Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a5a23c-a6f1-4cce-92bf-6e821357563e/1/majt_X6yjx1v-iTmhGFHsGumBVM.roa
File: majt_X6yjx1v-iTmhGFHsGumBVM.roa (raw, json)
Hash identifier: Z52exw3EQudoTlGo/au/rDAFSyNUY8GubUo9XkSJ1S0=
Subject key identifier: 99:A8:ED:FD:7E:B2:8F:1D:6F:FA:24:E6:84:61:47:B0:6B:A6:05:53
Certificate issuer: /CN=afecb37a7b3acb0e54ede063bf57d72cc59d94df
Certificate serial: 01856D0ACCB8B090DB8316C03A570D3FC7AC
Authority key identifier: AF:EC:B3:7A:7B:3A:CB:0E:54:ED:E0:63:BF:57:D7:2C:C5:9D:94:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-yzens6yw5U7eBjv1fXLMWdlN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a5a23c-a6f1-4cce-92bf-6e821357563e/1/majt_X6yjx1v-iTmhGFHsGumBVM.roa
Signing time: Sun 01 Jan 2023 11:15:02 +0000
ROA not before: Sun 01 Jan 2023 11:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 156.118.4.0/24 maxlen: 24
156.118.0.0/24 maxlen: 24
156.118.8.0/24 maxlen: 24
156.118.6.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:cc:b8:b0:90:db:83:16:c0:3a:57:0d:3f:c7:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afecb37a7b3acb0e54ede063bf57d72cc59d94df
Validity
Not Before: Jan 1 11:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99a8edfd7eb28f1d6ffa24e6846147b06ba60553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:59:d7:ab:a8:ed:9a:04:ca:a1:c3:45:32:0d:
3b:6b:20:3e:a3:53:71:59:3a:7a:39:6b:20:3a:a3:
6d:f4:00:42:68:13:c7:02:9e:e5:0f:16:29:c5:28:
4a:97:9a:41:d1:dc:db:2f:29:40:74:ac:f4:c4:ea:
af:f9:d7:d0:d5:88:4b:0e:b3:32:32:ee:8b:b3:75:
5d:35:dc:9b:88:53:2e:8d:2b:1f:68:28:fd:ee:01:
44:12:d8:3c:a4:ad:d6:ba:ac:00:59:1a:e5:ff:84:
dc:a4:d4:bb:0c:fe:4b:24:e0:cd:ec:7d:04:a7:db:
79:66:9e:18:47:71:66:91:17:e3:0b:87:1f:e4:c3:
e5:e6:9f:f0:6b:71:60:1c:af:ec:38:e6:21:80:be:
94:f9:ca:4e:85:80:8b:5d:cb:98:cc:fa:9e:72:1a:
97:e9:93:de:2c:11:51:8b:4b:9d:18:d4:83:0f:d2:
4e:82:d8:8e:dc:3c:9d:9b:ee:2f:6e:41:0c:74:3c:
79:a8:e4:5d:43:7f:07:a7:17:76:fc:20:9d:bd:f4:
06:e6:b7:0f:d9:9f:c3:4c:21:b7:7b:3b:a3:d1:34:
32:36:66:b2:98:db:22:6e:cf:8c:67:bf:97:54:c9:
b6:68:6a:07:5c:ba:28:c5:29:18:48:fc:17:f2:46:
77:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A8:ED:FD:7E:B2:8F:1D:6F:FA:24:E6:84:61:47:B0:6B:A6:05:53
X509v3 Authority Key Identifier:
keyid:AF:EC:B3:7A:7B:3A:CB:0E:54:ED:E0:63:BF:57:D7:2C:C5:9D:94:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-yzens6yw5U7eBjv1fXLMWdlN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a5a23c-a6f1-4cce-92bf-6e821357563e/1/majt_X6yjx1v-iTmhGFHsGumBVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a5a23c-a6f1-4cce-92bf-6e821357563e/1/r-yzens6yw5U7eBjv1fXLMWdlN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.118.0.0/24
