Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Mz8Xzjb4Em-bp16qe94uV9f2KSc.roa
File: Mz8Xzjb4Em-bp16qe94uV9f2KSc.roa (raw, json)
Hash identifier: IgI2K3rzQ3JJ+QIwmVbORi3IMlNvAYMKIlRufn/wj8k=
Subject key identifier: 33:3F:17:CE:36:F8:12:6F:9B:A7:5E:AA:7B:DE:2E:57:D7:F6:29:27
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0194266B0749093EAC31238AB167FF12FE2D
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Mz8Xzjb4Em-bp16qe94uV9f2KSc.roa
Signing time: Thu 02 Jan 2025 09:48:55 +0000
ROA not before: Thu 02 Jan 2025 09:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52053
IP address blocks: 185.255.112.0/24 maxlen: 24
193.38.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:07:49:09:3e:ac:31:23:8a:b1:67:ff:12:fe:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 2 09:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=333f17ce36f8126f9ba75eaa7bde2e57d7f62927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:01:fd:37:d7:78:51:68:b9:7a:fb:c7:54:ee:
10:d1:a5:fe:5e:d6:eb:17:a2:8a:6c:e2:e1:8a:c7:
ca:c1:b1:20:8c:c6:a1:67:76:bf:09:0a:94:a4:eb:
16:c9:2a:5c:60:3f:7c:8a:96:c4:aa:1f:76:ad:9e:
fb:ac:bf:23:2e:a5:e0:4a:46:ca:f4:7a:d8:62:35:
db:fd:f8:66:b9:b6:78:60:26:35:a6:2d:8e:e4:25:
de:4b:1c:72:7e:cf:20:90:9f:49:c2:ee:2b:b7:5b:
30:1f:db:b1:8e:cb:61:55:a4:9a:4a:47:ee:83:ca:
f3:27:84:34:ca:6f:c3:32:4a:3f:55:0e:6e:82:73:
77:27:22:ec:1b:66:ce:9a:99:b0:d3:51:85:7d:f7:
61:6d:e3:34:6f:e9:17:ce:72:a2:b8:97:33:0e:07:
19:ca:fb:98:12:31:d6:ab:67:94:f6:46:06:8a:ec:
9f:a4:32:6b:31:db:c8:01:a0:e8:ac:6a:cf:22:b7:
90:59:cb:59:a5:5a:e4:f9:b5:9a:15:a0:62:57:c2:
f0:a6:b6:c0:72:3f:73:db:27:60:f5:6e:ec:0f:f5:
6c:09:9c:07:7e:33:07:93:7a:72:e1:49:0c:0b:d7:
65:da:3e:71:10:f9:19:ed:0a:c5:57:81:b6:1c:5f:
91:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:3F:17:CE:36:F8:12:6F:9B:A7:5E:AA:7B:DE:2E:57:D7:F6:29:27
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Mz8Xzjb4Em-bp16qe94uV9f2KSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.112.0/24
193.38.250.0/24
Signature Algorithm: sha256WithRSAEncryption
17:d3:a4:ef:7e:8b:a7:08:21:f1:80:45:5f:d6:33:04:ca:15:
43:22:e3:52:58:df:34:50:37:d4:3c:1c:65:73:14:13:b7:71:
f2:f8:42:54:cb:b7:08:18:cf:10:a8:97:d0:7b:03:20:08:85:
d2:60:db:fb:3e:37:d6:f9:9d:4b:57:d7:a1:a4:3f:1b:de:3e:
bb:0b:90:d3:79:38:86:8f:c4:9c:2b:e3:6e:b1:60:40:8a:d3:
55:50:c4:3d:09:f6:1e:12:e1:bf:b1:5c:11:20:f5:c6:6f:2e:
86:b3:e8:4f:d8:16:8d:fd:b9:8b:0e:29:f9:ab:61:43:02:b4:
9e:34:20:85:c2:b2:1f:e9:7b:56:7f:7b:8b:f4:47:ed:9b:a3:
38:70:1e:98:d5:9e:04:49:25:e3:91:a4:e2:8b:de:e3:68:34:
ae:3d:a2:98:50:f9:90:7c:ae:34:8c:41:ab:3e:79:4f:7f:e4:
6d:1e:e0:87:e8:0d:72:c2:7f:aa:66:d5:69:19:a2:44:7c:c9:
2e:d0:c4:f1:30:3a:be:4a:ab:04:4e:90:d7:90:6f:4c:ad:95:
f6:19:97:a7:ed:17:42:71:ef:29:81:b1:a9:33:db:9a:f7:ce:
53:0f:b8:c2:2f:bd:92:54:ff:9b:11:54:41:28:6d:3e:8e:15:
e7:5b:3f:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmawdJCT6sMSOKsWf/Ev4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMTAyMDk0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzNmMTdjZTM2ZjgxMjZmOWJhNzVlYWE3YmRlMmU1N2Q3ZjYyOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwH9N9d4UWi5evvHVO4Q0aX+Xtbr
F6KKbOLhisfKwbEgjMahZ3a/CQqUpOsWySpcYD98ipbEqh92rZ77rL8jLqXgSkbK
9HrYYjXb/fhmubZ4YCY1pi2O5CXeSxxyfs8gkJ9Jwu4rt1swH9uxjsthVaSaSkfu
g8rzJ4Q0ym/DMko/VQ5ugnN3JyLsG2bOmpmw01GFffdhbeM0b+kXznKiuJczDgcZ
yvuYEjHWq2eU9kYGiuyfpDJrMdvIAaDorGrPIreQWctZpVrk+bWaFaBiV8LwprbA
cj9z2ydg9W7sD/VsCZwHfjMHk3py4UkMC9dl2j5xEPkZ7QrFV4G2HF+RbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDM/F842+BJvm6deqnveLlfX9iknMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvTXo4WHpqYjRFbS1icDE2cWU5NHVWOWYyS1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuf9wAwQA
wSb6MA0GCSqGSIb3DQEBCwUAA4IBAQAX06TvfounCCHxgEVf1jMEyhVDIuNSWN80
UDfUPBxlcxQTt3Hy+EJUy7cIGM8QqJfQewMgCIXSYNv7PjfW+Z1LV9ehpD8b3j67
C5DTeTiGj8ScK+NusWBAitNVUMQ9CfYeEuG/sVwRIPXGby6Gs+hP2BaN/bmLDin5
q2FDArSeNCCFwrIf6XtWf3uL9Eftm6M4cB6Y1Z4ESSXjkaTii97jaDSuPaKYUPmQ
fK40jEGrPnlPf+RtHuCH6A1ywn+qZtVpGaJEfMku0MTxMDq+SqsETpDXkG9MrZX2
GZen7RdCce8pgbGpM9ua985TD7jCL72SVP+bEVRBKG0+jhXnWz8p
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:23 2025 by rpki-client