Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/578642-9428-4a17-b936-88329b03b2aa/1/MrNPCJrzQYEkj0-tFyVdBBPQzeA.roa
File: MrNPCJrzQYEkj0-tFyVdBBPQzeA.roa (raw, json)
Hash identifier: TV/cB1jTJLZYspwrBoxImpHFv71m1tUtXKNM++hg+IY=
Subject key identifier: 32:B3:4F:08:9A:F3:41:81:24:8F:4F:AD:17:25:5D:04:13:D0:CD:E0
Certificate issuer: /CN=ac345e7c5920cc89a3ea6cada2be505283684270
Certificate serial: 01856F4B74E4EABF506CC2C3C90F066094EC
Authority key identifier: AC:34:5E:7C:59:20:CC:89:A3:EA:6C:AD:A2:BE:50:52:83:68:42:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rDRefFkgzImj6mytor5QUoNoQnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/578642-9428-4a17-b936-88329b03b2aa/1/MrNPCJrzQYEkj0-tFyVdBBPQzeA.roa
Signing time: Sun 01 Jan 2023 21:44:54 +0000
ROA not before: Sun 01 Jan 2023 21:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 62.3.54.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:74:e4:ea:bf:50:6c:c2:c3:c9:0f:06:60:94:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac345e7c5920cc89a3ea6cada2be505283684270
Validity
Not Before: Jan 1 21:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32b34f089af34181248f4fad17255d0413d0cde0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ea:00:f9:a8:f8:32:1c:9a:53:b9:0a:75:c0:
f9:81:e2:73:89:15:ee:1d:ce:ab:52:65:ac:24:8c:
84:b1:a6:c8:f6:5f:70:35:c0:58:5a:c3:05:41:70:
fd:75:df:cc:01:e6:bc:94:b3:11:7a:a0:ee:e0:0e:
63:be:f5:19:42:72:aa:b9:73:e1:dd:7b:fd:00:4d:
25:3a:54:cc:5b:20:c8:29:8f:5f:cf:b7:d1:32:16:
5d:7a:cc:5e:11:cf:5b:d6:4c:ef:46:c9:e8:66:25:
3f:17:b6:e3:14:c1:af:b2:c4:e6:b5:36:c2:04:b9:
e9:69:e0:f7:4d:01:f7:37:7d:38:1d:7d:a0:4c:e9:
9f:dd:e6:b9:48:ed:97:b7:88:2f:23:b2:cf:81:57:
53:28:0e:55:30:ed:6e:7a:30:06:81:ba:9c:a3:3b:
9b:8a:d8:39:b8:63:76:df:b8:5e:74:bf:7d:cc:47:
5b:93:2d:df:e8:52:69:cf:ba:80:af:f2:4f:c1:4c:
5c:c6:65:60:78:fc:3b:c8:2a:47:a0:7e:60:e0:9b:
32:39:71:f1:94:d3:d6:ba:3e:80:c0:87:7f:a4:61:
3c:b2:05:6f:ef:07:69:8b:8e:f0:f9:3b:d8:93:20:
e6:b9:92:14:76:97:02:38:41:e1:9c:8d:cf:7c:24:
9c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B3:4F:08:9A:F3:41:81:24:8F:4F:AD:17:25:5D:04:13:D0:CD:E0
X509v3 Authority Key Identifier:
keyid:AC:34:5E:7C:59:20:CC:89:A3:EA:6C:AD:A2:BE:50:52:83:68:42:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rDRefFkgzImj6mytor5QUoNoQnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/578642-9428-4a17-b936-88329b03b2aa/1/MrNPCJrzQYEkj0-tFyVdBBPQzeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/578642-9428-4a17-b936-88329b03b2aa/1/rDRefFkgzImj6mytor5QUoNoQnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.54.0/24
