Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/MsFmWJOoSFY3BCE49erYLm5IeF8.roa
File: MsFmWJOoSFY3BCE49erYLm5IeF8.roa (raw, json)
Hash identifier: +ULhpY8+EhNOI9KNs3g5QfGlO9AZRphDDwBCNw26nt4=
Subject key identifier: 32:C1:66:58:93:A8:48:56:37:04:21:38:F5:EA:D8:2E:6E:48:78:5F
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0194266B0F1E21A2ACE3F2D16E10B4F7286F
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/MsFmWJOoSFY3BCE49erYLm5IeF8.roa
Signing time: Thu 02 Jan 2025 09:48:57 +0000
ROA not before: Thu 02 Jan 2025 09:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214851
IP address blocks: 192.144.33.0/24 maxlen: 24
2a09:ff00:8000::/37 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:0f:1e:21:a2:ac:e3:f2:d1:6e:10:b4:f7:28:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 2 09:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32c1665893a8485637042138f5ead82e6e48785f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:25:28:be:24:eb:02:85:dd:4a:f9:78:23:b3:
9a:75:5d:75:75:7f:d1:f4:f2:f0:a1:11:2e:98:95:
82:84:a6:e5:67:1c:a1:80:5a:db:c4:59:1a:0a:3c:
7a:59:92:a3:52:fe:d8:c8:5d:77:61:07:de:f1:50:
45:7c:af:fa:c0:a1:95:1d:b5:31:03:f9:68:52:05:
80:4a:87:38:91:2f:a3:02:3f:41:80:fd:7f:74:d9:
c4:18:df:7b:9a:e8:69:f4:6a:1e:3f:78:f8:1d:da:
c8:e7:66:0a:5a:76:44:2e:83:e2:2f:4d:b7:ac:05:
01:4f:31:db:7c:0b:90:8a:99:82:f3:06:79:59:99:
15:00:cf:7c:66:f3:aa:f9:0a:80:29:a7:bc:b9:6f:
df:fa:e1:b6:8a:19:85:38:16:7d:c2:d0:f1:4d:65:
80:8c:25:26:f4:bc:2f:2a:3a:ae:0b:c5:e5:66:cf:
59:10:bb:14:e9:c6:b5:e9:ff:8c:4b:6d:ef:32:9a:
bb:0c:7a:60:96:1e:c4:26:6c:80:d5:d6:8c:0b:3e:
43:ac:b1:79:c7:17:f9:74:b1:3e:57:33:54:cb:f2:
e8:89:83:a4:c7:04:10:06:f5:39:ba:b7:11:e9:40:
25:18:72:7a:c6:18:09:3b:cc:6c:e3:9e:04:90:2a:
b2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C1:66:58:93:A8:48:56:37:04:21:38:F5:EA:D8:2E:6E:48:78:5F
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/MsFmWJOoSFY3BCE49erYLm5IeF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.144.33.0/24
IPv6:
2a09:ff00:8000::/37
Signature Algorithm: sha256WithRSAEncryption
05:55:08:2d:da:16:3a:6b:97:f2:07:a7:76:c1:2e:50:b8:82:
94:ee:63:af:32:f3:59:32:2d:e2:48:ff:2f:28:4e:a6:38:e3:
39:97:7a:df:ae:42:45:df:0e:c8:64:41:4d:65:0c:d6:4c:51:
63:f9:dc:d3:97:73:d3:58:5e:4d:80:83:f9:b7:88:0d:ce:5c:
97:12:e4:02:54:18:29:c6:3c:dd:e2:39:24:10:5e:57:af:fb:
6d:7f:03:08:e5:02:74:1c:b1:c2:b3:35:52:c4:96:a8:19:86:
b5:fa:f4:77:37:6d:e2:66:40:2b:6d:48:82:99:9d:a7:df:2b:
e3:39:7d:3d:ce:dc:5b:8a:e7:42:f6:9d:b2:86:58:e8:bd:dc:
59:ed:6c:cc:e6:63:c5:13:71:4e:27:e7:27:b4:b9:d9:9a:cc:
be:43:37:e1:f3:5c:f5:14:40:a6:4e:d6:01:13:3e:05:88:3f:
d8:4f:b9:a8:cb:29:6b:4d:6a:5d:5d:16:ba:de:7e:7a:65:6a:
2c:3b:fe:03:5a:e1:32:ad:27:16:b7:0d:b1:c7:b8:40:f1:34:
5f:23:3b:8c:b2:78:e7:bc:30:ee:10:8b:44:66:44:de:8b:6b:
af:0b:47:59:31:a0:38:5c:76:d5:e3:70:61:58:4e:d9:e5:85:
40:8e:3b:1c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQmaw8eIaKs4/LRbhC09yhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMTAyMDk0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmMxNjY1ODkzYTg0ODU2MzcwNDIxMzhmNWVhZDgyZTZlNDg3ODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyUoviTrAoXdSvl4I7OadV11dX/R
9PLwoREumJWChKblZxyhgFrbxFkaCjx6WZKjUv7YyF13YQfe8VBFfK/6wKGVHbUx
A/loUgWASoc4kS+jAj9BgP1/dNnEGN97muhp9GoeP3j4HdrI52YKWnZELoPiL023
rAUBTzHbfAuQipmC8wZ5WZkVAM98ZvOq+QqAKae8uW/f+uG2ihmFOBZ9wtDxTWWA
jCUm9LwvKjquC8XlZs9ZELsU6ca16f+MS23vMpq7DHpglh7EJmyA1daMCz5DrLF5
xxf5dLE+VzNUy/LoiYOkxwQQBvU5urcR6UAlGHJ6xhgJO8xs454EkCqy/QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDLBZliTqEhWNwQhOPXq2C5uSHhfMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvTXNGbVdKT29TRlkzQkNFNDllcllMbTVJZUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAwJAhMA4E
AgACMAgDBgMqCf8AgDANBgkqhkiG9w0BAQsFAAOCAQEABVUILdoWOmuX8gendsEu
ULiClO5jrzLzWTIt4kj/LyhOpjjjOZd6365CRd8OyGRBTWUM1kxRY/nc05dz01he
TYCD+beIDc5clxLkAlQYKcY83eI5JBBeV6/7bX8DCOUCdByxwrM1UsSWqBmGtfr0
dzdt4mZAK21Igpmdp98r4zl9Pc7cW4rnQvadsoZY6L3cWe1szOZjxRNxTifnJ7S5
2ZrMvkM34fNc9RRApk7WARM+BYg/2E+5qMspa01qXV0Wut5+emVqLDv+A1rhMq0n
FrcNsce4QPE0XyM7jLJ457ww7hCLRGZE3otrrwtHWTGgOFx21eNwYVhO2eWFQI47
HA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:24 2025 by rpki-client