Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f58da0-dfbe-416a-bfaa-36170cd81330/1/mANtdvjrwJb7CPzwvDq9bTI0qtY.roa
File: mANtdvjrwJb7CPzwvDq9bTI0qtY.roa (raw, json)
Hash identifier: bxccQm8ZlD2A8QhBkFeAoasQeWmGc7036H8m3hd3seo=
Subject key identifier: 98:03:6D:76:F8:EB:C0:96:FB:08:FC:F0:BC:3A:BD:6D:32:34:AA:D6
Certificate issuer: /CN=987caf0cb6b3301cc084a25d5c21410a92ca7e36
Certificate serial: 0194266B9CE3E961B06CA1C87A7E120CF7FB
Authority key identifier: 98:7C:AF:0C:B6:B3:30:1C:C0:84:A2:5D:5C:21:41:0A:92:CA:7E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHyvDLazMBzAhKJdXCFBCpLKfjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f58da0-dfbe-416a-bfaa-36170cd81330/1/mANtdvjrwJb7CPzwvDq9bTI0qtY.roa
Signing time: Thu 02 Jan 2025 09:49:34 +0000
ROA not before: Thu 02 Jan 2025 09:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12703
IP address blocks: 185.43.48.0/22 maxlen: 24
2a01:5ae0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:9c:e3:e9:61:b0:6c:a1:c8:7a:7e:12:0c:f7:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=987caf0cb6b3301cc084a25d5c21410a92ca7e36
Validity
Not Before: Jan 2 09:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98036d76f8ebc096fb08fcf0bc3abd6d3234aad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:34:17:52:fc:3b:c4:d5:7e:72:31:5f:0a:05:
72:50:87:1e:96:91:14:4d:09:4f:ca:f3:13:48:52:
66:df:d1:05:cd:d5:d5:78:51:6b:fb:b0:88:52:3f:
75:78:73:98:12:fc:ae:10:69:ab:7a:e7:92:1b:b9:
f6:ba:55:77:49:c2:99:62:20:0a:2e:29:de:8b:65:
0a:af:78:47:24:d6:54:b8:eb:20:ab:e3:cf:fa:1a:
e4:8c:37:9a:68:f8:ab:c2:fa:6c:a4:32:7c:50:de:
c9:91:33:34:ad:0d:83:01:91:f6:6d:27:be:fa:b0:
85:97:fa:06:70:95:4a:40:b0:bb:5b:a4:67:0c:6a:
c5:a5:17:53:43:93:b5:34:80:04:46:f0:8a:e0:28:
8f:17:a6:e6:82:d6:8e:c1:09:f7:8a:f9:41:f8:39:
09:d1:69:45:42:10:66:7f:8c:f5:f1:54:d8:cd:a6:
3c:0c:45:0b:96:69:00:ae:72:41:8e:33:ec:35:f8:
ca:c4:cf:e6:98:69:c5:30:c2:ba:48:bc:d2:f9:9a:
ca:45:2f:a1:4c:54:02:1a:17:47:2e:24:ff:9b:37:
75:4a:25:f1:8f:09:30:6d:2d:6c:7a:43:94:25:76:
3d:a0:86:ac:c3:c8:fb:f2:7a:35:e3:a3:e5:1f:f2:
10:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:03:6D:76:F8:EB:C0:96:FB:08:FC:F0:BC:3A:BD:6D:32:34:AA:D6
X509v3 Authority Key Identifier:
keyid:98:7C:AF:0C:B6:B3:30:1C:C0:84:A2:5D:5C:21:41:0A:92:CA:7E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHyvDLazMBzAhKJdXCFBCpLKfjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f58da0-dfbe-416a-bfaa-36170cd81330/1/mANtdvjrwJb7CPzwvDq9bTI0qtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f58da0-dfbe-416a-bfaa-36170cd81330/1/mHyvDLazMBzAhKJdXCFBCpLKfjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.48.0/22
