Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/MC0YTSTspgLYv8LfMUn8MDX_URM.roa
File: MC0YTSTspgLYv8LfMUn8MDX_URM.roa (raw, json)
Hash identifier: j3Q3xYahwZqNIF1mSzZVWgeiJjkX7K14McBIYWHUd0M=
Subject key identifier: 30:2D:18:4D:24:EC:A6:02:D8:BF:C2:DF:31:49:FC:30:35:FF:51:13
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 0189FB467EC1B5A7CB4FA44DE0D19F2130EE
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/MC0YTSTspgLYv8LfMUn8MDX_URM.roa
Signing time: Tue 15 Aug 2023 22:17:28 +0000
ROA not before: Tue 15 Aug 2023 22:17:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13213
IP address blocks: 176.67.160.0/20 maxlen: 24
185.7.224.0/22 maxlen: 24
176.67.169.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
109.123.64.0/18 maxlen: 24
83.170.64.0/18 maxlen: 24
82.163.72.0/21 maxlen: 24
88.202.224.0/21 maxlen: 24
77.92.64.0/19 maxlen: 24
31.24.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
46.23.64.0/20 maxlen: 24
46.23.74.0/24 maxlen: 24
88.202.176.0/20 maxlen: 24
2a02:2498:8000::/40 maxlen: 40
2a02:2498::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fb:46:7e:c1:b5:a7:cb:4f:a4:4d:e0:d1:9f:21:30:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Aug 15 22:17:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=302d184d24eca602d8bfc2df3149fc3035ff5113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:36:ba:2f:f8:16:f4:f7:b8:c3:be:b9:df:9c:
18:4b:58:93:55:d6:b9:0c:52:3d:45:f2:73:24:8a:
a3:4d:cf:ee:16:05:ea:7e:36:1b:5a:50:64:5b:74:
6e:e8:9a:0b:05:fd:6e:73:15:8c:07:5e:98:7d:fd:
d9:b9:cc:0a:53:d2:cb:fc:f6:3b:e9:42:78:f7:09:
2d:78:6f:2d:8e:df:1c:6f:00:c9:66:ad:98:66:35:
72:b5:1e:1a:9e:2c:ae:78:c4:e2:11:d1:dc:f9:f6:
12:e5:8b:5e:d2:6d:4d:cc:90:46:d7:b4:8e:bb:ea:
45:b3:49:07:cd:37:33:ec:49:53:24:65:eb:41:e4:
6c:d8:21:67:1f:2f:7f:76:b7:5e:4f:f0:57:f9:d4:
3b:39:36:1d:28:62:7e:1d:aa:70:05:2f:9f:45:12:
f2:c8:ae:d7:d6:13:db:c1:96:4c:05:0a:81:1e:f5:
f5:79:62:b4:b3:e3:7d:f4:62:77:81:14:05:3e:9b:
86:bb:04:5a:fc:7e:58:1e:f2:5b:9f:16:1e:89:8b:
e5:93:71:ca:47:31:ce:bf:75:5a:0a:1b:46:0a:c7:
1b:87:c0:f4:c4:b9:7f:72:cf:4b:8a:9d:a8:f3:ff:
de:6c:ee:30:f2:49:d7:6c:8e:5f:b0:8a:24:71:73:
b2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2D:18:4D:24:EC:A6:02:D8:BF:C2:DF:31:49:FC:30:35:FF:51:13
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/MC0YTSTspgLYv8LfMUn8MDX_URM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/20
