Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/24abaf-d1f2-4058-b5e7-36ff932ad611/1/mknFzY_vFEDzUAi_Ez1Tsk_vPrc.roa
File: mknFzY_vFEDzUAi_Ez1Tsk_vPrc.roa (raw, json)
Hash identifier: Y59T+aN//MpV5rPNQVuGsl6I/E13x/VOPqp5X8hmD4Y=
Subject key identifier: 9A:49:C5:CD:8F:EF:14:40:F3:50:08:BF:13:3D:53:B2:4F:EF:3E:B7
Certificate issuer: /CN=c754c6069e49d24931379a4c92456385922b46ce
Certificate serial: 01867A8B553688DD54F624FCEC2369627D78
Authority key identifier: C7:54:C6:06:9E:49:D2:49:31:37:9A:4C:92:45:63:85:92:2B:46:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1TGBp5J0kkxN5pMkkVjhZIrRs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/24abaf-d1f2-4058-b5e7-36ff932ad611/1/mknFzY_vFEDzUAi_Ez1Tsk_vPrc.roa
Signing time: Wed 22 Feb 2023 19:13:17 +0000
ROA not before: Wed 22 Feb 2023 19:13:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50673
IP address blocks: 185.23.253.0/24 maxlen: 24
2a0f:4a80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:8b:55:36:88:dd:54:f6:24:fc:ec:23:69:62:7d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c754c6069e49d24931379a4c92456385922b46ce
Validity
Not Before: Feb 22 19:13:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a49c5cd8fef1440f35008bf133d53b24fef3eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:80:8a:52:bb:86:b7:23:31:e1:fc:e4:44:c3:
b9:c8:16:11:d4:70:cd:cc:34:a5:84:30:ea:08:66:
68:4e:db:16:1b:4f:52:08:db:80:b2:8a:4e:58:fc:
aa:66:a6:2f:b5:78:35:a2:63:e9:76:b6:42:12:09:
38:40:c7:c9:18:df:ed:a2:a6:95:98:04:25:f1:e8:
a8:8d:45:0f:43:dc:dc:4f:9b:9a:1f:1c:6e:3e:78:
c8:2d:91:08:5d:64:7a:f4:28:bb:84:44:1b:95:e5:
18:73:84:ff:f8:76:11:ee:35:47:f3:e2:fc:ce:96:
c7:e7:d6:15:2c:1d:91:8a:75:1d:10:b9:82:37:8f:
d8:d6:6b:d6:74:b4:00:88:9e:a7:55:37:33:d2:c2:
07:b6:ff:33:25:2d:a0:a7:e0:d9:e3:cb:7a:e6:19:
48:4f:33:86:7f:31:9d:27:e4:f8:67:51:07:f6:0b:
09:b2:cb:bd:50:ba:06:e6:39:ba:81:20:67:ce:10:
c3:cd:1f:8a:df:b0:dd:ce:c5:e3:fa:1a:74:97:c0:
23:d5:c7:50:5d:0b:c1:1d:37:b5:a4:6d:87:94:b8:
ee:04:78:32:7f:2f:c3:12:2c:7b:bc:19:f2:02:cb:
98:48:e7:e0:07:a3:04:ab:da:8a:72:e8:1a:46:0b:
f4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:49:C5:CD:8F:EF:14:40:F3:50:08:BF:13:3D:53:B2:4F:EF:3E:B7
X509v3 Authority Key Identifier:
keyid:C7:54:C6:06:9E:49:D2:49:31:37:9A:4C:92:45:63:85:92:2B:46:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1TGBp5J0kkxN5pMkkVjhZIrRs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/24abaf-d1f2-4058-b5e7-36ff932ad611/1/mknFzY_vFEDzUAi_Ez1Tsk_vPrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/24abaf-d1f2-4058-b5e7-36ff932ad611/1/x1TGBp5J0kkxN5pMkkVjhZIrRs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.253.0/24
