Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/MgSM0hCZyvNmzep6NiAr95r_5is.roa
File: MgSM0hCZyvNmzep6NiAr95r_5is.roa (raw, json)
Hash identifier: gcdDaOjtH4vS1SEZ1bizBmbPI2C7OheJbPIjH0h6knI=
Subject key identifier: 32:04:8C:D2:10:99:CA:F3:66:CD:EA:7A:36:20:2B:F7:9A:FF:E6:2B
Certificate issuer: /CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Certificate serial: 05033F1A
Authority key identifier: 4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/MgSM0hCZyvNmzep6NiAr95r_5is.roa
Signing time: Sun 13 Mar 2022 15:32:19 +0000
ROA not before: Sun 13 Mar 2022 15:32:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3970
IP address blocks: 151.216.4.0/24 maxlen: 24
2001:7fc:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84098842 (0x5033f1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Validity
Not Before: Mar 13 15:32:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32048cd21099caf366cdea7a36202bf79affe62b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:46:2e:2f:bd:f2:07:8b:5b:b1:bf:22:95:55:
29:10:31:53:59:42:fd:ca:5c:51:54:c6:c4:61:d3:
f0:d7:d5:97:bf:a8:8a:df:33:ec:6f:e3:9e:07:4b:
1b:67:62:0d:a2:e5:64:b3:36:67:49:32:ae:de:64:
8f:cf:37:3c:6d:09:6d:88:08:61:8d:ee:68:c2:bf:
d0:ba:39:f7:35:31:68:28:46:1c:8e:27:8d:f7:35:
b3:08:46:5a:d5:32:4a:dd:7c:8f:3c:af:1b:7e:86:
2d:2c:1c:76:7c:c8:7e:19:88:e4:95:1f:fa:17:26:
42:a1:80:6e:cd:d7:70:ca:f9:35:7b:26:15:d8:fb:
2c:85:5c:17:65:1b:74:e5:16:4b:ca:8a:8e:d3:6f:
f3:58:4a:17:7f:e2:80:6a:5b:97:6d:9e:4c:00:e9:
d4:cb:df:f6:48:9b:fc:74:d4:08:d3:ca:19:c2:74:
6b:be:c4:7d:d7:5a:97:6b:64:23:68:f8:46:69:44:
a5:29:a8:76:74:57:9c:65:6f:fb:2b:dd:8a:0f:10:
6d:b4:b2:a9:85:ff:ae:2b:36:76:91:96:48:d9:02:
e4:76:da:52:64:0c:fd:2c:b9:cf:00:cc:b0:c3:60:
c7:94:c1:6b:7d:dc:e3:64:1c:97:a4:21:e2:df:a3:
30:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:04:8C:D2:10:99:CA:F3:66:CD:EA:7A:36:20:2B:F7:9A:FF:E6:2B
X509v3 Authority Key Identifier:
keyid:4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/MgSM0hCZyvNmzep6NiAr95r_5is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/Sz2m6ZxmZROizuXw4NOrdF8WfcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.4.0/24
IPv6:
2001:7fc:2::/48
Signature Algorithm: sha256WithRSAEncryption
16:e9:9e:69:ef:51:fa:6b:d1:a0:7c:ef:01:f2:44:c0:db:75:
4f:5a:14:0f:c6:b1:59:67:c2:6e:3d:6d:a2:d8:17:88:93:f3:
42:8a:b3:aa:5e:c7:97:61:13:39:f3:ed:b6:f2:ac:f4:54:78:
58:6f:5d:2d:e8:cd:a3:60:26:b3:5b:62:20:33:45:f7:57:0b:
23:0b:ac:68:31:cc:4b:4f:0f:22:a7:fc:ad:ab:cf:d4:d0:b1:
22:68:96:d3:0e:26:ab:c6:b5:b8:03:4b:97:ce:98:ae:f0:80:
eb:03:24:02:cb:ce:60:b1:d1:ab:20:c8:9e:74:72:5e:71:b7:
6c:7a:4d:16:c2:ce:60:68:ac:73:14:16:5e:8b:9a:ca:a0:1a:
24:a0:43:fe:f9:8f:03:5d:8b:ec:d9:01:26:76:32:02:01:bc:
d6:c2:80:5f:99:83:fa:48:25:b4:57:ca:77:18:b2:db:12:6d:
32:51:89:b9:80:71:20:f9:c5:64:ba:29:df:e7:ef:28:95:61:
dc:ce:b4:b0:0b:2f:7b:5c:b8:93:2a:35:89:67:86:6a:08:97:
6d:c7:00:94:8d:cf:0f:61:e5:a7:b2:17:77:66:4f:58:83:50:
72:52:79:fd:50:ad:3d:8c:ea:cb:cf:40:a0:7e:15:b2:cf:80:
4f:5e:9d:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBQM/GjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjNkYTZlOTljNjY2NTEzYTJjZWU1ZjBlMGQzYWI3NDVmMTY3ZGMzMB4XDTIyMDMx
MzE1MzIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzIwNDhjZDIxMDk5
Y2FmMzY2Y2RlYTdhMzYyMDJiZjc5YWZmZTYyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJGLi+98geLW7G/IpVVKRAxU1lC/cpcUVTGxGHT8NfVl7+o
it8z7G/jngdLG2diDaLlZLM2Z0kyrt5kj883PG0JbYgIYY3uaMK/0Lo59zUxaChG
HI4njfc1swhGWtUySt18jzyvG36GLSwcdnzIfhmI5JUf+hcmQqGAbs3XcMr5NXsm
Fdj7LIVcF2UbdOUWS8qKjtNv81hKF3/igGpbl22eTADp1Mvf9kib/HTUCNPKGcJ0
a77Efddal2tkI2j4RmlEpSmodnRXnGVv+yvdig8QbbSyqYX/ris2dpGWSNkC5Hba
UmQM/Sy5zwDMsMNgx5TBa33c42Qcl6Qh4t+jMFsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQyBIzSEJnK82bN6no2ICv3mv/mKzAfBgNVHSMEGDAWgBRLPabpnGZlE6LO
5fDg06t0XxZ9wzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1N6Mm02WnhtWlJPaXp1WHc0Tk9yZEY4V2ZjTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8x
L01nU00waENaeXZObXplcDZOaUFyOTVyXzVpcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8xL1N6Mm02WnhtWlJP
aXp1WHc0Tk9yZEY4V2ZjTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAJfYBDAPBAIAAjAJAwcAIAEH/AAC
MA0GCSqGSIb3DQEBCwUAA4IBAQAW6Z5p71H6a9GgfO8B8kTA23VPWhQPxrFZZ8Ju
PW2i2BeIk/NCirOqXseXYRM58+228qz0VHhYb10t6M2jYCazW2IgM0X3VwsjC6xo
McxLTw8ip/ytq8/U0LEiaJbTDiarxrW4A0uXzpiu8IDrAyQCy85gsdGrIMiedHJe
cbdsek0Wws5gaKxzFBZei5rKoBokoEP++Y8DXYvs2QEmdjICAbzWwoBfmYP6SCW0
V8p3GLLbEm0yUYm5gHEg+cVkuinf5+8olWHczrSwCy97XLiTKjWJZ4ZqCJdtxwCU
jc8PYeWnshd3Zk9Yg1ByUnn9UK09jOrLz0CgfhWyz4BPXp2+
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:35 2025 by rpki-client