Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/26a0a3-22f1-4ca1-a6cd-67ebbc8c6862/1/MA5FazDAuWizu2sArINAiZDNSkk.roa
File: MA5FazDAuWizu2sArINAiZDNSkk.roa (raw, json)
Hash identifier: RRjoWKPkJksBjTPCtL+V2nNMKG6oIx2+O6vH374Aw7I=
Subject key identifier: 30:0E:45:6B:30:C0:B9:68:B3:BB:6B:00:AC:83:40:89:90:CD:4A:49
Certificate issuer: /CN=77347e168d69658545374e6a0b68d24b97fcd006
Certificate serial: 01941F8C48B7C1AC2421DEC90604D158F702
Authority key identifier: 77:34:7E:16:8D:69:65:85:45:37:4E:6A:0B:68:D2:4B:97:FC:D0:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzR-Fo1pZYVFN05qC2jSS5f80AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/26a0a3-22f1-4ca1-a6cd-67ebbc8c6862/1/MA5FazDAuWizu2sArINAiZDNSkk.roa
Signing time: Wed 01 Jan 2025 01:47:54 +0000
ROA not before: Wed 01 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206260
IP address blocks: 88.84.32.0/20 maxlen: 20
185.9.88.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:48:b7:c1:ac:24:21:de:c9:06:04:d1:58:f7:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77347e168d69658545374e6a0b68d24b97fcd006
Validity
Not Before: Jan 1 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=300e456b30c0b968b3bb6b00ac83408990cd4a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b6:d0:6f:76:9f:c7:ea:0b:ef:f8:b3:ad:c6:
5c:f2:c3:de:31:6a:c2:ee:5e:0c:57:9c:f6:9d:94:
0f:58:c3:f5:79:d9:82:fe:e4:7e:83:14:bb:47:e0:
37:d3:40:55:6c:a1:1b:8b:57:ff:8a:38:20:77:64:
c9:e0:8b:1e:2a:93:a7:4f:5c:1d:f8:fe:de:e1:bf:
1e:55:34:d4:79:b5:12:cf:19:eb:6d:3b:03:48:e6:
5b:c9:a8:b8:23:45:6d:02:c2:36:c6:47:2a:26:f4:
66:6d:62:3c:86:a2:c8:bb:81:fc:df:74:ba:ad:c8:
02:ee:e2:7f:a1:d2:f4:94:35:f4:a6:14:5f:55:d8:
51:8b:5e:1b:61:c5:cc:da:af:c7:5c:0c:10:4d:62:
c3:e6:05:aa:8f:3b:7d:be:f1:c8:95:96:e5:88:60:
ef:e2:a4:04:d9:7a:a0:1b:26:44:91:76:49:15:7c:
f7:31:c6:41:6f:89:84:b2:8a:6f:98:2a:58:01:d3:
a4:59:f7:88:63:30:88:bf:08:31:3b:e7:70:f0:4f:
c6:15:e7:fd:e1:4e:ec:1d:62:7e:80:77:81:b5:bb:
e7:ee:8c:28:4b:f2:90:c3:f4:8e:7d:be:46:d1:54:
c5:62:b6:2d:57:d2:cc:59:c1:51:48:9f:7c:49:dc:
90:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0E:45:6B:30:C0:B9:68:B3:BB:6B:00:AC:83:40:89:90:CD:4A:49
X509v3 Authority Key Identifier:
keyid:77:34:7E:16:8D:69:65:85:45:37:4E:6A:0B:68:D2:4B:97:FC:D0:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzR-Fo1pZYVFN05qC2jSS5f80AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/26a0a3-22f1-4ca1-a6cd-67ebbc8c6862/1/MA5FazDAuWizu2sArINAiZDNSkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/26a0a3-22f1-4ca1-a6cd-67ebbc8c6862/1/dzR-Fo1pZYVFN05qC2jSS5f80AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.32.0/20