156.118.4.0/24
156.118.6.0/24
156.118.8.0/24
Signature Algorithm: sha256WithRSAEncryption
17:f5:ba:3e:75:00:d0:12:45:d4:d0:71:4d:f6:6f:b5:1b:82:
f8:50:36:1e:76:d0:e0:98:55:97:17:34:a0:b3:37:d4:4a:2c:
e3:af:99:c4:41:58:c1:49:8f:f0:0a:8a:81:be:40:55:8c:34:
cf:c7:ae:ee:ec:be:a4:83:93:26:8e:1e:3e:d6:4b:3a:d5:4d:
d6:8f:2e:d3:3a:84:04:27:cc:cf:12:6d:33:a4:ce:ca:98:ec:
03:8f:ff:fa:45:f1:08:73:fe:cb:0a:da:56:9f:a4:30:af:cc:
44:d5:5e:5c:79:0d:50:be:1e:54:42:e4:55:67:48:70:47:31:
ec:25:09:34:d3:80:f2:78:10:a1:45:ea:0b:64:74:df:57:57:
7a:51:1e:db:36:e4:4c:49:c0:0b:e9:c1:5d:8e:70:26:07:9f:
49:6b:68:51:6d:5e:77:2a:19:1b:07:f9:3a:18:53:5d:58:39:
2f:08:a4:02:b8:5d:17:ce:c0:71:65:db:b7:42:c0:f8:70:32:
dc:4d:0e:8e:b4:8a:51:2f:b6:21:7a:30:a9:e7:a8:ef:d0:7d:
63:fc:a1:8a:e1:2c:83:fc:62:64:c6:59:d4:b4:7c:3c:fc:16:
83:21:50:af:fc:20:cf:83:99:c2:b8:99:c5:f9:5f:ed:bb:b5:
bc:14:23:17
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtCsy4sJDbgxbAOlcNP8esMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZWNiMzdhN2IzYWNiMGU1NGVkZTA2M2JmNTdkNzJjYzU5
ZDk0ZGYwHhcNMjMwMTAxMTExNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWE4ZWRmZDdlYjI4ZjFkNmZmYTI0ZTY4NDYxNDdiMDZiYTYwNTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1nXq6jtmgTKocNFMg07ayA+o1Nx
WTp6OWsgOqNt9ABCaBPHAp7lDxYpxShKl5pB0dzbLylAdKz0xOqv+dfQ1YhLDrMy
Mu6Ls3VdNdybiFMujSsfaCj97gFEEtg8pK3WuqwAWRrl/4TcpNS7DP5LJODN7H0E
p9t5Zp4YR3FmkRfjC4cf5MPl5p/wa3FgHK/sOOYhgL6U+cpOhYCLXcuYzPqechqX
6ZPeLBFRi0udGNSDD9JOgtiO3Dydm+4vbkEMdDx5qORdQ38Hpxd2/CCdvfQG5rcP
2Z/DTCG3ezuj0TQyNmaymNsibs+MZ7+XVMm2aGoHXLooxSkYSPwX8kZ3bQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJmo7f1+so8db/ok5oRhR7BrpgVTMB8GA1UdIwQY
MBaAFK/ss3p7OssOVO3gY79X1yzFnZTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci15emVuczZ5dzVVN2VCanYxZlhMTVdkbE44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hNWEyM2MtYTZmMS00Y2NlLTkyYmYt
NmU4MjEzNTc1NjNlLzEvbWFqdF9YNnlqeDF2LWlUbWhHRkhzR3VtQlZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hNWEyM2MtYTZmMS00Y2NlLTkyYmYtNmU4MjEzNTc1NjNl
LzEvci15emVuczZ5dzVVN2VCanYxZlhMTVdkbE44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAnHYAAwQA
nHYEAwQAnHYGAwQAnHYIMA0GCSqGSIb3DQEBCwUAA4IBAQAX9bo+dQDQEkXU0HFN
9m+1G4L4UDYedtDgmFWXFzSgszfUSizjr5nEQVjBSY/wCoqBvkBVjDTPx67u7L6k
g5Mmjh4+1ks61U3Wjy7TOoQEJ8zPEm0zpM7KmOwDj//6RfEIc/7LCtpWn6Qwr8xE
1V5ceQ1Qvh5UQuRVZ0hwRzHsJQk004DyeBChReoLZHTfV1d6UR7bNuRMScAL6cFd
jnAmB59Ja2hRbV53KhkbB/k6GFNdWDkvCKQCuF0XzsBxZdu3QsD4cDLcTQ6OtIpR
L7YhejCp56jv0H1j/KGK4SyD/GJkxlnUtHw8/BaDIVCv/CDPg5nCuJnF+V/tu7W8
FCMX
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:58:41 2025 by rpki-client