Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/MtbsaY1yHn7-MT1fnsMPsz6ewPc.roa
File: MtbsaY1yHn7-MT1fnsMPsz6ewPc.roa (raw, json)
Hash identifier: OtSZHtlFSjGonybseZjtwCmp5aSwaiqTCQ92rP98kgk=
Subject key identifier: 32:D6:EC:69:8D:72:1E:7E:FE:31:3D:5F:9E:C3:0F:B3:3E:9E:C0:F7
Certificate issuer: /CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Certificate serial: 0194274840FA08C0055A48F9F91210B69DD1
Authority key identifier: 2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/MtbsaY1yHn7-MT1fnsMPsz6ewPc.roa
Signing time: Thu 02 Jan 2025 13:50:34 +0000
ROA not before: Thu 02 Jan 2025 13:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203287
IP address blocks: 78.159.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:40:fa:08:c0:05:5a:48:f9:f9:12:10:b6:9d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Validity
Not Before: Jan 2 13:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32d6ec698d721e7efe313d5f9ec30fb33e9ec0f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6f:66:c2:a9:80:59:fa:5c:77:45:97:6d:18:
56:37:e6:96:5d:5d:46:f5:76:b0:bb:2f:75:be:4e:
2d:c3:1a:c0:e2:e9:84:9a:5e:f8:98:2d:93:ad:d9:
7e:20:2c:25:dc:94:61:18:82:3d:0d:00:6f:d0:a0:
b4:0a:c0:bb:1b:1e:b1:b1:ec:e5:b6:51:cf:4e:82:
10:4d:b6:f8:ed:66:19:d1:cd:ae:b6:c1:c4:34:2c:
0e:80:32:47:a1:0d:28:6c:21:b1:ad:f3:a6:e9:71:
73:e9:a1:c4:b8:d0:b3:c9:35:9c:f7:a4:a8:36:8f:
5e:b9:ce:65:9e:09:a4:94:2c:e6:6c:b7:7f:75:8c:
f7:6c:d6:b4:76:0a:5f:1d:a2:80:6f:96:77:c7:15:
be:9f:99:3d:a3:d9:4e:3c:39:2f:8f:dc:ba:6f:46:
28:e6:a5:36:21:17:7d:e7:78:79:40:ab:26:1d:ef:
56:c8:2c:b0:02:44:b8:26:d8:2e:9b:78:9c:15:a3:
19:da:3a:7c:37:04:f9:29:dd:77:7c:17:c5:12:e6:
f6:6d:40:16:5d:1d:1a:be:7e:2b:20:43:1f:3e:f2:
1a:d2:66:e0:e0:3a:62:38:29:82:d5:87:61:b3:31:
df:fc:ec:9e:65:23:f4:66:7b:76:85:38:e0:7e:f2:
d4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D6:EC:69:8D:72:1E:7E:FE:31:3D:5F:9E:C3:0F:B3:3E:9E:C0:F7
X509v3 Authority Key Identifier:
keyid:2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/MtbsaY1yHn7-MT1fnsMPsz6ewPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.85.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:76:ef:11:0c:12:a2:97:8a:4d:e0:a6:14:5c:36:cd:b1:e7:
89:18:58:ac:6e:b5:0e:4b:c7:ed:72:9e:ee:6a:db:23:bd:cd:
ff:2b:8b:34:5e:d2:ff:0a:0c:ec:7c:48:5d:36:57:01:31:b5:
0e:a6:f5:6d:25:25:f6:7d:56:78:47:ec:ce:f1:b8:85:9e:97:
ae:e2:24:6f:5f:fb:a2:96:fc:63:79:dc:3e:c1:72:f1:cc:99:
5c:a3:ea:75:a3:26:95:43:f1:63:67:5f:c8:19:1e:b7:d7:99:
8e:2a:e9:b7:a0:c0:9e:54:53:10:c3:76:ec:10:de:6e:6f:59:
e8:63:d9:ed:48:79:c5:d4:46:18:ed:f5:d7:f9:76:b1:0a:a1:
6c:d3:9b:9b:db:2b:fb:7b:e2:b7:4f:e8:d6:65:31:ef:b6:c5:
d7:2b:fa:ce:20:bc:cf:4f:b7:85:43:7f:fd:a1:e2:36:6a:5a:
de:45:57:48:33:41:00:2d:16:cd:a3:64:bc:07:f6:be:27:12:
0e:fd:17:e3:f9:41:45:e7:70:8a:c1:7e:a6:a7:f9:a3:07:30:
e3:5f:a9:59:3f:8e:7d:92:95:cf:40:e9:0a:10:cd:5e:b0:50:
4a:43:22:40:02:ed:2c:5b:04:6c:bc:57:8c:d6:ba:0f:3a:54:
55:e2:3a:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSED6CMAFWkj5+RIQtp3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzk2M2JhMmFhZTVhYmQzOGE2ZWVkMDlkYTk4NTYxMWYx
YjUwMjEwHhcNMjUwMTAyMTM1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQ2ZWM2OThkNzIxZTdlZmUzMTNkNWY5ZWMzMGZiMzNlOWVjMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt29mwqmAWfpcd0WXbRhWN+aWXV1G
9Xawuy91vk4twxrA4umEml74mC2Trdl+ICwl3JRhGII9DQBv0KC0CsC7Gx6xsezl
tlHPToIQTbb47WYZ0c2utsHENCwOgDJHoQ0obCGxrfOm6XFz6aHEuNCzyTWc96So
No9euc5lngmklCzmbLd/dYz3bNa0dgpfHaKAb5Z3xxW+n5k9o9lOPDkvj9y6b0Yo
5qU2IRd953h5QKsmHe9WyCywAkS4Jtgum3icFaMZ2jp8NwT5Kd13fBfFEub2bUAW
XR0avn4rIEMfPvIa0mbg4DpiOCmC1YdhszHf/OyeZSP0Znt2hTjgfvLUgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLW7GmNch5+/jE9X57DD7M+nsD3MB8GA1UdIwQY
MBaAFCw5Y7oqrlq9OKbu0J2phWEfG1AhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYt
MTc2OTNlN2VhNjdhLzEvTXRic2FZMXlIbjctTVQxZm5zTVBzejZld1BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYtMTc2OTNlN2VhNjdh
LzEvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATp9VMA0G
CSqGSIb3DQEBCwUAA4IBAQBvdu8RDBKil4pN4KYUXDbNseeJGFisbrUOS8ftcp7u
atsjvc3/K4s0XtL/CgzsfEhdNlcBMbUOpvVtJSX2fVZ4R+zO8biFnpeu4iRvX/ui
lvxjedw+wXLxzJlco+p1oyaVQ/FjZ1/IGR6315mOKum3oMCeVFMQw3bsEN5ub1no
Y9ntSHnF1EYY7fXX+XaxCqFs05ub2yv7e+K3T+jWZTHvtsXXK/rOILzPT7eFQ3/9
oeI2alreRVdIM0EALRbNo2S8B/a+JxIO/Rfj+UFF53CKwX6mp/mjBzDjX6lZP459
kpXPQOkKEM1esFBKQyJAAu0sWwRsvFeM1roPOlRV4jpT
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:14 2025 by rpki-client