185.7.224.0/22
IPv6:
2a02:2498::/32
Signature Algorithm: sha256WithRSAEncryption
4a:f8:c3:bb:70:36:6e:4a:7a:77:21:0c:9f:8a:e8:e8:88:56:
a6:dd:de:f8:a6:0d:52:d8:7e:f2:a3:d7:05:10:83:4f:3d:aa:
52:3c:8d:48:58:06:c1:bf:52:e5:85:ef:df:d9:36:7b:fb:31:
ef:d6:a2:9d:06:d1:38:00:97:13:44:36:bd:eb:ef:40:77:ff:
f4:c6:61:bc:c8:50:dc:e1:12:1e:ee:df:76:e1:65:d0:c5:a8:
72:3d:14:26:fa:e2:21:26:54:cf:5d:af:33:46:3c:61:6e:2c:
28:52:e0:40:28:b8:4d:c0:45:97:98:a9:1d:ea:e3:0e:db:a2:
a8:90:24:14:81:c8:93:4d:67:75:1e:ef:31:5b:2e:85:1c:e6:
a2:7f:4e:55:ed:7b:cb:e0:49:f7:cd:70:11:a3:4b:05:aa:b9:
91:ae:1f:99:5f:b2:a7:60:56:a5:eb:ee:03:ef:50:f4:58:ca:
77:d5:a7:2f:0f:b7:de:0c:4f:70:1e:55:75:9e:8a:69:72:bd:
46:30:4b:83:17:63:f0:8d:f6:9f:6b:8a:79:c8:34:08:50:60:
9a:90:b3:c9:17:55:10:cd:b2:93:6b:56:f0:2e:6f:13:d1:4f:
b7:8d:2a:fc:0e:90:a8:e7:2c:41:27:dc:b4:8e:9d:df:48:38:
c7:8f:36:cd
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYn7Rn7BtafLT6RN4NGfITDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjMwODE1MjIxNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDJkMTg0ZDI0ZWNhNjAyZDhiZmMyZGYzMTQ5ZmMzMDM1ZmY1MTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDa6L/gW9Pe4w76535wYS1iTVda5
DFI9RfJzJIqjTc/uFgXqfjYbWlBkW3Ru6JoLBf1ucxWMB16Yff3ZucwKU9LL/PY7
6UJ49wkteG8tjt8cbwDJZq2YZjVytR4aniyueMTiEdHc+fYS5Yte0m1NzJBG17SO
u+pFs0kHzTcz7ElTJGXrQeRs2CFnHy9/drdeT/BX+dQ7OTYdKGJ+HapwBS+fRRLy
yK7X1hPbwZZMBQqBHvX1eWK0s+N99GJ3gRQFPpuGuwRa/H5YHvJbnxYeiYvlk3HK
RzHOv3VaChtGCscbh8D0xLl/cs9Lip2o8//ebO4w8knXbI5fsIokcXOyvwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFDAtGE0k7KYC2L/C3zFJ/DA1/1ETMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvTUMwWVRTVHNwZ0xZdjhMZk1VbjhNRFhfVVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDHxjgAwQD
JXtwAwQELhdAAwQFTVxAAwQDUqNIAwQGU6pAAwQEWMqwAwQDWMrgAwQDW23wAwQG
bXtAAwQEsEOgAwQCuQfgMA0EAgACMAcDBQAqAiSYMA0GCSqGSIb3DQEBCwUAA4IB
AQBK+MO7cDZuSnp3IQyfiujoiFam3d74pg1S2H7yo9cFEINPPapSPI1IWAbBv1Ll
he/f2TZ7+zHv1qKdBtE4AJcTRDa96+9Ad//0xmG8yFDc4RIe7t924WXQxahyPRQm
+uIhJlTPXa8zRjxhbiwoUuBAKLhNwEWXmKkd6uMO26KokCQUgciTTWd1Hu8xWy6F
HOaif05V7XvL4En3zXARo0sFqrmRrh+ZX7KnYFal6+4D71D0WMp31acvD7feDE9w
HlV1noppcr1GMEuDF2Pwjfafa4p5yDQIUGCakLPJF1UQzbKTa1bwLm8T0U+3jSr8
DpCo5yxBJ9y0jp3fSDjHjzbN
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:03:51 2025 by rpki-client