Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/M-yd6Ugm4j37VvR5jMt-KNJrmEI.roa
File: M-yd6Ugm4j37VvR5jMt-KNJrmEI.roa (raw, json)
Hash identifier: vqjDdTSN4DxJrQed7BY7JJ0opDc9Ee98YYBmwBxXED4=
Subject key identifier: 33:EC:9D:E9:48:26:E2:3D:FB:56:F4:79:8C:CB:7E:28:D2:6B:98:42
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 019424B38FF69C825C9B5A46D02FC05D0034
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/M-yd6Ugm4j37VvR5jMt-KNJrmEI.roa
Signing time: Thu 02 Jan 2025 01:48:55 +0000
ROA not before: Thu 02 Jan 2025 01:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207540
IP address blocks: 185.216.138.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:8f:f6:9c:82:5c:9b:5a:46:d0:2f:c0:5d:00:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Jan 2 01:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33ec9de94826e23dfb56f4798ccb7e28d26b9842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b3:af:76:76:22:ec:26:6b:47:8d:ea:1c:85:
32:ff:e7:d5:77:9e:41:ab:35:59:11:8f:7f:c9:8e:
82:19:0d:73:b6:a1:05:5c:f3:c7:8f:e4:ed:8d:66:
62:86:93:9c:e2:d2:db:11:0d:21:62:51:d7:81:39:
07:b4:f7:4f:69:d5:3b:65:4e:dc:55:36:01:40:74:
88:bd:7b:0a:c7:ea:ff:6c:2e:b1:89:c8:ea:92:69:
89:24:96:6a:0f:09:5d:a0:93:6f:3f:4e:66:17:67:
c9:b7:b6:52:7c:a1:51:03:5f:17:ef:15:5b:69:15:
63:b8:af:67:5e:0f:b7:95:b8:34:b9:16:0a:ee:74:
24:f8:66:95:92:fb:7b:87:a1:9e:1b:95:40:c0:86:
e7:24:83:14:7a:d1:5e:60:c7:3e:d1:a0:63:28:40:
6a:87:6b:5e:f9:1b:b2:53:99:fe:76:81:42:78:c8:
c9:20:73:27:43:01:f2:20:52:36:20:5f:d4:d5:ad:
bd:68:03:c0:3b:69:b7:4e:4c:41:1a:03:59:55:91:
39:ae:d3:e6:43:e1:e1:42:92:d8:ad:be:37:d0:a2:
91:55:ff:5b:92:2f:39:cb:c4:b2:df:fb:c5:57:6b:
33:85:9c:e1:27:5f:32:70:1e:c2:88:66:f1:d6:00:
34:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:EC:9D:E9:48:26:E2:3D:FB:56:F4:79:8C:CB:7E:28:D2:6B:98:42
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/M-yd6Ugm4j37VvR5jMt-KNJrmEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.138.0/23
Signature Algorithm: sha256WithRSAEncryption
98:49:60:3b:d5:7f:23:8d:96:fe:d8:37:ca:66:01:81:51:ea:
e6:e0:48:0a:6e:43:63:e0:8b:92:d0:47:a9:66:ae:29:aa:77:
27:80:ea:09:8a:06:8a:1c:5b:4d:28:9d:2d:3e:b2:f7:e1:d2:
5b:fc:ee:3d:c1:68:13:73:9f:e8:77:13:fc:62:c4:8b:2d:27:
d8:b5:75:93:d7:b1:93:31:b0:f2:0e:13:e4:d2:a7:84:dc:17:
49:3a:d9:99:2b:fa:f2:f4:ef:7e:de:2a:07:6e:5e:8d:b7:23:
52:47:bb:1c:7c:b4:6a:92:77:0f:ea:1f:0f:c5:1e:f7:42:ba:
0b:9c:d8:02:f0:6e:a8:b4:7c:fe:3a:26:f6:38:7f:a1:74:1c:
d3:87:73:27:d4:5e:76:71:7e:1b:b3:55:b2:bf:09:d3:4a:e5:
56:f7:e8:ed:25:5e:a3:c4:40:b5:e9:f4:9e:c7:96:7d:47:8c:
b6:31:72:9f:84:15:b3:b5:81:ea:40:74:2f:29:06:8d:8c:29:
e9:d7:e1:e5:ac:c2:3e:ef:97:83:33:fe:d2:78:b4:36:8f:3c:
1a:28:d0:eb:74:ea:db:69:c4:04:96:af:17:98:e7:ab:92:6d:
6d:f7:28:05:fc:73:33:62:04:87:bb:ab:86:90:d6:f1:0e:9d:
37:26:09:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks4/2nIJcm1pG0C/AXQA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjUwMTAyMDE0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2VjOWRlOTQ4MjZlMjNkZmI1NmY0Nzk4Y2NiN2UyOGQyNmI5ODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bOvdnYi7CZrR43qHIUy/+fVd55B
qzVZEY9/yY6CGQ1ztqEFXPPHj+TtjWZihpOc4tLbEQ0hYlHXgTkHtPdPadU7ZU7c
VTYBQHSIvXsKx+r/bC6xicjqkmmJJJZqDwldoJNvP05mF2fJt7ZSfKFRA18X7xVb
aRVjuK9nXg+3lbg0uRYK7nQk+GaVkvt7h6GeG5VAwIbnJIMUetFeYMc+0aBjKEBq
h2te+RuyU5n+doFCeMjJIHMnQwHyIFI2IF/U1a29aAPAO2m3TkxBGgNZVZE5rtPm
Q+HhQpLYrb430KKRVf9bki85y8Sy3/vFV2szhZzhJ18ycB7CiGbx1gA0VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPsnelIJuI9+1b0eYzLfijSa5hCMB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvTS15ZDZVZ200ajM3VnZSNWpNdC1LTkpybUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudiKMA0G
CSqGSIb3DQEBCwUAA4IBAQCYSWA71X8jjZb+2DfKZgGBUerm4EgKbkNj4IuS0Eep
Zq4pqncngOoJigaKHFtNKJ0tPrL34dJb/O49wWgTc5/odxP8YsSLLSfYtXWT17GT
MbDyDhPk0qeE3BdJOtmZK/ry9O9+3ioHbl6NtyNSR7scfLRqkncP6h8PxR73QroL
nNgC8G6otHz+Oib2OH+hdBzTh3Mn1F52cX4bs1WyvwnTSuVW9+jtJV6jxEC16fSe
x5Z9R4y2MXKfhBWztYHqQHQvKQaNjCnp1+HlrMI+75eDM/7SeLQ2jzwaKNDrdOrb
acQElq8XmOerkm1t9ygF/HMzYgSHu6uGkNbxDp03Jgnu
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:40:56 2025 by rpki-client