Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mJdTmL_pgVA5J7NmiymL9UA4ne8.roa
File: mJdTmL_pgVA5J7NmiymL9UA4ne8.roa (raw, json)
Hash identifier: uH2rZsdSKqZLQKN+0iU5ot+vKQcuFdwF6geYY5i+Q38=
Subject key identifier: 98:97:53:98:BF:E9:81:50:39:27:B3:66:8B:29:8B:F5:40:38:9D:EF
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274854814FB23FFCB1FBB9BE5FE013FF
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mJdTmL_pgVA5J7NmiymL9UA4ne8.roa
Signing time: Thu 02 Jan 2025 13:50:39 +0000
ROA not before: Thu 02 Jan 2025 13:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42649
IP address blocks: 192.165.127.0/24 maxlen: 24
192.165.138.0/23 maxlen: 24
193.180.20.0/24 maxlen: 24
193.180.121.0/24 maxlen: 24
193.183.239.0/24 maxlen: 24
193.234.83.0/24 maxlen: 24
193.234.86.0/24 maxlen: 24
193.234.255.0/24 maxlen: 24
193.235.73.0/24 maxlen: 24
193.235.130.0/24 maxlen: 24
194.68.43.0/24 maxlen: 24
194.68.159.0/24 maxlen: 24
194.68.160.0/24 maxlen: 24
194.103.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:54:81:4f:b2:3f:fc:b1:fb:b9:be:5f:e0:13:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98975398bfe981503927b3668b298bf540389def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:07:c4:ad:f6:f5:a1:82:e8:3a:dd:c3:41:26:
03:89:88:06:02:85:d7:58:fb:ae:18:c7:e7:07:f4:
e0:3c:41:0f:4f:34:67:bb:cc:ea:a5:28:a4:23:e4:
d0:e3:92:49:cb:74:5c:f4:88:cf:94:60:83:4d:5e:
fe:f3:c0:5a:65:b6:c0:dd:94:dc:61:37:1a:5a:12:
84:37:10:7f:94:e5:3b:1f:2f:70:70:16:5c:23:b0:
b5:8f:15:80:83:c4:e5:4b:2b:b9:18:2b:77:f8:a7:
9d:88:19:8d:8f:13:21:5d:7f:9b:5f:18:8d:5c:bf:
20:e0:dc:70:a8:3b:aa:98:f3:74:87:ac:aa:18:b9:
a5:c6:ae:9e:97:47:2d:54:1e:ce:0c:19:46:1f:0e:
88:a4:1b:f5:14:d6:70:d0:8a:e7:b5:ea:28:26:56:
51:75:a9:cd:f3:55:71:a2:18:d9:db:0c:d0:ae:64:
8e:96:7d:89:47:c1:0c:ab:2c:eb:41:25:ba:a8:72:
1a:51:39:f6:84:d5:89:7e:32:c2:8a:02:ce:78:cd:
43:7f:29:3e:7b:9e:42:e2:a5:ef:08:28:87:e9:db:
4a:45:61:e5:2a:c5:d0:bc:0e:b8:25:c4:aa:5c:4f:
18:9c:b5:8b:ae:cd:67:99:93:2a:95:20:d1:aa:ee:
bc:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:97:53:98:BF:E9:81:50:39:27:B3:66:8B:29:8B:F5:40:38:9D:EF
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mJdTmL_pgVA5J7NmiymL9UA4ne8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.127.0/24
192.165.138.0/23
193.180.20.0/24
193.180.121.0/24
193.183.239.0/24
