Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/MpdpaVWs3ZGH6fjkSIft-Q8wLyQ.roa
File: MpdpaVWs3ZGH6fjkSIft-Q8wLyQ.roa (raw, json)
Hash identifier: Ftu6S77tQkK8ro0bpJyA94WEW5z2rX1hQZ5nqzOfhWs=
Subject key identifier: 32:97:69:69:55:AC:DD:91:87:E9:F8:E4:48:87:ED:F9:0F:30:2F:24
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802DF4733BFD37DC11254AD5F675C3A
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/MpdpaVWs3ZGH6fjkSIft-Q8wLyQ.roa
Signing time: Tue 02 Jan 2024 02:31:20 +0000
ROA not before: Tue 02 Jan 2024 02:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 192.36.247.0/24 maxlen: 24
193.234.120.0/22 maxlen: 24
192.71.255.0/24 maxlen: 24
192.71.254.0/23 maxlen: 23
193.182.113.0/24 maxlen: 24
192.71.84.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:df:47:33:bf:d3:7d:c1:12:54:ad:5f:67:5c:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3297696955acdd9187e9f8e44887edf90f302f24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:38:c5:6c:45:ef:c8:a6:f2:4c:0c:54:22:45:
46:31:21:28:63:a4:c3:ad:ea:ba:d0:b7:b8:34:5b:
81:c8:42:e8:ed:03:3e:91:ca:39:06:44:b0:04:9e:
95:dd:af:f0:b5:8e:a5:d2:6d:8f:8a:7e:0b:cf:e7:
39:6d:0c:e9:ef:87:1f:94:02:c7:6b:96:93:d2:79:
b9:fe:16:86:76:d7:7b:c1:e2:b9:2a:2b:43:c4:3f:
30:e0:a2:e4:cc:44:f5:6c:75:68:d1:37:3d:c4:b8:
6f:a7:0b:29:d8:64:d2:9f:7e:57:a4:e4:8c:9a:ab:
fa:3f:87:db:91:d1:3b:40:5e:58:82:4b:3a:ad:68:
c2:1b:cf:52:b9:fb:6d:40:78:84:e4:e2:8f:49:45:
26:2d:3f:c7:5f:c0:c4:c9:b5:2a:31:8e:84:94:0e:
2f:46:aa:85:6c:59:27:4d:7c:f6:ac:40:0a:40:20:
08:eb:e7:fc:84:f6:be:65:2e:a5:de:7b:55:ff:89:
09:fb:f2:db:8c:76:bc:6e:de:0c:c1:b4:37:f0:b7:
24:63:26:e0:e2:58:3b:85:b9:81:dd:c1:ad:1f:d6:
1e:ea:64:f0:2c:ae:8f:6c:36:af:6f:34:06:55:ed:
de:11:18:af:34:7d:b4:35:29:da:19:f5:20:ac:74:
40:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:97:69:69:55:AC:DD:91:87:E9:F8:E4:48:87:ED:F9:0F:30:2F:24
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/MpdpaVWs3ZGH6fjkSIft-Q8wLyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.247.0/24
192.71.84.0/24
192.71.254.0/23
193.182.113.0/24
193.234.120.0/22
Signature Algorithm: sha256WithRSAEncryption
46:d4:93:6e:62:48:28:35:44:53:d4:ca:50:b3:ba:92:16:8b:
77:ae:1f:4d:92:9f:a6:f2:d4:13:45:1e:5c:ec:5e:74:a4:3f:
84:26:47:54:2b:c1:99:3b:54:98:37:3f:cc:dd:0c:f2:9e:00:
99:7d:7c:da:ff:5b:22:f3:8c:85:34:73:91:df:7b:e8:05:c1:
cd:ab:cf:3d:de:ec:0b:87:e3:13:b2:d8:1b:68:a7:08:d7:a4:
db:ec:c5:3f:43:8b:9f:19:20:f3:98:f4:9f:90:e3:9c:2c:24:
0a:b1:26:94:5f:72:af:e8:c9:6a:6b:f3:45:fb:52:af:61:66:
5c:1c:9c:b0:6b:be:6a:75:80:73:77:e1:9d:0c:90:0a:ef:7d:
ea:15:c6:51:6b:0c:a4:e2:6e:62:68:09:9e:fe:a0:56:a6:6f:
3e:83:fb:b6:23:55:3f:14:ac:5c:38:4e:e2:aa:a8:7c:b4:12:
a1:d7:a0:e2:d5:63:4c:40:f1:98:8b:b4:ab:0e:32:dd:f1:18:
3a:08:28:08:85:3b:cc:11:e9:f3:64:50:fd:29:3b:87:02:80:
fe:8f:a6:53:7a:ac:b0:c6:64:2f:f7:da:6f:65:81:d6:b3:a1:
b2:14:16:2e:a6:fb:63:ea:f1:ed:2b:bd:2c:9f:53:14:35:a9:
6d:0f:af:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIAt9HM7/TfcESVK1fZ1w6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjk3Njk2OTU1YWNkZDkxODdlOWY4ZTQ0ODg3ZWRmOTBmMzAyZjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzjFbEXvyKbyTAxUIkVGMSEoY6TD
req60Le4NFuByELo7QM+kco5BkSwBJ6V3a/wtY6l0m2Pin4Lz+c5bQzp74cflALH
a5aT0nm5/haGdtd7weK5KitDxD8w4KLkzET1bHVo0Tc9xLhvpwsp2GTSn35XpOSM
mqv6P4fbkdE7QF5Ygks6rWjCG89SufttQHiE5OKPSUUmLT/HX8DEybUqMY6ElA4v
RqqFbFknTXz2rEAKQCAI6+f8hPa+ZS6l3ntV/4kJ+/LbjHa8bt4MwbQ38LckYybg
4lg7hbmB3cGtH9Ye6mTwLK6PbDavbzQGVe3eERivNH20NSnaGfUgrHRArwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDKXaWlVrN2Rh+n45EiH7fkPMC8kMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvTXBkcGFWV3MzWkdINmZqa1NJZnQtUTh3THlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwCT3AwQA
wEdUAwQBwEf+AwQAwbZxAwQCwep4MA0GCSqGSIb3DQEBCwUAA4IBAQBG1JNuYkgo
NURT1MpQs7qSFot3rh9Nkp+m8tQTRR5c7F50pD+EJkdUK8GZO1SYNz/M3QzyngCZ
fXza/1si84yFNHOR33voBcHNq8893uwLh+MTstgbaKcI16Tb7MU/Q4ufGSDzmPSf
kOOcLCQKsSaUX3Kv6Mlqa/NF+1KvYWZcHJywa75qdYBzd+GdDJAK733qFcZRawyk
4m5iaAme/qBWpm8+g/u2I1U/FKxcOE7iqqh8tBKh16Di1WNMQPGYi7SrDjLd8Rg6
CCgIhTvMEenzZFD9KTuHAoD+j6ZTeqywxmQv99pvZYHWs6GyFBYupvtj6vHtK70s
n1MUNaltD68t
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:23 2025 by rpki-client