IPv6:
2a0f:4a80::/48
Signature Algorithm: sha256WithRSAEncryption
57:bd:b4:e8:4b:a0:d4:8a:62:38:10:b2:ce:c6:0b:37:25:0d:
5c:cd:7f:e9:39:1f:7c:22:62:ad:15:e7:ec:59:64:f2:56:43:
3a:da:f8:ce:be:78:e0:b3:eb:9a:a4:a2:b7:bd:60:6c:50:9e:
99:b8:5c:f6:86:58:54:a9:a9:0b:ef:db:0b:fd:1b:81:59:ad:
76:d2:7a:c3:01:9e:2d:d2:5a:c9:1c:f8:c4:d5:a3:2e:f8:e5:
81:00:22:b7:5f:a3:ef:8d:a2:f6:83:26:68:a2:6e:a0:27:ee:
21:42:0c:c8:5e:be:81:bd:d6:bb:25:00:15:22:f1:92:5c:47:
1f:67:a7:a7:45:6d:05:64:59:6e:b8:7c:57:cc:ac:ab:d3:f1:
00:ce:1e:72:b4:28:d0:ac:2d:d7:e3:02:b8:8f:24:00:e4:89:
a6:73:76:f9:d1:07:e2:55:52:77:54:9f:2f:53:98:18:e8:59:
42:a9:88:b1:d9:20:46:f7:ce:64:d7:10:67:e6:ff:d3:1b:61:
32:58:dd:f7:08:cc:16:41:29:16:47:20:e4:ab:4b:2f:64:a4:
e3:1c:1a:bd:8d:3f:c2:42:23:45:b2:d2:01:ff:f2:fa:56:95:
5c:00:93:2d:45:27:37:4b:e7:35:52:d3:6a:37:bc:4c:f2:59:
b9:52:a3:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ6i1U2iN1U9iT87CNpYn14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTRjNjA2OWU0OWQyNDkzMTM3OWE0YzkyNDU2Mzg1OTIy
YjQ2Y2UwHhcNMjMwMjIyMTkxMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTQ5YzVjZDhmZWYxNDQwZjM1MDA4YmYxMzNkNTNiMjRmZWYzZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzICKUruGtyMx4fzkRMO5yBYR1HDN
zDSlhDDqCGZoTtsWG09SCNuAsopOWPyqZqYvtXg1omPpdrZCEgk4QMfJGN/toqaV
mAQl8eiojUUPQ9zcT5uaHxxuPnjILZEIXWR69Ci7hEQbleUYc4T/+HYR7jVH8+L8
zpbH59YVLB2RinUdELmCN4/Y1mvWdLQAiJ6nVTcz0sIHtv8zJS2gp+DZ48t65hlI
TzOGfzGdJ+T4Z1EH9gsJssu9ULoG5jm6gSBnzhDDzR+K37DdzsXj+hp0l8Aj1cdQ
XQvBHTe1pG2HlLjuBHgyfy/DEix7vBnyAsuYSOfgB6MEq9qKcugaRgv0WQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJpJxc2P7xRA81AIvxM9U7JP7z63MB8GA1UdIwQY
MBaAFMdUxgaeSdJJMTeaTJJFY4WSK0bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFUR0JwNUowa2t4TjVwTWtrVmpoWklyUnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yNGFiYWYtZDFmMi00MDU4LWI1ZTct
MzZmZjkzMmFkNjExLzEvbWtuRnpZX3ZGRUR6VUFpX0V6MVRza192UHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yNGFiYWYtZDFmMi00MDU4LWI1ZTctMzZmZjkzMmFkNjEx
LzEveDFUR0JwNUowa2t4TjVwTWtrVmpoWklyUnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuRf9MA8E
AgACMAkDBwAqD0qAAAAwDQYJKoZIhvcNAQELBQADggEBAFe9tOhLoNSKYjgQss7G
CzclDVzNf+k5H3wiYq0V5+xZZPJWQzra+M6+eOCz65qkore9YGxQnpm4XPaGWFSp
qQvv2wv9G4FZrXbSesMBni3SWskc+MTVoy745YEAIrdfo++NovaDJmiibqAn7iFC
DMhevoG91rslABUi8ZJcRx9np6dFbQVkWW64fFfMrKvT8QDOHnK0KNCsLdfjAriP
JADkiaZzdvnRB+JVUndUny9TmBjoWUKpiLHZIEb3zmTXEGfm/9MbYTJY3fcIzBZB
KRZHIOSrSy9kpOMcGr2NP8JCI0Wy0gH/8vpWlVwAky1FJzdL5zVS02o3vEzyWblS
o2o=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:44:22 2025 by rpki-client