Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/mt-PyfiXYcQcKgR1e8Hsx5c4PoM.roa
File: mt-PyfiXYcQcKgR1e8Hsx5c4PoM.roa (raw, json)
Hash identifier: LeF0Pn1F55UIMk8YIasYk9VsWh941JF4CLigZGdvfv8=
Subject key identifier: 9A:DF:8F:C9:F8:97:61:C4:1C:2A:04:75:7B:C1:EC:C7:97:38:3E:83
Certificate issuer: /CN=bbc55fb24ad556e04202651f6d5a8b27d5bedf97
Certificate serial: 019426D9D9A9EB1B64B431A280E9A3BCFD31
Authority key identifier: BB:C5:5F:B2:4A:D5:56:E0:42:02:65:1F:6D:5A:8B:27:D5:BE:DF:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u8VfskrVVuBCAmUfbVqLJ9W-35c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/mt-PyfiXYcQcKgR1e8Hsx5c4PoM.roa
Signing time: Thu 02 Jan 2025 11:49:58 +0000
ROA not before: Thu 02 Jan 2025 11:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213319
IP address blocks: 185.168.228.0/22 maxlen: 24
2a0b:f080::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d9:a9:eb:1b:64:b4:31:a2:80:e9:a3:bc:fd:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbc55fb24ad556e04202651f6d5a8b27d5bedf97
Validity
Not Before: Jan 2 11:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9adf8fc9f89761c41c2a04757bc1ecc797383e83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:34:f9:71:9c:8e:b2:b7:a2:7c:54:a0:38:bc:
b4:d9:bc:67:7b:dc:e6:17:32:5d:9e:b3:ad:5d:32:
61:ed:e7:c4:3e:f9:c9:77:e8:77:62:5c:b6:02:c9:
22:1b:16:c2:6c:b0:ec:f9:39:d6:bf:aa:86:66:14:
a2:5c:f3:e3:0e:d0:ab:f6:90:1f:3f:f7:d0:dd:0a:
da:16:90:7e:a7:92:00:b8:76:3c:49:b6:eb:fa:ab:
73:03:3a:3d:3d:5a:d0:45:3e:6e:95:36:73:22:03:
70:f5:9b:cf:1e:e4:c8:0f:f1:18:20:ab:23:2d:3b:
68:9a:bf:02:22:c2:e6:39:d0:3c:92:ca:18:5a:0c:
a8:b9:09:48:05:20:26:c9:fc:41:61:9f:9a:82:34:
20:b8:1c:f3:15:da:ce:aa:99:0d:21:a7:71:e2:62:
11:db:cf:81:4c:cf:12:12:fc:0b:a1:46:de:55:1a:
56:1e:15:ab:76:74:14:9a:9f:cb:f1:37:ec:05:28:
58:be:18:a9:71:c5:0c:18:3d:81:f7:6a:e1:3e:a0:
99:ed:15:60:5d:1e:09:66:71:c6:2d:e3:f4:fd:59:
02:d4:24:ec:5f:28:40:7d:89:8e:24:dd:73:c4:10:
1b:b3:40:b8:a2:46:3b:ee:5c:08:0d:27:9a:49:02:
92:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:DF:8F:C9:F8:97:61:C4:1C:2A:04:75:7B:C1:EC:C7:97:38:3E:83
X509v3 Authority Key Identifier:
keyid:BB:C5:5F:B2:4A:D5:56:E0:42:02:65:1F:6D:5A:8B:27:D5:BE:DF:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8VfskrVVuBCAmUfbVqLJ9W-35c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/mt-PyfiXYcQcKgR1e8Hsx5c4PoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/u8VfskrVVuBCAmUfbVqLJ9W-35c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.228.0/22
IPv6:
2a0b:f080::/32