IPv6:
2a01:5ae0::/32
Signature Algorithm: sha256WithRSAEncryption
43:2d:3f:62:e9:ab:9b:90:8d:09:7f:27:59:01:1b:8f:47:12:
70:c2:9e:de:78:3e:1f:e0:02:48:95:47:bb:a4:7e:cc:72:80:
76:d1:f5:c4:0e:84:c5:9f:e2:27:6d:ef:8f:6a:86:86:38:97:
54:0b:f9:a9:49:60:14:14:0d:ba:5f:63:5f:49:06:2d:7c:45:
45:be:e8:70:22:40:d2:96:a6:93:30:17:4f:80:3f:82:5f:cc:
90:99:5a:aa:87:45:2a:63:70:f6:fd:52:f2:ff:3b:e5:a1:25:
eb:03:ea:a5:4e:e5:1d:bf:61:a0:a3:f2:72:de:e0:81:d2:f6:
f2:2e:dd:6c:96:42:dd:1a:f0:06:e2:19:2b:ab:aa:e2:f2:95:
3a:23:7d:fc:0e:d5:24:16:ed:c5:69:a7:41:ff:82:e2:ca:b3:
ef:f2:d4:ce:d5:83:7b:7d:41:d6:53:7e:25:b5:a5:2b:ae:83:
81:83:1c:42:a2:b2:0f:27:1e:14:03:96:05:db:59:9d:e1:33:
06:14:55:fc:cc:2e:47:26:a4:7a:7d:cb:e9:81:cb:85:86:7d:
a5:75:c1:fc:4d:1a:41:29:81:74:52:2c:53:39:8c:bc:0c:45:
9d:26:92:a8:0a:f3:a2:28:13:d1:12:60:e7:43:92:9f:8a:31:
e2:fe:90:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma5zj6WGwbKHIen4SDPf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4N2NhZjBjYjZiMzMwMWNjMDg0YTI1ZDVjMjE0MTBhOTJj
YTdlMzYwHhcNMjUwMTAyMDk0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODAzNmQ3NmY4ZWJjMDk2ZmIwOGZjZjBiYzNhYmQ2ZDMyMzRhYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjQXUvw7xNV+cjFfCgVyUIcelpEU
TQlPyvMTSFJm39EFzdXVeFFr+7CIUj91eHOYEvyuEGmreueSG7n2ulV3ScKZYiAK
Linei2UKr3hHJNZUuOsgq+PP+hrkjDeaaPirwvpspDJ8UN7JkTM0rQ2DAZH2bSe+
+rCFl/oGcJVKQLC7W6RnDGrFpRdTQ5O1NIAERvCK4CiPF6bmgtaOwQn3ivlB+DkJ
0WlFQhBmf4z18VTYzaY8DEULlmkArnJBjjPsNfjKxM/mmGnFMMK6SLzS+ZrKRS+h
TFQCGhdHLiT/mzd1SiXxjwkwbS1sekOUJXY9oIasw8j78no146PlH/IQLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJgDbXb468CW+wj88Lw6vW0yNKrWMB8GA1UdIwQY
MBaAFJh8rwy2szAcwISiXVwhQQqSyn42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUh5dkRMYXpNQnpBaEtKZFhDRkJDcExLZmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mNThkYTAtZGZiZS00MTZhLWJmYWEt
MzYxNzBjZDgxMzMwLzEvbUFOdGR2anJ3SmI3Q1B6d3ZEcTliVEkwcXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mNThkYTAtZGZiZS00MTZhLWJmYWEtMzYxNzBjZDgxMzMw
LzEvbUh5dkRMYXpNQnpBaEtKZFhDRkJDcExLZmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSswMA0E
AgACMAcDBQAqAVrgMA0GCSqGSIb3DQEBCwUAA4IBAQBDLT9i6aubkI0JfydZARuP
RxJwwp7eeD4f4AJIlUe7pH7McoB20fXEDoTFn+Inbe+PaoaGOJdUC/mpSWAUFA26
X2NfSQYtfEVFvuhwIkDSlqaTMBdPgD+CX8yQmVqqh0UqY3D2/VLy/zvloSXrA+ql
TuUdv2Ggo/Jy3uCB0vbyLt1slkLdGvAG4hkrq6ri8pU6I338DtUkFu3FaadB/4Li
yrPv8tTO1YN7fUHWU34ltaUrroOBgxxCorIPJx4UA5YF21md4TMGFFX8zC5HJqR6
fcvpgcuFhn2ldcH8TRpBKYF0UixTOYy8DEWdJpKoCvOiKBPREmDnQ5KfijHi/pDd
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:09:21 2025 by rpki-client