Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MnLSvXCRuDyeXCcNr5eZml22NwA.roa
File: MnLSvXCRuDyeXCcNr5eZml22NwA.roa (raw, json)
Hash identifier: s6LBPKmOfAAaP1pgL8RXydOJgfdO1MyMs+8qnEMbrfg=
Subject key identifier: 32:72:D2:BD:70:91:B8:3C:9E:5C:27:0D:AF:97:99:9A:5D:B6:37:00
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018FDD58AFB87D48D2997D3A944B072F88FA
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MnLSvXCRuDyeXCcNr5eZml22NwA.roa
Signing time: Mon 03 Jun 2024 09:05:27 +0000
ROA not before: Mon 03 Jun 2024 09:05:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:58:af:b8:7d:48:d2:99:7d:3a:94:4b:07:2f:88:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 3 09:05:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3272d2bd7091b83c9e5c270daf97999a5db63700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ff:cc:97:46:af:86:3f:5e:94:e6:0d:2c:6a:
ba:71:09:d0:51:1b:ad:79:37:c3:7d:e7:cf:ca:e9:
3b:21:99:c3:ba:db:85:19:09:87:35:b3:3b:4c:13:
16:01:b1:b1:85:8b:4a:9f:b8:d0:8f:3b:08:96:14:
a9:5d:3d:f4:93:62:4c:6e:81:3a:dd:d0:38:b0:1c:
04:ea:7b:32:69:1f:ca:95:ab:67:20:ad:8b:a8:a8:
f9:4f:61:71:6c:37:52:95:21:21:1f:9f:f3:62:dd:
08:b6:a2:fd:49:df:89:82:36:7a:67:6d:cf:00:0e:
bd:ea:b6:55:28:a9:84:5f:b2:99:90:4e:2a:0f:3d:
6b:7b:c0:08:ee:54:8b:96:da:bc:5e:a2:d5:2b:e8:
0d:78:da:6d:c2:f0:15:6f:d4:53:ca:1c:19:1e:ad:
03:69:5b:0f:31:65:5e:33:5b:05:83:ed:b4:2e:23:
33:40:d9:aa:67:f4:6a:eb:41:e5:b4:bb:05:70:1f:
76:84:3e:3e:b5:fc:d1:18:cc:30:dc:ec:cd:91:e6:
0b:54:01:0c:65:45:3f:80:65:55:2a:72:ca:bf:10:
6d:a6:4f:8b:df:4d:f8:55:5a:e9:bf:60:ef:51:bf:
4b:b7:a0:b4:40:10:00:d5:ca:e6:04:46:ca:6a:1f:
a3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:72:D2:BD:70:91:B8:3C:9E:5C:27:0D:AF:97:99:9A:5D:B6:37:00
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MnLSvXCRuDyeXCcNr5eZml22NwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.251.230.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:19:74:b2:c0:d0:7b:5f:64:5b:03:6a:32:3e:74:8b:3a:b8:
55:d7:8c:7b:76:69:85:a4:59:9b:33:0f:95:2b:8b:0f:1b:8f:
7f:e0:d6:80:fc:a7:54:3c:15:64:6c:3b:ba:05:b7:61:06:72:
c3:11:5b:5f:f2:04:aa:76:3b:ec:9c:01:8e:ff:4a:14:cd:2c:
e3:bd:37:f4:77:5d:8f:74:34:e3:22:f3:c9:e3:fe:c1:1f:09:
24:fd:5a:11:bd:c4:86:0a:4a:48:9f:4e:38:e9:33:30:76:d5:
15:85:51:88:30:3f:66:44:3f:bb:7e:ba:a5:d8:36:1e:35:1e:
da:bc:18:89:9a:f7:92:7c:7d:98:a4:c1:79:af:b3:f9:4e:0b:
38:84:8d:b6:01:7f:91:ba:7a:bd:54:26:78:84:bd:bf:3f:f5:
8f:1b:20:b4:00:97:fe:a6:ed:8a:17:f6:e6:7e:bb:a4:88:e0:
57:9d:50:c4:6b:88:61:5e:a5:9c:98:4e:9b:ae:4b:a1:43:90:
9b:29:5a:c1:68:8d:2a:42:52:5e:bb:63:8c:0d:44:46:9e:b6:
ac:0f:ca:e6:a6:fb:f9:95:a7:96:c0:6a:a3:de:22:3a:47:a6:
4c:67:2a:b7:dd:ef:7f:f2:93:d1:92:5c:75:fb:50:2c:8d:fd:
23:50:6e:41
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY/dWK+4fUjSmX06lEsHL4j6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNjAzMDkwNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjcyZDJiZDcwOTFiODNjOWU1YzI3MGRhZjk3OTk5YTVkYjYzNzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP/Ml0avhj9elOYNLGq6cQnQURut
eTfDfefPyuk7IZnDutuFGQmHNbM7TBMWAbGxhYtKn7jQjzsIlhSpXT30k2JMboE6
3dA4sBwE6nsyaR/KlatnIK2LqKj5T2FxbDdSlSEhH5/zYt0ItqL9Sd+JgjZ6Z23P
AA696rZVKKmEX7KZkE4qDz1re8AI7lSLltq8XqLVK+gNeNptwvAVb9RTyhwZHq0D
aVsPMWVeM1sFg+20LiMzQNmqZ/Rq60HltLsFcB92hD4+tfzRGMww3OzNkeYLVAEM
ZUU/gGVVKnLKvxBtpk+L3034VVrpv2DvUb9Lt6C0QBAA1crmBEbKah+jJwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDJy0r1wkbg8nlwnDa+XmZpdtjcAMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTW5MU3ZYQ1J1RHllWENjTnI1ZVptbDIyTndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQAufvmAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQB9GXSywNB7X2RbA2oyPnSLOrhV14x7dmmFpFmbMw+VK4sPG49/
4NaA/KdUPBVkbDu6BbdhBnLDEVtf8gSqdjvsnAGO/0oUzSzjvTf0d12PdDTjIvPJ
4/7BHwkk/VoRvcSGCkpIn0446TMwdtUVhVGIMD9mRD+7frql2DYeNR7avBiJmveS
fH2YpMF5r7P5Tgs4hI22AX+Runq9VCZ4hL2/P/WPGyC0AJf+pu2KF/bmfrukiOBX
nVDEa4hhXqWcmE6brkuhQ5CbKVrBaI0qQlJeu2OMDURGnrasD8rmpvv5laeWwGqj
3iI6R6ZMZyq33e9/8pPRklx1+1Asjf0jUG5B
-----END CERTIFICATE-----
Generated at Wed Jun 12 14:31:35 2024 by rpki-client on console-ams.rpki-client.org