Signature Algorithm: sha256WithRSAEncryption
12:52:69:47:63:d2:ce:9c:86:c7:6f:fc:61:76:ac:ef:00:0d:
e1:e5:5c:11:16:9b:74:50:86:b7:32:43:a5:47:75:67:84:85:
27:2c:ba:21:c3:50:32:6d:47:10:f3:78:56:fc:02:20:8d:45:
6c:a8:71:b7:34:25:3d:0c:c4:b1:1b:71:0f:72:83:85:34:6d:
d2:cb:5c:87:b9:a8:3d:1b:ed:72:84:8b:0e:2a:1e:fe:89:b6:
3b:bc:a2:85:40:a1:bc:f3:87:31:4b:da:1d:91:25:9c:aa:64:
d3:62:d9:cf:09:9b:02:dc:fb:eb:69:2c:57:d2:df:ab:1c:0b:
e0:ac:a2:6c:1b:a6:bc:32:47:f6:bc:16:29:c5:1a:17:89:c0:
f6:ca:7f:28:a8:46:98:e4:2d:bb:fb:b0:4d:af:c6:ba:ba:d8:
d6:f4:58:00:85:24:6b:fe:d3:37:bc:86:cd:f0:af:7a:0a:76:
96:d7:b1:67:8e:91:c2:09:f0:84:be:29:96:6e:ee:b7:6b:12:
72:ea:c2:2a:90:9b:4b:f1:2e:d1:08:c0:e5:a6:7f:18:d4:65:
57:74:e5:15:c1:21:a5:6b:d8:00:bd:8c:0a:2c:11:cd:7b:d0:
bf:ea:6b:c3:25:4c:87:30:ee:7f:f6:18:55:8a:a2:d5:c9:9e:
3d:04:88:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2dmp6xtktDGigOmjvP0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYzU1ZmIyNGFkNTU2ZTA0MjAyNjUxZjZkNWE4YjI3ZDVi
ZWRmOTcwHhcNMjUwMTAyMTE0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWRmOGZjOWY4OTc2MWM0MWMyYTA0NzU3YmMxZWNjNzk3MzgzZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszT5cZyOsreifFSgOLy02bxne9zm
FzJdnrOtXTJh7efEPvnJd+h3Yly2AskiGxbCbLDs+TnWv6qGZhSiXPPjDtCr9pAf
P/fQ3QraFpB+p5IAuHY8Sbbr+qtzAzo9PVrQRT5ulTZzIgNw9ZvPHuTID/EYIKsj
LTtomr8CIsLmOdA8ksoYWgyouQlIBSAmyfxBYZ+agjQguBzzFdrOqpkNIadx4mIR
28+BTM8SEvwLoUbeVRpWHhWrdnQUmp/L8TfsBShYvhipccUMGD2B92rhPqCZ7RVg
XR4JZnHGLeP0/VkC1CTsXyhAfYmOJN1zxBAbs0C4okY77lwIDSeaSQKSbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJrfj8n4l2HEHCoEdXvB7MeXOD6DMB8GA1UdIwQY
MBaAFLvFX7JK1VbgQgJlH21aiyfVvt+XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdThWZnNrclZWdUJDQW1VZmJWcUxKOVctMzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80NjkyMmYtNWNiNi00ZDk4LWI0ZmMt
OTNiZDVlNDA4ZjkxLzEvbXQtUHlmaVhZY1FjS2dSMWU4SHN4NWM0UG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80NjkyMmYtNWNiNi00ZDk4LWI0ZmMtOTNiZDVlNDA4Zjkx
LzEvdThWZnNrclZWdUJDQW1VZmJWcUxKOVctMzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuajkMA0E
AgACMAcDBQAqC/CAMA0GCSqGSIb3DQEBCwUAA4IBAQASUmlHY9LOnIbHb/xhdqzv
AA3h5VwRFpt0UIa3MkOlR3VnhIUnLLohw1AybUcQ83hW/AIgjUVsqHG3NCU9DMSx
G3EPcoOFNG3Sy1yHuag9G+1yhIsOKh7+ibY7vKKFQKG884cxS9odkSWcqmTTYtnP
CZsC3PvraSxX0t+rHAvgrKJsG6a8Mkf2vBYpxRoXicD2yn8oqEaY5C27+7BNr8a6
utjW9FgAhSRr/tM3vIbN8K96CnaW17FnjpHCCfCEvimWbu63axJy6sIqkJtL8S7R
CMDlpn8Y1GVXdOUVwSGla9gAvYwKLBHNe9C/6mvDJUyHMO5/9hhViqLVyZ49BIgS
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:13:55 2025 by rpki-client