Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/MdkizyIg2NeuwXlRpkc85_OLBy0.roa
File: MdkizyIg2NeuwXlRpkc85_OLBy0.roa (raw, json)
Hash identifier: U+GIHo2ErZJ42HZIwnGjGlw/t1N8vFevExlPUISARlA=
Subject key identifier: 31:D9:22:CF:22:20:D8:D7:AE:C1:79:51:A6:47:3C:E7:F3:8B:07:2D
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0193AF630627DC9A8B0E978BA59FDBA3FA8F
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/MdkizyIg2NeuwXlRpkc85_OLBy0.roa
Signing time: Tue 10 Dec 2024 07:05:22 +0000
ROA not before: Tue 10 Dec 2024 07:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215579
IP address blocks: 152.89.194.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:af:63:06:27:dc:9a:8b:0e:97:8b:a5:9f:db:a3:fa:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Dec 10 07:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31d922cf2220d8d7aec17951a6473ce7f38b072d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:88:8a:c5:5c:ca:d9:22:ab:a8:78:a9:52:5e:
55:13:a1:ce:e4:88:f2:bf:10:f4:2a:7e:ea:d0:e9:
97:60:d2:5d:59:de:31:6e:61:65:a1:2c:3a:e7:cb:
44:ba:fc:10:e3:87:3e:c6:5b:4f:86:ea:1c:44:7e:
c2:28:95:57:20:3e:6d:30:94:f2:f3:3a:38:1a:e0:
4c:e4:37:ad:d5:58:94:95:8c:ed:17:b4:3b:48:13:
15:f1:21:a0:54:e1:32:20:c3:78:13:5c:08:2c:5b:
ff:eb:87:4f:9d:c6:14:84:66:89:31:00:a1:78:86:
f5:5f:41:57:e4:38:43:8d:d3:26:83:0a:45:27:33:
42:08:71:05:04:09:b5:db:5d:dd:07:a8:09:83:f6:
17:ce:f9:99:c1:7f:6d:26:0b:9d:d0:6a:92:ca:0d:
20:28:a8:85:31:b5:88:65:6e:6e:d7:5b:3d:57:23:
a6:ea:e4:c5:94:db:08:f6:a8:31:e3:8f:32:4a:69:
3d:9a:1b:00:bb:29:ef:dd:66:a8:95:df:f5:92:5e:
b7:5d:9c:76:0a:7b:9a:6c:0e:cb:50:ab:a8:0b:75:
dc:a1:d7:31:6a:02:d2:20:cf:63:2e:5f:c2:24:5e:
5a:e1:22:f2:0f:e6:39:54:e1:44:3a:54:bd:8a:36:
fe:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D9:22:CF:22:20:D8:D7:AE:C1:79:51:A6:47:3C:E7:F3:8B:07:2D
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/MdkizyIg2NeuwXlRpkc85_OLBy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.194.0/23
Signature Algorithm: sha256WithRSAEncryption
56:a1:10:17:57:d6:d9:2a:5f:2c:61:70:b0:a9:7e:6b:eb:1b:
f7:c0:7b:ca:8c:0e:06:3f:3f:cb:f0:82:90:fa:1d:01:cb:99:
e9:d3:30:44:26:96:fe:13:69:cb:19:da:ae:2f:28:cc:7d:fe:
ab:2f:6e:30:63:55:eb:bf:f4:ec:3d:cb:79:79:27:ed:99:c9:
36:d7:fd:ba:27:33:a8:23:81:62:00:4f:8c:5f:1a:9a:14:e9:
d1:af:06:2f:60:cd:d3:07:3f:dc:04:90:5d:6e:18:de:67:c1:
90:35:9c:dc:23:66:80:f5:a5:69:0f:d4:cc:fb:1c:28:2f:58:
9b:b3:e8:ef:9d:81:0d:7b:3f:84:d4:6c:7e:18:dc:80:32:f8:
27:a9:e6:bb:c0:58:d2:d2:43:b1:70:92:cb:e2:ee:be:fa:34:
6b:83:6f:b0:91:0e:77:8a:af:50:33:d3:4e:58:12:57:9a:bc:
97:89:9e:63:b6:cc:b8:0e:c9:f8:35:33:11:76:b1:10:d7:0d:
bd:18:c7:41:d3:e4:05:98:a0:6f:12:a2:cb:8b:96:44:14:68:
cd:d7:cb:e3:a3:c4:48:fa:33:aa:fb:48:6f:0f:0a:39:ef:8f:
57:0d:f6:a9:21:ae:2a:cb:e2:e1:f5:5c:73:91:12:cd:93:32:
a7:44:30:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOvYwYn3JqLDpeLpZ/bo/qPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQxMjEwMDcwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWQ5MjJjZjIyMjBkOGQ3YWVjMTc5NTFhNjQ3M2NlN2YzOGIwNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIiKxVzK2SKrqHipUl5VE6HO5Ijy
vxD0Kn7q0OmXYNJdWd4xbmFloSw658tEuvwQ44c+xltPhuocRH7CKJVXID5tMJTy
8zo4GuBM5Det1ViUlYztF7Q7SBMV8SGgVOEyIMN4E1wILFv/64dPncYUhGaJMQCh
eIb1X0FX5DhDjdMmgwpFJzNCCHEFBAm1213dB6gJg/YXzvmZwX9tJgud0GqSyg0g
KKiFMbWIZW5u11s9VyOm6uTFlNsI9qgx448ySmk9mhsAuynv3Waold/1kl63XZx2
CnuabA7LUKuoC3XcodcxagLSIM9jLl/CJF5a4SLyD+Y5VOFEOlS9ijb+nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHZIs8iINjXrsF5UaZHPOfziwctMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvTWRraXp5SWcyTmV1d1hsUnBrYzg1X09MQnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmFnCMA0G
CSqGSIb3DQEBCwUAA4IBAQBWoRAXV9bZKl8sYXCwqX5r6xv3wHvKjA4GPz/L8IKQ
+h0By5np0zBEJpb+E2nLGdquLyjMff6rL24wY1Xrv/TsPct5eSftmck21/26JzOo
I4FiAE+MXxqaFOnRrwYvYM3TBz/cBJBdbhjeZ8GQNZzcI2aA9aVpD9TM+xwoL1ib
s+jvnYENez+E1Gx+GNyAMvgnqea7wFjS0kOxcJLL4u6++jRrg2+wkQ53iq9QM9NO
WBJXmryXiZ5jtsy4Dsn4NTMRdrEQ1w29GMdB0+QFmKBvEqLLi5ZEFGjN18vjo8RI
+jOq+0hvDwo5749XDfapIa4qy+Lh9VxzkRLNkzKnRDCX
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:26:59 2025 by rpki-client