Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/MZ_QBnViUEyC8ZRFkedX8Rv5Crs.roa
File: MZ_QBnViUEyC8ZRFkedX8Rv5Crs.roa (raw, json)
Hash identifier: XyD021GY+KiQ98JM0NY1iLl+QMVF+YOoCbUCeu964IY=
Subject key identifier: 31:9F:D0:06:75:62:50:4C:82:F1:94:45:91:E7:57:F1:1B:F9:0A:BB
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 0194206878134514BC3D16068B22225264A4
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/MZ_QBnViUEyC8ZRFkedX8Rv5Crs.roa
Signing time: Wed 01 Jan 2025 05:48:24 +0000
ROA not before: Wed 01 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.117.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:78:13:45:14:bc:3d:16:06:8b:22:22:52:64:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Jan 1 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=319fd0067562504c82f1944591e757f11bf90abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4a:11:1b:74:80:3a:86:13:a0:6c:1d:b2:4f:
09:07:0e:c9:b8:e3:1b:36:b5:07:81:43:95:c3:5e:
82:ba:f1:7f:9a:7a:06:06:a4:06:ed:49:7e:56:27:
e4:02:28:53:36:c0:0d:0e:2c:7c:0a:f6:49:80:6c:
33:90:68:fe:8d:16:16:32:ec:c7:8f:a8:51:5b:01:
fd:6e:e7:cc:49:af:31:da:b9:85:22:51:cf:a1:ed:
f7:2d:e5:4d:cf:f3:e2:ec:e9:a0:29:25:6a:95:d8:
73:7c:b5:7a:5e:c8:71:a6:c1:13:3a:a7:15:af:98:
66:e2:df:d0:09:ce:72:cc:9c:c5:19:e1:4d:c3:3f:
73:65:1d:c7:88:04:a5:7e:3e:37:f7:ac:01:0c:b7:
22:a7:c1:a7:9d:2e:ff:2b:bc:f7:0c:80:f9:c1:e8:
55:ac:ab:bf:39:23:dd:07:f0:3b:f7:19:5f:54:df:
76:d0:41:aa:cc:b3:8a:c3:6a:30:04:9b:29:12:87:
a0:4c:af:0d:b5:6c:68:73:07:28:22:e6:06:38:b6:
ad:aa:d2:02:de:f1:66:f1:32:2d:d1:f2:36:68:04:
eb:c4:35:6a:64:ac:46:9a:16:5b:56:d5:53:2c:ac:
65:21:4e:b6:94:98:43:43:e5:73:f1:2d:f7:7c:f3:
68:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:9F:D0:06:75:62:50:4C:82:F1:94:45:91:E7:57:F1:1B:F9:0A:BB
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/MZ_QBnViUEyC8ZRFkedX8Rv5Crs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.225.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:53:d7:fa:fa:8f:82:85:c2:83:ce:dc:3e:ad:3e:4c:08:17:
01:18:b7:94:bd:2e:59:3f:d6:88:d6:28:ea:00:15:f0:c6:8c:
aa:76:56:99:18:9f:78:20:a9:8d:66:37:4b:c2:cc:3d:5e:65:
c1:b1:61:78:04:6f:7c:ba:14:77:6b:06:bb:85:6d:fc:46:15:
a6:ac:f5:dd:fc:92:6d:c8:fc:f9:56:ea:99:e6:7c:e4:22:6e:
16:ef:3c:08:c1:90:af:b6:1f:14:ed:82:1e:db:78:fc:20:73:
4d:83:a4:77:32:38:8a:ab:28:d5:11:16:4e:d9:2d:fb:47:67:
cc:dd:2d:56:bd:db:6a:ad:03:f3:fc:79:cd:f4:25:5a:35:2a:
da:e4:b3:0d:60:23:92:e8:2b:c0:58:eb:c6:7c:90:f6:8f:b1:
15:c3:4d:2c:43:4d:7b:23:7e:22:b1:de:76:2a:88:47:1f:1f:
71:0f:b5:55:62:26:dd:b3:f1:a5:a4:62:4e:17:6e:72:8d:d2:
8c:b5:c1:a6:86:03:6e:64:df:80:19:d1:31:5e:71:0f:9e:74:
6c:f2:4d:92:38:14:c0:a3:8d:5d:c7:fc:5f:a4:fa:de:e3:a5:
7c:27:61:7a:4c:37:f0:9c:0c:ae:ee:20:73:be:07:01:b7:71:
71:a7:e5:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaHgTRRS8PRYGiyIiUmSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjUwMTAxMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTlmZDAwNjc1NjI1MDRjODJmMTk0NDU5MWU3NTdmMTFiZjkwYWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUoRG3SAOoYToGwdsk8JBw7JuOMb
NrUHgUOVw16CuvF/mnoGBqQG7Ul+VifkAihTNsANDix8CvZJgGwzkGj+jRYWMuzH
j6hRWwH9bufMSa8x2rmFIlHPoe33LeVNz/Pi7OmgKSVqldhzfLV6XshxpsETOqcV
r5hm4t/QCc5yzJzFGeFNwz9zZR3HiASlfj4396wBDLcip8GnnS7/K7z3DID5wehV
rKu/OSPdB/A79xlfVN920EGqzLOKw2owBJspEoegTK8NtWxocwcoIuYGOLatqtIC
3vFm8TIt0fI2aATrxDVqZKxGmhZbVtVTLKxlIU62lJhDQ+Vz8S33fPNo3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDGf0AZ1YlBMgvGURZHnV/Eb+Qq7MB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvTVpfUUJuVmlVRXlDOFpSRmtlZFg4UnY1Q3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXXhMA0G
CSqGSIb3DQEBCwUAA4IBAQBNU9f6+o+ChcKDztw+rT5MCBcBGLeUvS5ZP9aI1ijq
ABXwxoyqdlaZGJ94IKmNZjdLwsw9XmXBsWF4BG98uhR3awa7hW38RhWmrPXd/JJt
yPz5VuqZ5nzkIm4W7zwIwZCvth8U7YIe23j8IHNNg6R3MjiKqyjVERZO2S37R2fM
3S1WvdtqrQPz/HnN9CVaNSra5LMNYCOS6CvAWOvGfJD2j7EVw00sQ017I34isd52
KohHHx9xD7VVYibds/GlpGJOF25yjdKMtcGmhgNuZN+AGdExXnEPnnRs8k2SOBTA
o41dx/xfpPre46V8J2F6TDfwnAyu7iBzvgcBt3Fxp+Uq
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:06 2025 by rpki-client