Signature Algorithm: sha256WithRSAEncryption
81:a3:e8:b4:1d:93:23:1e:f6:ff:e3:20:28:fd:6b:df:ee:07:
f3:67:f3:57:3f:6f:20:5f:5b:2d:a9:a8:2c:e7:4f:58:24:f3:
a5:e4:33:a9:fa:46:80:dc:62:e3:7e:75:d2:f0:85:2d:3b:32:
75:bc:c9:78:c9:f0:d7:1d:94:e7:4a:91:da:d4:90:da:67:9d:
d2:95:7a:16:7b:cc:6b:a0:aa:04:45:03:9d:b4:a8:3e:c5:b2:
04:0c:db:63:90:14:cd:88:7e:e4:70:62:12:59:50:51:39:90:
6c:e4:cd:ad:2a:a5:44:78:3f:a7:31:6a:c1:68:65:1e:73:a5:
54:ea:21:2f:e0:93:43:69:ad:d9:f7:f3:ce:80:bb:f4:72:ba:
18:1f:4f:05:cf:51:56:d2:66:83:58:ea:d7:1a:ff:39:fb:0f:
ff:38:5b:61:59:d8:9c:b7:e1:1f:c5:97:1e:e3:93:77:5b:95:
0d:61:af:c6:cc:c6:84:21:7e:58:4a:58:b1:44:5a:d5:66:99:
df:9c:a7:0f:b6:a6:f0:df:a3:b0:d7:9f:87:9e:4f:18:be:e4:
cf:e9:dd:a6:b0:c0:b0:af:d3:6d:f8:39:63:80:cf:cd:c4:22:
21:ca:58:f5:34:3f:e1:08:09:a1:ae:71:85:d6:08:df:16:9b:
ef:bb:28:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS3Tk6r9QbMLDyQ8GYJTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMzQ1ZTdjNTkyMGNjODlhM2VhNmNhZGEyYmU1MDUyODM2
ODQyNzAwHhcNMjMwMTAxMjE0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmIzNGYwODlhZjM0MTgxMjQ4ZjRmYWQxNzI1NWQwNDEzZDBjZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOoA+aj4MhyaU7kKdcD5geJziRXu
Hc6rUmWsJIyEsabI9l9wNcBYWsMFQXD9dd/MAea8lLMReqDu4A5jvvUZQnKquXPh
3Xv9AE0lOlTMWyDIKY9fz7fRMhZdesxeEc9b1kzvRsnoZiU/F7bjFMGvssTmtTbC
BLnpaeD3TQH3N304HX2gTOmf3ea5SO2Xt4gvI7LPgVdTKA5VMO1uejAGgbqcozub
itg5uGN237hedL99zEdbky3f6FJpz7qAr/JPwUxcxmVgePw7yCpHoH5g4JsyOXHx
lNPWuj6AwId/pGE8sgVv7wdpi47w+TvYkyDmuZIUdpcCOEHhnI3PfCSceQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDKzTwia80GBJI9PrRclXQQT0M3gMB8GA1UdIwQY
MBaAFKw0XnxZIMyJo+psraK+UFKDaEJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckRSZWZGa2d6SW1qNm15dG9yNVFVb05vUW5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2NDItOTQyOC00YTE3LWI5MzYt
ODgzMjliMDNiMmFhLzEvTXJOUENKcnpRWUVrajAtdEZ5VmRCQlBRemVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2NDItOTQyOC00YTE3LWI5MzYtODgzMjliMDNiMmFh
LzEvckRSZWZGa2d6SW1qNm15dG9yNVFVb05vUW5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgM2MA0G
CSqGSIb3DQEBCwUAA4IBAQCBo+i0HZMjHvb/4yAo/Wvf7gfzZ/NXP28gX1stqags
509YJPOl5DOp+kaA3GLjfnXS8IUtOzJ1vMl4yfDXHZTnSpHa1JDaZ53SlXoWe8xr
oKoERQOdtKg+xbIEDNtjkBTNiH7kcGISWVBROZBs5M2tKqVEeD+nMWrBaGUec6VU
6iEv4JNDaa3Z9/POgLv0croYH08Fz1FW0maDWOrXGv85+w//OFthWdict+EfxZce
45N3W5UNYa/GzMaEIX5YSlixRFrVZpnfnKcPtqbw36Ow15+Hnk8YvuTP6d2msMCw
r9Nt+DljgM/NxCIhylj1ND/hCAmhrnGF1gjfFpvvuyhi
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:49:05 2025 by rpki-client