Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/MQTXYEqw6V-5P2F25jwtViClxgI.roa
File: MQTXYEqw6V-5P2F25jwtViClxgI.roa (raw, json)
Hash identifier: ja2i5JbFRrGS/Rf/2kdjgyLZS3nctp/cZq6tVS1d238=
Subject key identifier: 31:04:D7:60:4A:B0:E9:5F:B9:3F:61:76:E6:3C:2D:56:20:A5:C6:02
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 01836E33BEB037B6A5008C768FE5A474CBAE
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/MQTXYEqw6V-5P2F25jwtViClxgI.roa
Signing time: Sat 24 Sep 2022 06:33:48 +0000
ROA not before: Sat 24 Sep 2022 06:33:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.106.0/24 maxlen: 24
45.141.150.0/24 maxlen: 24
5.180.104.0/24 maxlen: 24
45.147.45.0/24 maxlen: 24
194.116.229.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
45.136.6.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6e:33:be:b0:37:b6:a5:00:8c:76:8f:e5:a4:74:cb:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Sep 24 06:33:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3104d7604ab0e95fb93f6176e63c2d5620a5c602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c5:2b:73:fc:bf:17:d6:61:dd:85:1c:64:22:
b2:0b:2c:20:1d:04:44:79:c8:55:df:de:ef:77:ed:
60:ae:74:53:80:d0:6a:6b:85:a5:50:08:30:d9:25:
c1:61:ef:ab:35:89:20:75:9b:f2:d1:dc:d3:5c:77:
13:58:da:03:2a:54:4e:50:de:6f:dc:86:54:57:6c:
49:a3:36:8e:ee:37:11:b0:9b:89:ae:82:de:47:5d:
a8:8d:87:3e:b4:48:fd:ff:68:fa:f7:0b:44:db:1b:
71:11:26:d6:58:00:b3:8e:5c:82:c3:df:26:fb:60:
a3:fd:41:8e:de:0c:d3:bc:be:a1:21:52:9a:c5:f8:
35:e7:58:ea:d3:3d:85:d1:92:a4:b7:e0:bb:d8:21:
88:ab:3d:48:0d:b6:63:f8:d0:d6:80:0b:ec:ce:e8:
6c:ed:04:cf:c8:fc:43:81:4d:4b:4e:0f:2f:92:4c:
a6:b4:db:a6:55:3f:3b:dc:13:bc:e3:d4:6f:9a:7c:
67:b6:d7:d7:61:78:45:9c:68:38:a7:dc:7d:fb:4d:
55:27:85:21:2c:68:94:02:f7:e1:f3:44:bd:f4:10:
3f:c5:23:22:59:2d:8f:cc:40:14:58:53:c6:82:dd:
4a:8e:ed:46:f8:67:01:ed:f1:7f:df:44:15:06:6b:
06:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:04:D7:60:4A:B0:E9:5F:B9:3F:61:76:E6:3C:2D:56:20:A5:C6:02
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/MQTXYEqw6V-5P2F25jwtViClxgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.104.0/24
5.180.106.0/24
45.131.2.0/24
45.136.6.0/24
45.141.150.0/24
45.147.45.0/24
77.83.200.0/22
194.116.229.0/24
194.116.236.0/23
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
Signature Algorithm: sha256WithRSAEncryption
3b:67:fb:9a:c0:a3:e3:e8:25:85:b4:e5:93:06:11:0e:cf:bb:
2a:de:ce:bb:06:42:60:7f:28:00:54:d9:89:53:25:b0:15:bb:
02:e4:2f:0f:4f:cf:0e:1b:63:31:ce:50:1d:bb:3a:27:e8:f9:
cc:07:e2:bc:c8:0a:5b:c9:37:d9:cf:ec:67:ca:25:5b:c5:cf:
76:69:9d:b4:fd:8b:47:0f:43:93:d0:a6:f9:76:07:68:55:ef:
36:a9:87:86:ca:ed:67:e6:9a:b2:0d:b6:16:bc:fc:c1:f5:6e:
53:45:b3:ea:68:79:b4:99:1f:18:24:41:cb:e8:e6:74:b6:2e:
4b:a0:20:1a:1f:82:33:f3:e8:2b:06:86:d0:3f:ca:0e:9f:2d:
1a:c8:da:25:df:e0:8d:45:d8:47:6e:82:1a:4a:10:c7:61:1e:
4d:83:5e:2b:d8:cd:82:5d:1f:3d:c2:b7:27:f6:5e:01:3e:22:
34:9b:08:52:47:7a:71:3c:23:52:5d:4b:54:e8:c4:2b:d5:bb:
53:8f:ff:1b:99:cb:68:b0:f8:75:ff:33:08:f2:3b:e4:67:57:
bb:be:23:c1:f3:0f:0a:fa:36:9d:16:96:5a:68:4f:1f:aa:0f:
f6:bd:31:7b:1a:31:3b:9d:6a:19:73:8b:c5:03:72:8e:23:0c:
a9:07:32:f2
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYNuM76wN7alAIx2j+WkdMuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjIwOTI0MDYzMzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTA0ZDc2MDRhYjBlOTVmYjkzZjYxNzZlNjNjMmQ1NjIwYTVjNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8Urc/y/F9Zh3YUcZCKyCywgHQRE
echV397vd+1grnRTgNBqa4WlUAgw2SXBYe+rNYkgdZvy0dzTXHcTWNoDKlROUN5v
3IZUV2xJozaO7jcRsJuJroLeR12ojYc+tEj9/2j69wtE2xtxESbWWACzjlyCw98m
+2Cj/UGO3gzTvL6hIVKaxfg151jq0z2F0ZKkt+C72CGIqz1IDbZj+NDWgAvszuhs
7QTPyPxDgU1LTg8vkkymtNumVT873BO849RvmnxnttfXYXhFnGg4p9x9+01VJ4Uh
LGiUAvfh80S99BA/xSMiWS2PzEAUWFPGgt1Kju1G+GcB7fF/30QVBmsGlQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFDEE12BKsOlfuT9hduY8LVYgpcYCMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvTVFUWFlFcXc2Vi01UDJGMjVqd3RWaUNseGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQABbRoAwQA
BbRqAwQALYMCAwQALYgGAwQALY2WAwQALZMtAwQCTVPIAwQAwnTlAwQBwnTsAwQA
wpIkAwQAwpIvMA0EAgACMAcDBQMqCYeAMA0GCSqGSIb3DQEBCwUAA4IBAQA7Z/ua
wKPj6CWFtOWTBhEOz7sq3s67BkJgfygAVNmJUyWwFbsC5C8PT88OG2MxzlAduzon
6PnMB+K8yApbyTfZz+xnyiVbxc92aZ20/YtHD0OT0Kb5dgdoVe82qYeGyu1n5pqy
DbYWvPzB9W5TRbPqaHm0mR8YJEHL6OZ0ti5LoCAaH4Iz8+grBobQP8oOny0ayNol
3+CNRdhHboIaShDHYR5Ng14r2M2CXR89wrcn9l4BPiI0mwhSR3pxPCNSXUtU6MQr
1btTj/8bmctosPh1/zMI8jvkZ1e7viPB8w8K+jadFpZaaE8fqg/2vTF7GjE7nWoZ
c4vFA3KOIwypBzLy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:37 2025 by rpki-client