185.9.88.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:ba:1a:c4:11:42:6a:81:72:35:14:7b:86:4c:aa:50:23:89:
93:e1:4e:c7:9a:0e:38:25:73:c5:14:44:85:f9:a5:cd:39:af:
ef:35:79:97:87:f6:3c:9b:d9:dc:5f:77:0d:8f:14:27:13:ac:
8b:41:e4:c4:13:46:28:e7:b7:9a:1f:95:bf:bc:3d:c8:32:7a:
94:02:3b:d8:56:56:c6:e2:f9:5c:58:12:4b:4b:91:27:47:61:
f9:fa:ab:88:b0:97:b6:7e:85:94:22:8b:69:98:4d:b8:95:9d:
f6:8e:f6:21:0c:6d:b5:75:b5:49:42:57:e5:6d:78:86:51:cd:
18:f3:56:4a:fb:e8:62:f5:26:82:90:e3:fe:40:c0:df:4e:1c:
2d:58:61:a8:fe:7d:13:a8:52:38:03:e1:96:8d:d4:5a:8a:5f:
b1:39:e3:b3:3f:89:b0:13:80:d6:c2:a3:6c:f2:bc:8f:c3:1d:
f7:c8:66:05:c0:1b:43:da:20:ee:19:ab:46:b9:eb:95:b5:2d:
3e:ab:7d:51:27:f0:e8:2d:80:29:c9:99:a0:60:0b:72:ed:5e:
a7:29:2a:b3:f7:4c:7c:3a:3a:05:45:22:ed:17:bf:f3:f1:81:
ba:d8:e9:0a:c6:16:76:0f:5f:66:d4:fd:da:86:b5:56:0d:6f:
c9:bf:53:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQfjEi3wawkId7JBgTRWPcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzQ3ZTE2OGQ2OTY1ODU0NTM3NGU2YTBiNjhkMjRiOTdm
Y2QwMDYwHhcNMjUwMTAxMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDBlNDU2YjMwYzBiOTY4YjNiYjZiMDBhYzgzNDA4OTkwY2Q0YTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7bQb3afx+oL7/izrcZc8sPeMWrC
7l4MV5z2nZQPWMP1edmC/uR+gxS7R+A300BVbKEbi1f/ijggd2TJ4IseKpOnT1wd
+P7e4b8eVTTUebUSzxnrbTsDSOZbyai4I0VtAsI2xkcqJvRmbWI8hqLIu4H833S6
rcgC7uJ/odL0lDX0phRfVdhRi14bYcXM2q/HXAwQTWLD5gWqjzt9vvHIlZbliGDv
4qQE2XqgGyZEkXZJFXz3McZBb4mEsopvmCpYAdOkWfeIYzCIvwgxO+dw8E/GFef9
4U7sHWJ+gHeBtbvn7owoS/KQw/SOfb5G0VTFYrYtV9LMWcFRSJ98SdyQnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDAORWswwLlos7trAKyDQImQzUpJMB8GA1UdIwQY
MBaAFHc0fhaNaWWFRTdOagto0kuX/NAGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpSLUZvMXBaWVZGTjA1cUMyalNTNWY4MEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8yNmEwYTMtMjJmMS00Y2ExLWE2Y2Qt
NjdlYmJjOGM2ODYyLzEvTUE1RmF6REF1V2l6dTJzQXJJTkFpWkROU2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8yNmEwYTMtMjJmMS00Y2ExLWE2Y2QtNjdlYmJjOGM2ODYy
LzEvZHpSLUZvMXBaWVZGTjA1cUMyalNTNWY4MEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWFQgAwQB
uQlYMA0GCSqGSIb3DQEBCwUAA4IBAQCyuhrEEUJqgXI1FHuGTKpQI4mT4U7Hmg44
JXPFFESF+aXNOa/vNXmXh/Y8m9ncX3cNjxQnE6yLQeTEE0Yo57eaH5W/vD3IMnqU
AjvYVlbG4vlcWBJLS5EnR2H5+quIsJe2foWUIotpmE24lZ32jvYhDG21dbVJQlfl
bXiGUc0Y81ZK++hi9SaCkOP+QMDfThwtWGGo/n0TqFI4A+GWjdRail+xOeOzP4mw
E4DWwqNs8ryPwx33yGYFwBtD2iDuGatGueuVtS0+q31RJ/DoLYApyZmgYAty7V6n
KSqz90x8OjoFRSLtF7/z8YG62OkKxhZ2D19m1P3ahrVWDW/Jv1OH
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:35 2025 by rpki-client