193.234.83.0/24
193.234.86.0/24
193.234.255.0/24
193.235.73.0/24
193.235.130.0/24
194.68.43.0/24
194.68.159.0-194.68.160.255
194.103.4.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:65:79:de:2b:63:42:fc:88:16:55:6c:22:64:a4:cc:a4:4c:
7a:61:a8:58:d8:26:86:d7:27:22:03:ea:30:f6:c4:9d:07:82:
f0:01:8d:4d:9b:ad:99:fa:30:d8:06:d1:e3:57:fb:58:58:20:
ca:a0:9d:a0:6b:fa:46:07:ee:30:6b:2a:0c:45:2f:0b:de:fc:
8d:c4:a5:bb:da:6c:8b:05:fc:d3:c2:06:03:c2:e7:54:37:76:
20:84:0a:0b:ca:98:ff:b1:43:10:a6:89:a7:a4:85:cc:f7:48:
91:76:07:8b:5e:bd:f8:2a:56:66:6e:83:8b:7e:47:b8:6b:ac:
4c:ba:b9:a1:29:88:bb:5a:16:cf:6b:9a:3e:5a:04:5e:e6:ed:
c7:e4:87:67:43:6e:ae:79:e6:65:28:a0:a2:9d:0a:ab:69:74:
30:fe:f2:82:46:82:92:d5:dd:19:ab:f7:cf:f7:b1:5a:46:6e:
1c:5c:c3:33:c7:44:42:65:b3:ea:74:e0:a3:f0:db:28:3a:a4:
72:69:65:53:3e:94:79:e4:00:83:8d:b0:a9:c0:b2:0e:7a:b2:
63:1c:c5:32:ab:29:ae:22:17:43:fe:d8:af:b4:18:28:93:d0:
79:4a:6d:1f:c9:90:d6:b3:22:2d:e8:d3:5c:06:8d:b1:36:7e:
66:4a:9b:10
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZQnSFSBT7I//LH7ub5f4BP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODk3NTM5OGJmZTk4MTUwMzkyN2IzNjY4YjI5OGJmNTQwMzg5ZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgfErfb1oYLoOt3DQSYDiYgGAoXX
WPuuGMfnB/TgPEEPTzRnu8zqpSikI+TQ45JJy3Rc9IjPlGCDTV7+88BaZbbA3ZTc
YTcaWhKENxB/lOU7Hy9wcBZcI7C1jxWAg8TlSyu5GCt3+KediBmNjxMhXX+bXxiN
XL8g4NxwqDuqmPN0h6yqGLmlxq6el0ctVB7ODBlGHw6IpBv1FNZw0IrnteooJlZR
danN81VxohjZ2wzQrmSOln2JR8EMqyzrQSW6qHIaUTn2hNWJfjLCigLOeM1Dfyk+
e55C4qXvCCiH6dtKRWHlKsXQvA64JcSqXE8YnLWLrs1nmZMqlSDRqu68jwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFJiXU5i/6YFQOSezZospi/VAOJ3vMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbUpkVG1MX3BnVkE1SjdObWl5bUw5VUE0bmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAwKV/AwQB
wKWKAwQAwbQUAwQAwbR5AwQAwbfvAwQAwepTAwQAwepWAwQAwer/AwQAwetJAwQA
weuCAwQAwkQrMAwDBADCRJ8DBADCRKADBADCZwQwDQYJKoZIhvcNAQELBQADggEB
AKxled4rY0L8iBZVbCJkpMykTHphqFjYJobXJyID6jD2xJ0HgvABjU2brZn6MNgG
0eNX+1hYIMqgnaBr+kYH7jBrKgxFLwve/I3EpbvabIsF/NPCBgPC51Q3diCECgvK
mP+xQxCmiaekhcz3SJF2B4tevfgqVmZug4t+R7hrrEy6uaEpiLtaFs9rmj5aBF7m
7cfkh2dDbq555mUooKKdCqtpdDD+8oJGgpLV3Rmr98/3sVpGbhxcwzPHREJls+p0
4KPw2yg6pHJpZVM+lHnkAIONsKnAsg56smMcxTKrKa4iF0P+2K+0GCiT0HlKbR/J
kNazIi3o01wGjbE2fmZKmxA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:55 2025 by rpki-client