Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/mss18FIq4ydcYebAHYX2pd8ocjk.roa
File: mss18FIq4ydcYebAHYX2pd8ocjk.roa (raw, json)
Hash identifier: J88GfjksI+w3VtUia6Hq+rhitJHHRkLoOK14jy8vrfc=
Subject key identifier: 9A:CB:35:F0:52:2A:E3:27:5C:61:E6:C0:1D:85:F6:A5:DF:28:72:39
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 019420D5DB4BD950879B7BFCAAF90982D63B
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/mss18FIq4ydcYebAHYX2pd8ocjk.roa
Signing time: Wed 01 Jan 2025 07:47:53 +0000
ROA not before: Wed 01 Jan 2025 07:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49505
IP address blocks: 5.10.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:db:4b:d9:50:87:9b:7b:fc:aa:f9:09:82:d6:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 07:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9acb35f0522ae3275c61e6c01d85f6a5df287239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:73:3e:be:1d:fb:20:e1:4d:8b:2b:1f:e7:a8:
b6:e8:1a:8a:7d:1e:e4:df:73:a0:e2:1d:5a:41:42:
06:56:0a:cc:1c:be:45:4e:9c:99:48:9e:d3:17:1a:
44:a9:1a:0c:7f:6a:4b:ab:29:38:f0:c7:75:4a:1a:
60:47:3e:70:bf:53:bd:69:96:3d:cf:e4:a3:6e:4a:
ab:d0:cd:1c:14:26:c3:ae:86:b9:43:47:ba:cd:4b:
84:23:a7:2f:b5:c4:ca:06:89:63:f0:53:5e:7c:47:
b4:eb:13:e6:ee:a1:46:3a:12:8d:40:07:80:70:c8:
f0:36:34:d9:01:71:69:ff:62:9a:c4:00:6f:70:d5:
ef:d2:4e:28:24:5e:e4:f6:ef:1d:d5:23:5d:47:3d:
d9:bd:39:4f:cf:c5:c4:6e:d5:42:65:b1:12:68:1e:
b4:fd:8d:01:a4:9e:7f:9c:a2:0f:3a:c8:dc:77:97:
f1:f2:15:98:53:5e:ce:78:ea:4d:b3:79:ae:f9:ae:
1f:5d:69:e6:53:e3:1d:b6:c1:8d:06:78:33:de:f1:
d0:c5:7f:07:31:bc:77:ee:d9:61:9e:b2:6d:34:2e:
db:59:0b:83:05:00:98:a8:90:f2:27:57:e9:72:41:
e4:49:b2:d8:63:40:07:92:2f:f4:a0:67:16:84:96:
7c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CB:35:F0:52:2A:E3:27:5C:61:E6:C0:1D:85:F6:A5:DF:28:72:39
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/mss18FIq4ydcYebAHYX2pd8ocjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.251.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:b6:51:4e:87:8f:07:a9:a1:f0:19:dd:56:f8:b6:14:35:12:
19:7a:8b:61:3e:00:25:7d:30:84:43:06:f5:7e:9a:16:c3:eb:
e6:d3:5a:7f:34:bf:17:aa:3a:66:be:33:af:7c:0d:29:57:70:
1c:11:1a:db:3d:b3:c4:9a:66:9e:5c:28:ce:e3:fe:08:69:51:
ec:43:81:6f:c0:f5:6f:c4:b8:df:3f:a3:de:75:88:f7:9d:0d:
8f:1a:fd:de:27:a1:30:fd:df:3d:3e:42:18:cd:b1:6f:ee:fd:
96:e2:bf:70:b7:b2:fc:fc:cf:16:ab:5b:e9:0d:e7:82:37:58:
78:2f:9a:62:72:3d:27:7a:4e:9f:8e:d2:37:86:42:a8:7d:66:
8a:66:f6:89:3e:0e:f0:6a:a8:c9:32:a1:00:eb:39:ae:9f:65:
f1:6a:9f:f8:37:9b:64:31:85:f4:2d:37:d6:74:e7:03:b3:44:
ba:70:70:7f:ec:48:1e:ef:0f:d8:e7:30:27:da:b0:9d:21:2f:
94:24:85:2b:0f:33:b3:80:5a:94:5d:3f:b8:4f:29:db:23:2a:
dd:33:5f:63:66:91:23:8e:ad:60:34:c0:85:f7:32:9b:8d:d0:
f5:ed:3e:5b:3c:65:5a:31:bc:90:7c:87:5e:c2:3a:b6:b7:5c:
85:d8:8d:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1dtL2VCHm3v8qvkJgtY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjUwMTAxMDc0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWNiMzVmMDUyMmFlMzI3NWM2MWU2YzAxZDg1ZjZhNWRmMjg3MjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnM+vh37IOFNiysf56i26BqKfR7k
33Og4h1aQUIGVgrMHL5FTpyZSJ7TFxpEqRoMf2pLqyk48Md1ShpgRz5wv1O9aZY9
z+Sjbkqr0M0cFCbDroa5Q0e6zUuEI6cvtcTKBolj8FNefEe06xPm7qFGOhKNQAeA
cMjwNjTZAXFp/2KaxABvcNXv0k4oJF7k9u8d1SNdRz3ZvTlPz8XEbtVCZbESaB60
/Y0BpJ5/nKIPOsjcd5fx8hWYU17OeOpNs3mu+a4fXWnmU+MdtsGNBngz3vHQxX8H
Mbx37tlhnrJtNC7bWQuDBQCYqJDyJ1fpckHkSbLYY0AHki/0oGcWhJZ83wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJrLNfBSKuMnXGHmwB2F9qXfKHI5MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvbXNzMThGSXE0eWRjWWViQUhZWDJwZDhvY2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQr7MA0G
CSqGSIb3DQEBCwUAA4IBAQCytlFOh48HqaHwGd1W+LYUNRIZeothPgAlfTCEQwb1
fpoWw+vm01p/NL8XqjpmvjOvfA0pV3AcERrbPbPEmmaeXCjO4/4IaVHsQ4FvwPVv
xLjfP6PedYj3nQ2PGv3eJ6Ew/d89PkIYzbFv7v2W4r9wt7L8/M8Wq1vpDeeCN1h4
L5picj0nek6fjtI3hkKofWaKZvaJPg7waqjJMqEA6zmun2Xxap/4N5tkMYX0LTfW
dOcDs0S6cHB/7Ege7w/Y5zAn2rCdIS+UJIUrDzOzgFqUXT+4TynbIyrdM19jZpEj
jq1gNMCF9zKbjdD17T5bPGVaMbyQfIdewjq2t1yF2I3D
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:55 2025 by rpki-client