Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mNguxrQSssFTgOvDx-TtVJcngJ0.roa
File: mNguxrQSssFTgOvDx-TtVJcngJ0.roa (raw, json)
Hash identifier: p4yScE1NaP9LVRZLGH/RikX/bIEDOl76JK/45ns5C9Q=
Subject key identifier: 98:D8:2E:C6:B4:12:B2:C1:53:80:EB:C3:C7:E4:ED:54:97:27:80:9D
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 01958ACB3BCF0D01DE737247A1A8B570AB1C
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mNguxrQSssFTgOvDx-TtVJcngJ0.roa
Signing time: Wed 12 Mar 2025 14:38:49 +0000
ROA not before: Wed 12 Mar 2025 14:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 185.162.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:cb:3b:cf:0d:01:de:73:72:47:a1:a8:b5:70:ab:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Mar 12 14:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98d82ec6b412b2c15380ebc3c7e4ed549727809d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:27:e2:32:2b:9c:fb:d3:3f:7a:8e:f0:bf:9a:
c0:30:9e:5b:78:e8:06:a5:bd:c6:51:8e:e4:93:9d:
fd:bc:72:e2:5a:d6:ee:02:47:36:4a:8a:65:0a:f5:
af:2f:6b:1d:fa:80:b3:72:16:7e:ac:85:99:e4:d2:
80:84:ab:da:c9:e4:6c:df:ff:cf:24:94:15:f7:a5:
e4:c9:ce:74:a4:cd:2c:89:7e:bc:18:71:46:0e:d7:
1f:5f:a3:b0:b3:04:d2:47:f6:97:d9:3f:ae:7b:c1:
f0:80:1f:37:32:e6:63:e6:cb:d5:b7:20:99:76:a7:
39:f4:c7:7a:1c:94:83:e9:0c:1c:47:60:c5:dd:8a:
a9:d2:d8:6f:c2:f8:4b:6c:a8:34:f6:cb:5b:71:c0:
17:6d:32:3a:ee:47:ad:29:6e:3e:6d:b4:81:c0:81:
57:8a:a8:c6:2b:3f:5c:a5:42:bf:5b:0d:e4:92:86:
48:fe:7d:56:e1:cf:e1:06:23:cb:52:6a:42:b0:05:
82:73:51:7d:5b:9b:42:7d:23:d4:5b:28:49:be:77:
44:71:6f:b6:69:0a:23:1d:d9:c1:9e:c0:62:8e:37:
0b:1c:8b:07:88:3a:00:f8:80:88:ba:e4:72:ec:c0:
e3:5e:d5:27:8d:79:5f:48:14:00:9e:df:67:0b:77:
38:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D8:2E:C6:B4:12:B2:C1:53:80:EB:C3:C7:E4:ED:54:97:27:80:9D
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mNguxrQSssFTgOvDx-TtVJcngJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.89.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:67:bd:8d:0a:3a:f2:2c:c1:e4:7d:40:79:8d:d6:a6:1b:71:
0d:d4:01:19:50:b1:01:ec:f6:bc:20:b1:8a:9c:1b:bf:1f:86:
04:a3:a3:e8:4c:c7:b1:a2:9b:da:48:d9:4b:23:26:36:ba:60:
24:d8:6f:b4:46:ae:f7:37:ca:06:4d:4e:e1:28:2e:9c:be:1a:
78:7e:15:52:9f:c5:17:0f:55:bb:3a:3d:f9:5e:c0:c1:6c:42:
65:29:0c:94:60:ab:16:f1:76:78:61:48:96:e8:a2:58:5f:f6:
ff:e2:1f:e5:9e:bb:01:aa:11:cd:fa:98:3e:71:ac:a5:c9:ea:
c8:29:a0:50:0d:4a:09:c2:41:aa:68:6b:c7:d7:f9:d7:5c:2f:
14:6d:b2:96:15:6f:75:2e:01:f0:1f:d6:f9:d3:14:d8:32:6c:
e8:a2:49:40:0b:34:37:7d:69:33:ef:f6:8c:c0:02:d9:99:24:
ad:26:b0:b2:95:82:4f:44:d6:9f:5d:02:fa:a3:43:1f:28:ba:
6d:42:05:f7:8a:7b:5a:59:59:6e:72:37:a2:e9:f8:e1:4c:0a:
f3:fa:e1:22:85:c1:98:7a:ad:14:64:0c:9a:74:f8:ad:39:4b:
f7:cc:99:87:9d:97:99:b1:2d:d3:4f:09:d1:a6:a9:7f:97:3e:
02:f9:2a:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWKyzvPDQHec3JHoai1cKscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjUwMzEyMTQzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQ4MmVjNmI0MTJiMmMxNTM4MGViYzNjN2U0ZWQ1NDk3Mjc4MDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjifiMiuc+9M/eo7wv5rAMJ5beOgG
pb3GUY7kk539vHLiWtbuAkc2SoplCvWvL2sd+oCzchZ+rIWZ5NKAhKvayeRs3//P
JJQV96Xkyc50pM0siX68GHFGDtcfX6OwswTSR/aX2T+ue8HwgB83MuZj5svVtyCZ
dqc59Md6HJSD6QwcR2DF3Yqp0thvwvhLbKg09stbccAXbTI67ketKW4+bbSBwIFX
iqjGKz9cpUK/Ww3kkoZI/n1W4c/hBiPLUmpCsAWCc1F9W5tCfSPUWyhJvndEcW+2
aQojHdnBnsBijjcLHIsHiDoA+ICIuuRy7MDjXtUnjXlfSBQAnt9nC3c4hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjYLsa0ErLBU4Drw8fk7VSXJ4CdMB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvbU5ndXhyUVNzc0ZUZ092RHgtVHRWSmNuZ0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaJZMA0G
CSqGSIb3DQEBCwUAA4IBAQALZ72NCjryLMHkfUB5jdamG3EN1AEZULEB7Pa8ILGK
nBu/H4YEo6PoTMexopvaSNlLIyY2umAk2G+0Rq73N8oGTU7hKC6cvhp4fhVSn8UX
D1W7Oj35XsDBbEJlKQyUYKsW8XZ4YUiW6KJYX/b/4h/lnrsBqhHN+pg+caylyerI
KaBQDUoJwkGqaGvH1/nXXC8UbbKWFW91LgHwH9b50xTYMmzooklACzQ3fWkz7/aM
wALZmSStJrCylYJPRNafXQL6o0MfKLptQgX3intaWVlucjei6fjhTArz+uEihcGY
eq0UZAyadPitOUv3zJmHnZeZsS3TTwnRpql/lz4C+So1
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:30:18 2025 by rpki-client