/0bvzaAza5sJnqY0D0I9rI9DtHUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.152.0/22
Signature Algorithm: sha256WithRSAEncryption
29:0f:e4:9f:6e:5c:5a:d1:d3:d9:2a:a7:32:ae:f3:9b:2e:69:
61:61:7a:27:f3:97:c1:49:24:5b:50:c5:c2:19:1e:ab:49:d6:
a6:99:6a:23:ce:fa:d8:28:02:71:fe:56:51:78:cd:07:e4:36:
c4:16:46:ba:bc:c6:8b:ad:f7:b8:b4:9a:e4:e0:b7:4f:27:4d:
dd:0b:61:0a:7e:0b:2d:43:ea:85:42:19:e3:00:ed:eb:6a:d6:
ee:30:55:c4:8c:5c:44:b4:c8:6c:74:16:8d:89:ac:c2:2e:c4:
bf:83:10:ef:74:e1:38:4f:33:d8:a5:56:41:7b:9b:3a:2e:8c:
9b:0f:68:86:6a:b7:54:57:5b:be:05:58:b6:95:9b:b7:b7:eb:
94:09:30:46:aa:41:29:a5:5b:b5:88:01:07:ec:e2:ec:5e:42:
47:5d:9c:26:ca:a7:6f:d8:16:29:28:43:25:18:df:03:5e:bb:
24:10:1e:04:64:42:3a:70:4e:aa:05:43:8f:89:c6:d4:65:f2:
bb:96:b5:6c:4a:ba:58:36:30:47:79:76:58:8f:84:17:16:83:
40:57:e4:71:91:0b:ef:a7:3c:fb:86:30:18:69:53:23:0f:24:
7d:3f:7c:f1:cc:bf:82:76:91:bc:02:3b:db:9d:ab:86:a6:38:
2f:a4:60:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsYy0X6bYCF2gPa/3y3HbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYmJmMzY4MGNkYWU2YzI2N2E5OGQwM2QwOGY2YjIzZDBl
ZDFkNDYwHhcNMjUwMTAxMTE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWI5YmE0MTdhODlhMGY0OThmMjU5ODlkYWViOTg5ZTg4YjE3NmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGAD+2aJVgZC1/QtFZ/+iGbGY0IK
s2TN3FqnAklhRehEVhBUWG//vMw43MAghgPuY7MOWBkIItXZhOqWZJdBGn6IoVWp
7Iu8FWhl9EWGGj+bF5T3FdYxLVsRiwjCQOewjGj0Zn/jzSYSS8baXqnHSlf+K7TF
lq7PGuBbWNwExxNcCUiGeNA0dg94KvjRmAk+u3C3seIY3lDzcFyK6EWBgu2FDH6t
oVSXIk30JpcC6RO01n4Kqhl8+nYuW/KJixiw3rm9sq4stQdVrl1qyJOZoQ4vARXl
Qx9Sm9hkDhyDjvA5aNKJIJYEWjyVxgrwiQOb2SYKmjunLIGcI8pbTNftuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDG5ukF6iaD0mPJZidrrmJ6IsXbLMB8GA1UdIwQY
MBaAFNG782gM2ubCZ6mNA9CPayPQ7R1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGJ2emFBemE1c0pucVkwRDBJOXJJOUR0SFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kNTJlODQtZWI4NC00NWMyLWI2YzUt
NTFjMWZhYTQ3MThmLzEvTWJtNlFYcUpvUFNZOGxtSjJ1dVlub2l4ZHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kNTJlODQtZWI4NC00NWMyLWI2YzUtNTFjMWZhYTQ3MThm
LzEvMGJ2emFBemE1c0pucVkwRDBJOXJJOUR0SFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwaiYMA0G
CSqGSIb3DQEBCwUAA4IBAQApD+Sfblxa0dPZKqcyrvObLmlhYXon85fBSSRbUMXC
GR6rSdammWojzvrYKAJx/lZReM0H5DbEFka6vMaLrfe4tJrk4LdPJ03dC2EKfgst
Q+qFQhnjAO3ratbuMFXEjFxEtMhsdBaNiazCLsS/gxDvdOE4TzPYpVZBe5s6Loyb
D2iGardUV1u+BVi2lZu3t+uUCTBGqkEppVu1iAEH7OLsXkJHXZwmyqdv2BYpKEMl
GN8DXrskEB4EZEI6cE6qBUOPicbUZfK7lrVsSrpYNjBHeXZYj4QXFoNAV+RxkQvv
pzz7hjAYaVMjDyR9P3zxzL+CdpG8AjvbnauGpjgvpGCS
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:05 2025 by rpki-client