Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/dMlBq16YcIM7-JR7sVrQGjUo5Ts.roa
File: dMlBq16YcIM7-JR7sVrQGjUo5Ts.roa (raw, json)
Hash identifier: i7NU7NT4PhY/w3tg6T+Z3qdRHBm2oFSaLm/74+Urx2g=
Subject key identifier: 74:C9:41:AB:5E:98:70:83:3B:F8:94:7B:B1:5A:D0:1A:35:28:E5:3B
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 01952953A5C7710270A7D74500A78E5DB9AF
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/dMlBq16YcIM7-JR7sVrQGjUo5Ts.roa
Signing time: Fri 21 Feb 2025 16:25:02 +0000
ROA not before: Fri 21 Feb 2025 16:25:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50053
IP address blocks: 185.174.40.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:29:53:a5:c7:71:02:70:a7:d7:45:00:a7:8e:5d:b9:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Feb 21 16:25:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74c941ab5e9870833bf8947bb15ad01a3528e53b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bb:eb:7a:81:93:aa:d8:bf:27:f2:2a:bb:43:
d6:af:c6:5a:e4:ff:8a:da:da:a2:2e:30:15:ee:be:
50:cf:6e:55:28:1d:d1:6c:b3:b9:76:c6:3c:ad:f9:
26:91:2e:75:ba:10:c8:95:ed:05:3e:8e:86:d7:55:
78:d3:7c:a7:02:32:01:ef:58:1d:49:28:b6:59:21:
20:aa:52:d8:5d:e1:1e:40:71:ea:08:1d:3e:62:dc:
a0:e6:d0:6d:69:97:cd:d5:20:cc:7f:17:95:2f:7e:
96:50:7f:e1:f5:5c:d0:ed:36:d7:a8:d1:1e:b4:e6:
34:e3:22:bb:8b:23:c0:a4:f7:69:ee:0e:6c:b9:5b:
c0:00:05:9b:ec:eb:4a:d6:b4:78:17:78:db:db:01:
7d:44:6e:de:82:93:5e:b6:bc:0e:89:f2:11:51:8f:
25:43:d1:91:47:08:4f:0d:f2:c8:26:05:4c:40:e7:
8d:33:de:e4:b2:ce:a9:a3:5e:b7:d3:db:c2:33:39:
32:7d:9e:53:1c:d7:e3:f2:e4:58:69:78:69:1e:5e:
d8:95:5d:2c:10:2c:8c:e0:cd:6f:d8:0d:10:16:8e:
13:4f:c1:34:cf:cc:ac:4f:8e:62:f7:e2:81:1c:8e:
15:75:54:a5:6c:72:c7:f6:1d:93:67:40:6a:8e:40:
7d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C9:41:AB:5E:98:70:83:3B:F8:94:7B:B1:5A:D0:1A:35:28:E5:3B
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/dMlBq16YcIM7-JR7sVrQGjUo5Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.40.0/24
Signature Algorithm: sha256WithRSAEncryption
58:22:fb:a4:c6:4f:b2:71:d3:5d:d8:6c:61:15:35:36:20:b3:
46:8f:12:65:84:bb:69:4a:47:5c:69:00:71:e7:87:96:aa:73:
68:cf:9a:fd:9e:4d:17:81:ae:31:a2:ca:94:bf:a8:f0:05:6f:
4b:b8:a0:cc:e9:31:30:5e:ea:f6:96:fc:61:ca:8e:6d:4d:c3:
c9:29:4c:01:8b:4c:5b:b7:44:b6:c3:b1:86:bb:c0:86:a5:7d:
52:2b:c5:fa:73:97:bf:cb:8b:a1:fa:d6:0d:50:f5:13:e3:4c:
44:52:9f:6b:d7:49:c9:e6:cf:eb:21:66:0a:f0:92:1f:00:77:
1f:9a:36:1b:02:99:74:d2:0d:1d:4e:00:fa:5b:bc:03:bf:b3:
11:1a:b8:7a:b3:ce:50:e1:05:78:bf:a4:c2:76:1a:13:a0:ea:
6c:ca:7b:3f:3d:1b:1b:52:df:40:b2:ba:04:18:d5:66:65:00:
d3:01:37:f2:2b:2a:ae:a4:af:b8:b3:50:eb:a4:b7:ac:50:57:
4d:08:4a:60:25:31:3d:60:c3:bf:1d:52:07:f0:4a:c3:56:ad:
7e:62:b0:c3:14:78:d4:72:ab:96:08:8b:0f:f6:f6:ea:68:ef:
ae:a8:e5:be:71:22:e9:08:3d:21:a0:92:8f:3d:9b:a5:80:e1:
97:c7:1e:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUpU6XHcQJwp9dFAKeOXbmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjUwMjIxMTYyNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGM5NDFhYjVlOTg3MDgzM2JmODk0N2JiMTVhZDAxYTM1MjhlNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7vreoGTqti/J/Iqu0PWr8Za5P+K
2tqiLjAV7r5Qz25VKB3RbLO5dsY8rfkmkS51uhDIle0FPo6G11V403ynAjIB71gd
SSi2WSEgqlLYXeEeQHHqCB0+Ytyg5tBtaZfN1SDMfxeVL36WUH/h9VzQ7TbXqNEe
tOY04yK7iyPApPdp7g5suVvAAAWb7OtK1rR4F3jb2wF9RG7egpNetrwOifIRUY8l
Q9GRRwhPDfLIJgVMQOeNM97kss6po16309vCMzkyfZ5THNfj8uRYaXhpHl7YlV0s
ECyM4M1v2A0QFo4TT8E0z8ysT45i9+KBHI4VdVSlbHLH9h2TZ0BqjkB9EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHTJQatemHCDO/iUe7Fa0Bo1KOU7MB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvZE1sQnExNlljSU03LUpSN3NWclFHalVvNVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua4oMA0G
CSqGSIb3DQEBCwUAA4IBAQBYIvukxk+ycdNd2GxhFTU2ILNGjxJlhLtpSkdcaQBx
54eWqnNoz5r9nk0Xga4xosqUv6jwBW9LuKDM6TEwXur2lvxhyo5tTcPJKUwBi0xb
t0S2w7GGu8CGpX1SK8X6c5e/y4uh+tYNUPUT40xEUp9r10nJ5s/rIWYK8JIfAHcf
mjYbApl00g0dTgD6W7wDv7MRGrh6s85Q4QV4v6TCdhoToOpsyns/PRsbUt9AsroE
GNVmZQDTATfyKyqupK+4s1DrpLesUFdNCEpgJTE9YMO/HVIH8ErDVq1+YrDDFHjU
cquWCIsP9vbqaO+uqOW+cSLpCD0hoJKPPZulgOGXxx5I
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:47:07 2025 by rpki-client