Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c4386f-d1be-43c8-992f-2edafc60f2df/1/MNNUG7s-7ylAPjfRFELlWbvHxbM.roa
File: MNNUG7s-7ylAPjfRFELlWbvHxbM.roa (raw, json)
Hash identifier: kXXZW/oTF8aLgFWhuw6Ll3MRGWDGpMBRJDUoq94IuRQ=
Subject key identifier: 30:D3:54:1B:BB:3E:EF:29:40:3E:37:D1:14:42:E5:59:BB:C7:C5:B3
Certificate issuer: /CN=5cb7939ed70c8aea31be493e78e88f4861f53121
Certificate serial: 019425FDE376A58FD2D21EFF2E2AB143C89F
Authority key identifier: 5C:B7:93:9E:D7:0C:8A:EA:31:BE:49:3E:78:E8:8F:48:61:F5:31:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XLeTntcMiuoxvkk-eOiPSGH1MSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/c4386f-d1be-43c8-992f-2edafc60f2df/1/MNNUG7s-7ylAPjfRFELlWbvHxbM.roa
Signing time: Thu 02 Jan 2025 07:49:43 +0000
ROA not before: Thu 02 Jan 2025 07:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24660
IP address blocks: 91.195.44.0/23 maxlen: 23
2001:67c:17a8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:e3:76:a5:8f:d2:d2:1e:ff:2e:2a:b1:43:c8:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cb7939ed70c8aea31be493e78e88f4861f53121
Validity
Not Before: Jan 2 07:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30d3541bbb3eef29403e37d11442e559bbc7c5b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:0a:a6:c7:55:32:5b:b3:a2:6a:41:b5:75:5c:
fc:97:a8:53:4e:8a:e7:fd:61:d7:4d:fd:8c:b5:0c:
d6:fc:43:78:8e:77:46:74:9f:6d:c4:d3:8c:49:b5:
53:94:d1:a4:67:c0:2b:a0:80:0e:b7:18:99:86:36:
78:e8:cc:32:da:0c:dc:b2:c9:d8:87:a8:b6:be:0a:
bd:17:0e:4a:0a:fa:40:81:49:4e:98:a5:9d:53:7a:
af:f0:b2:0a:74:3f:0b:fd:cc:50:46:9c:0b:a0:4f:
23:ff:e4:8b:b9:9b:01:1e:77:70:d6:27:78:e2:db:
4f:47:47:78:0f:16:72:0d:93:cf:08:8d:0c:52:5a:
f0:35:bc:0b:49:a1:f5:4f:57:fc:20:54:a3:78:66:
a1:89:8b:76:d7:8d:1c:48:68:97:1d:9f:9e:a8:ff:
e3:1c:fe:27:69:38:37:10:c0:ca:8b:48:2e:a7:93:
2b:6e:8b:d4:86:2d:e9:ad:05:fb:0c:d7:76:49:bf:
45:3d:12:7f:0d:fe:bf:cb:a1:d0:6f:fa:b8:3a:47:
a8:51:e9:c7:a5:41:0f:64:3b:59:f9:53:b1:88:9d:
f2:01:7f:02:cb:08:97:c0:ba:41:5a:cc:50:84:37:
de:ff:e8:88:f7:d2:7e:51:4a:2d:92:ae:d8:aa:33:
16:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D3:54:1B:BB:3E:EF:29:40:3E:37:D1:14:42:E5:59:BB:C7:C5:B3
X509v3 Authority Key Identifier:
keyid:5C:B7:93:9E:D7:0C:8A:EA:31:BE:49:3E:78:E8:8F:48:61:F5:31:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XLeTntcMiuoxvkk-eOiPSGH1MSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c4386f-d1be-43c8-992f-2edafc60f2df/1/MNNUG7s-7ylAPjfRFELlWbvHxbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c4386f-d1be-43c8-992f-2edafc60f2df/1/XLeTntcMiuoxvkk-eOiPSGH1MSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.44.0/23
