Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/MsJyOsbVpQF0bmOk4lDmCk2Ixaw.roa
File: MsJyOsbVpQF0bmOk4lDmCk2Ixaw.roa (raw, json)
Hash identifier: B4zGetD0jpIcmHis4I04KfqeBFq8sxNosMNWhmkkmLE=
Subject key identifier: 32:C2:72:3A:C6:D5:A5:01:74:6E:63:A4:E2:50:E6:0A:4D:88:C5:AC
Certificate issuer: /CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
Certificate serial: 019420684E302799F7062EE81A1A3F3D6EF9
Authority key identifier: 06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/MsJyOsbVpQF0bmOk4lDmCk2Ixaw.roa
Signing time: Wed 01 Jan 2025 05:48:14 +0000
ROA not before: Wed 01 Jan 2025 05:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15965
IP address blocks: 80.64.144.0/20 maxlen: 20
193.91.32.0/20 maxlen: 20
194.48.193.0/24 maxlen: 24
194.48.252.0/23 maxlen: 24
195.43.96.0/19 maxlen: 19
217.31.64.0/20 maxlen: 20
2a02:3a8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4e:30:27:99:f7:06:2e:e8:1a:1a:3f:3d:6e:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
Validity
Not Before: Jan 1 05:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32c2723ac6d5a501746e63a4e250e60a4d88c5ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:50:f5:b9:48:70:8f:f7:0f:3c:07:c8:44:08:
a0:fd:37:52:32:2a:c3:a3:46:18:7f:9b:7d:f6:18:
43:e0:98:a6:07:3a:9a:bb:22:c2:24:7b:df:0c:f5:
bc:42:67:3c:67:39:d9:be:b8:7a:4d:16:0d:12:4c:
a4:53:95:c2:31:2c:a1:3c:e3:ee:9a:69:29:50:8d:
a6:ad:d3:b0:43:55:80:9b:4b:79:01:25:6a:b3:93:
2c:f5:5d:76:4b:6d:5f:7e:10:b3:c7:29:4e:71:1f:
e5:7a:8e:39:29:0e:d9:ef:b4:86:1d:72:d0:4c:12:
e4:e8:4d:66:da:24:b4:32:d3:30:f6:dd:66:a5:fd:
ac:de:68:ba:86:ef:04:10:d7:bb:2a:7b:50:96:6c:
db:ff:6a:89:7a:01:0f:33:57:a4:2c:12:2e:eb:c5:
28:f9:e1:40:c5:d2:f6:0b:23:af:fb:f4:9f:8b:3e:
ef:8d:a5:ff:b3:ab:ec:e3:40:d7:26:35:c8:9a:e4:
bc:21:8b:75:2e:df:ed:0a:6f:b3:f0:b4:02:9f:ff:
56:84:52:c8:12:c7:f7:47:c5:e7:05:d1:02:4a:90:
e7:f5:6f:74:58:b7:cd:fe:e6:28:1d:7e:cb:08:0a:
65:c7:a2:53:f6:c6:da:a5:98:a6:b0:cd:e5:6c:09:
59:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C2:72:3A:C6:D5:A5:01:74:6E:63:A4:E2:50:E6:0A:4D:88:C5:AC
X509v3 Authority Key Identifier:
keyid:06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/MsJyOsbVpQF0bmOk4lDmCk2Ixaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.144.0/20
193.91.32.0/20
194.48.193.0/24
194.48.252.0/23
195.43.96.0/19
217.31.64.0/20
IPv6:
2a02:3a8::/32
Signature Algorithm: sha256WithRSAEncryption
