Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/MBZrilE487oCWcA4zm2jQJVoaU4.roa
File: MBZrilE487oCWcA4zm2jQJVoaU4.roa (raw, json)
Hash identifier: ccTHOmaaVJHpnPGUQQXOscAWpwmKeVUGF0dbAIz1hcA=
Subject key identifier: 30:16:6B:8A:51:38:F3:BA:02:59:C0:38:CE:6D:A3:40:95:68:69:4E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942748703AC068216502385F88A812A16F
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/MBZrilE487oCWcA4zm2jQJVoaU4.roa
Signing time: Thu 02 Jan 2025 13:50:46 +0000
ROA not before: Thu 02 Jan 2025 13:50:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202780
IP address blocks: 192.165.130.0/24 maxlen: 24
192.165.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:70:3a:c0:68:21:65:02:38:5f:88:a8:12:a1:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30166b8a5138f3ba0259c038ce6da3409568694e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:87:66:ce:99:bc:35:6e:17:e7:38:9c:d6:7f:
0b:f5:b8:a7:2d:3d:38:0f:51:b6:e5:ea:99:f9:08:
31:9a:f5:3a:94:7f:11:c9:f1:fa:6a:87:92:7b:f6:
f0:ea:a5:2b:ba:53:09:26:3a:7c:fa:2b:5a:5a:1a:
60:55:6e:82:09:9d:f4:97:e0:b8:d9:07:6c:60:1e:
dc:76:ef:db:e4:cc:0d:eb:0f:e1:9b:0f:34:67:24:
a5:27:ca:67:5f:ff:25:02:1a:31:45:ae:8c:1c:34:
78:6b:ec:54:32:2b:e9:72:b3:e0:27:13:e7:93:36:
2b:ae:c0:29:2c:16:6f:ea:bd:a9:c3:12:e6:a8:ba:
3a:c8:a1:16:88:32:f5:81:05:c3:85:4d:83:30:3a:
7c:28:7b:d8:99:3d:41:c9:94:c9:f5:d8:dd:52:cf:
76:b9:59:fe:b3:ba:b8:37:f0:08:76:85:7b:e8:31:
e4:51:81:8a:fc:37:50:56:f0:7b:c6:5e:ca:f4:66:
0b:de:2d:d4:c2:53:74:a3:88:59:3f:8f:31:cc:68:
52:4b:42:d7:ff:7e:cd:47:21:38:82:c5:d4:80:36:
ef:19:4e:b9:5d:ca:0e:33:af:1a:14:99:55:79:a4:
37:a7:c7:ff:18:95:5a:e3:c7:17:95:1a:b0:73:83:
8c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:16:6B:8A:51:38:F3:BA:02:59:C0:38:CE:6D:A3:40:95:68:69:4E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/MBZrilE487oCWcA4zm2jQJVoaU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.130.0/24
192.165.133.0/24
Signature Algorithm: sha256WithRSAEncryption
44:a9:ee:e4:00:b0:bf:6b:a0:80:76:c3:27:b0:eb:c1:bb:e7:
1a:7e:84:c0:ee:80:cd:bd:74:75:e8:9f:78:06:da:a4:20:09:
93:41:84:8c:5d:3c:6f:ae:37:f3:dd:ff:7f:f2:d2:22:92:d8:
6b:2b:1b:81:fe:03:e4:43:6d:ac:58:9b:d3:73:25:b2:62:57:
47:e5:b7:20:37:02:31:f3:0f:ac:a4:b2:db:37:bb:2f:74:52:
53:dd:db:2e:fe:89:13:6f:ea:f3:5c:8c:26:6c:e3:23:fe:f8:
00:1f:a4:ef:91:1d:67:35:65:06:84:53:ac:85:f0:38:25:c5:
cd:03:26:9b:e0:aa:0c:56:22:3b:16:17:54:e4:34:33:12:12:
b0:c9:1d:9a:26:5a:2c:b4:b7:90:c7:d1:bd:48:76:8d:cb:b2:
9d:63:81:96:61:97:61:5f:26:ee:e7:10:99:e4:59:6b:05:4b:
5f:e7:93:55:16:59:31:62:39:f5:8a:73:03:4d:3d:57:e8:70:
55:f5:3f:3a:04:de:a5:c0:9a:2d:ec:0a:c3:80:1b:47:64:32:
14:b2:f2:24:c0:75:12:62:0e:99:c7:f6:6a:f2:fe:90:d0:33:
0a:c5:83:41:ba:39:e1:7d:a9:dc:2a:63:d7:0b:45:18:ff:da:
b7:f0:be:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSHA6wGghZQI4X4ioEqFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDE2NmI4YTUxMzhmM2JhMDI1OWMwMzhjZTZkYTM0MDk1Njg2OTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ydmzpm8NW4X5zic1n8L9binLT04
D1G25eqZ+QgxmvU6lH8RyfH6aoeSe/bw6qUrulMJJjp8+itaWhpgVW6CCZ30l+C4
2QdsYB7cdu/b5MwN6w/hmw80ZySlJ8pnX/8lAhoxRa6MHDR4a+xUMivpcrPgJxPn
kzYrrsApLBZv6r2pwxLmqLo6yKEWiDL1gQXDhU2DMDp8KHvYmT1ByZTJ9djdUs92
uVn+s7q4N/AIdoV76DHkUYGK/DdQVvB7xl7K9GYL3i3UwlN0o4hZP48xzGhSS0LX
/37NRyE4gsXUgDbvGU65XcoOM68aFJlVeaQ3p8f/GJVa48cXlRqwc4OMwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDAWa4pROPO6AlnAOM5to0CVaGlOMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvTUJacmlsRTQ4N29DV2NBNHptMmpRSlZvYVU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwKWCAwQA
wKWFMA0GCSqGSIb3DQEBCwUAA4IBAQBEqe7kALC/a6CAdsMnsOvBu+cafoTA7oDN
vXR16J94BtqkIAmTQYSMXTxvrjfz3f9/8tIikthrKxuB/gPkQ22sWJvTcyWyYldH
5bcgNwIx8w+spLLbN7svdFJT3dsu/okTb+rzXIwmbOMj/vgAH6TvkR1nNWUGhFOs
hfA4JcXNAyab4KoMViI7FhdU5DQzEhKwyR2aJlostLeQx9G9SHaNy7KdY4GWYZdh
Xybu5xCZ5FlrBUtf55NVFlkxYjn1inMDTT1X6HBV9T86BN6lwJot7ArDgBtHZDIU
svIkwHUSYg6Zx/Zq8v6Q0DMKxYNBujnhfancKmPXC0UY/9q38L5e
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:59 2025 by rpki-client