IPv6:
2001:67c:17a8::/48
Signature Algorithm: sha256WithRSAEncryption
77:7a:d7:7e:51:cb:1f:9f:39:96:7a:4d:4f:82:4c:c8:c2:3e:
f7:44:ed:07:13:7a:88:dd:f6:b7:bb:85:6a:49:6b:9e:dc:d0:
d2:a1:cd:7b:c1:da:cd:ea:c7:90:13:b9:e6:f8:6b:4b:e0:bc:
e8:07:6c:a0:d4:8d:7b:ba:af:58:37:99:f6:93:1d:83:67:ac:
d4:88:b2:d1:69:6f:7c:4e:02:31:5c:44:60:1d:a0:1d:6a:72:
bd:25:c2:f1:0d:b0:3e:50:b3:87:7c:d4:02:ff:a5:ba:f1:cd:
e9:c9:de:b9:aa:5f:d6:16:a4:65:33:10:73:6e:03:2a:04:4e:
ec:30:42:ac:6b:3d:b5:b2:06:34:a1:16:7e:93:68:0a:99:1e:
b9:a6:c5:fc:93:ad:f8:a4:71:59:a0:e4:b0:41:47:84:10:c8:
d7:1e:e8:45:c9:31:9a:62:b5:29:f2:b0:5f:94:d1:67:1a:d0:
2b:0f:38:68:56:e5:bd:7f:76:f2:25:56:55:d5:ca:87:8e:a2:
67:86:54:9b:b6:20:8f:93:e0:c9:4e:78:99:ab:fd:3e:5c:08:
fa:b5:a5:af:cf:4d:38:4f:24:ee:d0:e9:bc:58:bc:34:7e:af:
55:1e:b8:47:81:c7:37:88:0b:07:c8:f1:32:ad:6f:eb:e3:72:
16:5a:a6:ee
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQl/eN2pY/S0h7/LiqxQ8ifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYjc5MzllZDcwYzhhZWEzMWJlNDkzZTc4ZTg4ZjQ4NjFm
NTMxMjEwHhcNMjUwMTAyMDc0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQzNTQxYmJiM2VlZjI5NDAzZTM3ZDExNDQyZTU1OWJiYzdjNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Aqmx1UyW7OiakG1dVz8l6hTTorn
/WHXTf2MtQzW/EN4jndGdJ9txNOMSbVTlNGkZ8AroIAOtxiZhjZ46Mwy2gzcssnY
h6i2vgq9Fw5KCvpAgUlOmKWdU3qv8LIKdD8L/cxQRpwLoE8j/+SLuZsBHndw1id4
4ttPR0d4DxZyDZPPCI0MUlrwNbwLSaH1T1f8IFSjeGahiYt2140cSGiXHZ+eqP/j
HP4naTg3EMDKi0gup5MrbovUhi3prQX7DNd2Sb9FPRJ/Df6/y6HQb/q4OkeoUenH
pUEPZDtZ+VOxiJ3yAX8CywiXwLpBWsxQhDfe/+iI99J+UUotkq7YqjMWrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDDTVBu7Pu8pQD430RRC5Vm7x8WzMB8GA1UdIwQY
MBaAFFy3k57XDIrqMb5JPnjoj0hh9TEhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWExlVG50Y01pdW94dmtrLWVPaVBTR0gxTVNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jNDM4NmYtZDFiZS00M2M4LTk5MmYt
MmVkYWZjNjBmMmRmLzEvTU5OVUc3cy03eWxBUGpmUkZFTGxXYnZIeGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jNDM4NmYtZDFiZS00M2M4LTk5MmYtMmVkYWZjNjBmMmRm
LzEvWExlVG50Y01pdW94dmtrLWVPaVBTR0gxTVNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8MsMA8E
AgACMAkDBwAgAQZ8F6gwDQYJKoZIhvcNAQELBQADggEBAHd6135Ryx+fOZZ6TU+C
TMjCPvdE7QcTeojd9re7hWpJa57c0NKhzXvB2s3qx5ATueb4a0vgvOgHbKDUjXu6
r1g3mfaTHYNnrNSIstFpb3xOAjFcRGAdoB1qcr0lwvENsD5Qs4d81AL/pbrxzenJ
3rmqX9YWpGUzEHNuAyoETuwwQqxrPbWyBjShFn6TaAqZHrmmxfyTrfikcVmg5LBB
R4QQyNce6EXJMZpitSnysF+U0Wca0CsPOGhW5b1/dvIlVlXVyoeOomeGVJu2II+T
4MlOeJmr/T5cCPq1pa/PTThPJO7Q6bxYvDR+r1UeuEeBxzeICwfI8TKtb+vjchZa
pu4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:23:39 2025 by rpki-client