50:de:5f:b5:b7:d0:ec:c3:7b:19:6f:37:1d:37:21:63:e4:02:
09:8c:47:f8:4f:38:d4:25:6d:ab:cc:ce:bd:b5:43:79:04:c2:
bc:31:5e:46:cf:24:62:11:55:47:e0:30:cb:17:2d:2a:df:19:
51:a3:af:b1:cb:d5:c4:85:1b:1b:19:58:f7:02:ff:5d:c9:27:
eb:1c:a9:3e:99:3b:25:ce:e3:e6:58:ca:73:4f:1f:61:f2:f6:
34:80:b9:3c:82:9e:5e:fb:13:f8:8c:2f:48:5a:ff:07:66:b7:
8d:81:9b:db:6d:82:f3:36:1a:51:8b:c4:ae:6d:e6:60:8f:44:
14:63:d5:c1:d3:44:87:dc:db:88:b5:ee:95:39:30:07:ae:84:
63:39:33:26:90:64:45:cc:11:3e:f6:5e:ba:a9:bc:e5:59:b6:
8e:75:73:94:f6:b2:ec:c5:7a:d9:d7:e2:5f:49:0b:4e:5e:bf:
29:16:a9:e6:b5:94:41:bd:37:f8:64:ab:3d:03:c4:4d:fd:5a:
93:20:91:35:5f:d7:d5:96:6c:e9:ed:d1:55:b8:ad:59:a8:8f:
de:ba:e0:d5:89:cf:8b:0f:15:77:7e:f3:9b:1e:62:5b:2b:44:
7e:1d:4d:51:fd:b2:50:63:11:fc:69:88:f2:ca:57:dc:9f:38:
fa:02:4d:83
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQgaE4wJ5n3Bi7oGho/PW75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YjdlZGVmNjE4NTg3MjNjNGFkZWJlM2VlNWE4OWY3MDA1
OGQ1ZmUwHhcNMjUwMTAxMDU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmMyNzIzYWM2ZDVhNTAxNzQ2ZTYzYTRlMjUwZTYwYTRkODhjNWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVD1uUhwj/cPPAfIRAig/TdSMirD
o0YYf5t99hhD4JimBzqauyLCJHvfDPW8Qmc8ZznZvrh6TRYNEkykU5XCMSyhPOPu
mmkpUI2mrdOwQ1WAm0t5ASVqs5Ms9V12S21ffhCzxylOcR/leo45KQ7Z77SGHXLQ
TBLk6E1m2iS0MtMw9t1mpf2s3mi6hu8EENe7KntQlmzb/2qJegEPM1ekLBIu68Uo
+eFAxdL2CyOv+/Sfiz7vjaX/s6vs40DXJjXImuS8IYt1Lt/tCm+z8LQCn/9WhFLI
Esf3R8XnBdECSpDn9W90WLfN/uYoHX7LCAplx6JT9sbapZimsM3lbAlZywIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDLCcjrG1aUBdG5jpOJQ5gpNiMWsMB8GA1UdIwQY
MBaAFAa37e9hhYcjxK3r4+5aifcAWNX+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUt
ODk1NTFlOGNjZTEyLzEvTXNKeU9zYlZwUUYwYm1PazRsRG1DazJJeGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUtODk1NTFlOGNjZTEy
LzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUECQAwQE
wVsgAwQAwjDBAwQBwjD8AwQFwytgAwQE2R9AMA0EAgACMAcDBQAqAgOoMA0GCSqG
SIb3DQEBCwUAA4IBAQBQ3l+1t9Dsw3sZbzcdNyFj5AIJjEf4TzjUJW2rzM69tUN5
BMK8MV5GzyRiEVVH4DDLFy0q3xlRo6+xy9XEhRsbGVj3Av9dySfrHKk+mTslzuPm
WMpzTx9h8vY0gLk8gp5e+xP4jC9IWv8HZreNgZvbbYLzNhpRi8SubeZgj0QUY9XB
00SH3NuIte6VOTAHroRjOTMmkGRFzBE+9l66qbzlWbaOdXOU9rLsxXrZ1+JfSQtO
Xr8pFqnmtZRBvTf4ZKs9A8RN/VqTIJE1X9fVlmzp7dFVuK1ZqI/euuDVic+LDxV3
fvObHmJbK0R+HU1R/bJQYxH8aYjyylfcnzj6Ak2D
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:30:33 2025 by rpki-client