Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MpvLggIkY3o22shlHKr7V7I7gn0.roa
File: MpvLggIkY3o22shlHKr7V7I7gn0.roa (raw, json)
Hash identifier: et0gZpw3LsMINY2V4X9bvS5GZiprgqcwIdbiA0FLlC4=
Subject key identifier: 32:9B:CB:82:02:24:63:7A:36:DA:C8:65:1C:AA:FB:57:B2:3B:82:7D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422201D23765B25D095470D73B68E87A3
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MpvLggIkY3o22shlHKr7V7I7gn0.roa
Signing time: Wed 01 Jan 2025 13:48:37 +0000
ROA not before: Wed 01 Jan 2025 13:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29066
IP address blocks: 185.194.178.0/24 maxlen: 24
185.255.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1d:23:76:5b:25:d0:95:47:0d:73:b6:8e:87:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=329bcb820224637a36dac8651caafb57b23b827d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:96:5d:8d:39:07:25:df:57:08:9d:17:ed:af:
e6:61:8d:f8:f4:36:3d:70:f4:ee:bb:60:a0:da:98:
c4:cd:aa:6f:74:a9:b6:2a:d8:53:e0:e3:c5:76:25:
da:65:ac:33:d2:91:e1:7f:53:d9:c0:bf:be:90:09:
48:da:9f:69:1a:f2:a0:57:64:49:17:2c:ba:fd:fe:
be:43:a6:63:62:c5:e2:fb:c6:14:30:a8:d4:51:af:
44:c5:6c:fb:2f:4b:bf:0b:92:6d:81:bb:f8:4d:6a:
27:29:f3:dc:03:61:dd:6c:47:39:10:a2:8a:c7:a4:
59:b8:fc:08:f9:38:e5:02:eb:0a:32:63:68:12:81:
13:54:95:51:15:19:50:6e:6f:d9:ff:a2:fc:90:ee:
dd:9e:5f:69:3a:a8:53:3a:5b:ff:77:96:79:5a:f8:
ca:17:de:0a:5d:b6:29:0d:3c:29:cf:40:97:38:b5:
56:24:80:2a:04:b3:93:dd:a5:32:e6:13:34:b6:55:
6c:0a:eb:8e:17:09:82:10:ee:59:53:10:3d:33:2c:
24:56:a7:e7:3a:e6:eb:f4:6a:0d:9b:c5:f5:81:a0:
8a:ee:6a:95:b2:cd:e1:92:24:a2:75:8a:ac:f2:6e:
1c:2d:54:d8:6b:07:28:30:6d:0f:c9:77:72:2d:51:
17:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:9B:CB:82:02:24:63:7A:36:DA:C8:65:1C:AA:FB:57:B2:3B:82:7D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MpvLggIkY3o22shlHKr7V7I7gn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.178.0/24
185.255.126.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:f5:05:fa:94:78:80:d1:6b:3d:9f:8e:5b:69:da:05:b5:8d:
c2:be:72:81:78:b2:40:91:37:c3:9d:bc:cb:d2:ef:cd:aa:24:
52:2d:e7:50:8c:98:ab:03:9a:bb:ec:27:d8:b4:8f:40:84:f3:
34:a6:89:2b:5d:79:c9:1b:d5:cc:81:4c:29:7b:ce:5e:7b:b2:
b5:59:0c:2b:ac:53:97:01:99:94:3c:7e:52:bc:8e:27:7b:95:
6e:1e:3f:c5:14:7f:dd:8f:1b:de:be:e0:f6:04:a2:80:a9:20:
f8:de:3b:8b:e8:29:cf:6f:f5:11:2b:42:33:bd:ac:af:df:bb:
e5:c7:b6:f8:7c:46:2c:63:be:5e:fe:2d:1d:f3:ca:75:8d:b5:
96:bf:52:d1:f3:08:1f:12:ab:57:d4:47:d6:64:9d:76:36:43:
9f:67:07:ce:48:03:77:81:fc:66:b0:46:b5:10:45:ab:2f:94:
55:02:ed:8a:1f:33:b3:d5:f7:2a:40:be:04:25:82:4e:31:3b:
0a:03:f0:75:58:62:e3:db:4a:3f:82:13:71:5e:a9:3f:e5:61:
01:aa:1f:36:32:53:fa:a3:cd:a6:e0:bf:c2:df:b1:7e:e9:41:
dd:04:69:8d:53:b9:4b:9a:69:42:8a:7b:13:7f:0c:a7:b5:11:
7e:8e:2b:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiIB0jdlsl0JVHDXO2joejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjliY2I4MjAyMjQ2MzdhMzZkYWM4NjUxY2FhZmI1N2IyM2I4MjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75ZdjTkHJd9XCJ0X7a/mYY349DY9
cPTuu2Cg2pjEzapvdKm2KthT4OPFdiXaZawz0pHhf1PZwL++kAlI2p9pGvKgV2RJ
Fyy6/f6+Q6ZjYsXi+8YUMKjUUa9ExWz7L0u/C5Jtgbv4TWonKfPcA2HdbEc5EKKK
x6RZuPwI+TjlAusKMmNoEoETVJVRFRlQbm/Z/6L8kO7dnl9pOqhTOlv/d5Z5WvjK
F94KXbYpDTwpz0CXOLVWJIAqBLOT3aUy5hM0tlVsCuuOFwmCEO5ZUxA9MywkVqfn
Oubr9GoNm8X1gaCK7mqVss3hkiSidYqs8m4cLVTYawcoMG0PyXdyLVEXHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDKby4ICJGN6NtrIZRyq+1eyO4J9MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTXB2TGdnSWtZM28yMnNobEhLcjdWN0k3Z24wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucKyAwQA
uf9+MA0GCSqGSIb3DQEBCwUAA4IBAQC49QX6lHiA0Ws9n45badoFtY3CvnKBeLJA
kTfDnbzL0u/NqiRSLedQjJirA5q77CfYtI9AhPM0pokrXXnJG9XMgUwpe85ee7K1
WQwrrFOXAZmUPH5SvI4ne5VuHj/FFH/djxvevuD2BKKAqSD43juL6CnPb/URK0Iz
vayv37vlx7b4fEYsY75e/i0d88p1jbWWv1LR8wgfEqtX1EfWZJ12NkOfZwfOSAN3
gfxmsEa1EEWrL5RVAu2KHzOz1fcqQL4EJYJOMTsKA/B1WGLj20o/ghNxXqk/5WEB
qh82MlP6o82m4L/C37F+6UHdBGmNU7lLmmlCinsTfwyntRF+jitO
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:30:56 2025 by rpki-client