Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/MQbRmyMiZ7drfjUV2srkSRdezP4.roa
File: MQbRmyMiZ7drfjUV2srkSRdezP4.roa (raw, json)
Hash identifier: gjEdlX/wGs/3ibPMlMpi8lsSgsJHw2rwLC0B8NaMJ5Y=
Subject key identifier: 31:06:D1:9B:23:22:67:B7:6B:7E:35:15:DA:CA:E4:49:17:5E:CC:FE
Certificate issuer: /CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Certificate serial: 0194214446C719C818C7D544E36FB05F07C4
Authority key identifier: 46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/MQbRmyMiZ7drfjUV2srkSRdezP4.roa
Signing time: Wed 01 Jan 2025 09:48:30 +0000
ROA not before: Wed 01 Jan 2025 09:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49349
IP address blocks: 185.61.136.0/24 maxlen: 24
185.61.137.0/24 maxlen: 24
185.61.138.0/24 maxlen: 24
185.61.139.0/24 maxlen: 24
2a02:7a60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:46:c7:19:c8:18:c7:d5:44:e3:6f:b0:5f:07:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Validity
Not Before: Jan 1 09:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3106d19b232267b76b7e3515dacae449175eccfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d6:59:6c:05:45:5d:e0:36:1f:39:6b:4d:67:
1b:20:b9:53:58:f3:f4:9b:6a:e6:43:0b:50:93:67:
c3:5d:1e:e1:ea:bd:35:13:00:cc:65:8b:88:68:45:
67:53:c2:a9:3d:d9:8f:27:3d:bf:c7:19:a9:ba:e8:
8f:23:5a:5e:63:43:22:ea:90:b7:94:31:e1:bd:71:
dd:7d:c7:9a:4a:a7:a9:b0:a1:35:a9:fb:5f:74:6b:
3e:ef:81:be:30:75:8e:c2:27:cb:5c:b3:a5:f7:4c:
37:69:9a:fe:3c:3a:8c:da:0f:d2:ab:a0:c8:50:c8:
42:6d:a8:46:79:aa:28:56:38:d2:e7:f9:7a:ea:20:
3f:bc:dd:0c:10:d0:44:c0:5e:7b:9a:f7:68:ec:30:
de:18:53:64:f9:a7:ba:44:a7:ac:e7:22:72:cd:75:
32:1d:4e:4d:df:c8:5c:26:21:f9:32:99:a0:e9:51:
0f:ef:8c:5f:c3:6c:a8:fd:35:f3:77:58:11:4e:7b:
0b:6e:88:73:3b:a1:5e:ee:75:e0:51:44:60:19:a1:
c7:e3:b1:a4:df:fe:b5:01:0b:ef:b8:b1:c0:77:e6:
cc:20:db:b8:b5:d0:68:14:8a:c8:38:3b:1e:b6:3a:
d2:08:91:c6:52:b7:ff:0e:23:55:94:c7:8b:dc:3c:
b0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:06:D1:9B:23:22:67:B7:6B:7E:35:15:DA:CA:E4:49:17:5E:CC:FE
X509v3 Authority Key Identifier:
keyid:46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/MQbRmyMiZ7drfjUV2srkSRdezP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.136.0/22
IPv6:
2a02:7a60::/32
Signature Algorithm: sha256WithRSAEncryption
2d:99:63:84:63:cc:6c:44:a6:42:01:46:b8:8b:b9:af:aa:ee:
2e:0e:bd:d5:2e:84:ae:2c:38:a5:5a:48:ad:4d:7f:bb:ca:39:
b9:b1:8e:c8:11:c1:cb:01:3c:a8:20:80:62:70:e6:51:da:c2:
4f:5c:8a:a4:61:84:f4:18:2c:04:e2:bc:24:3e:fd:4a:f0:45:
13:5f:3f:95:34:b5:93:72:50:e1:00:ea:52:3e:07:80:e1:50:
50:1a:36:b3:d6:f5:f4:57:a0:f1:ea:af:72:8d:ab:d5:7f:c1:
4f:3e:3f:0b:7c:1a:54:9d:0b:89:21:0b:7e:92:20:f7:5f:3a:
0b:05:e4:56:e4:4d:ff:b5:a6:fc:9a:f3:d9:bb:98:01:5e:90:
77:b7:82:47:6a:59:3d:6f:78:01:d8:83:bd:4a:35:61:6a:d7:
5b:cd:12:b4:4a:17:b3:33:cd:c7:f8:d4:33:78:8d:23:73:7d:
73:c0:71:6f:6e:cb:80:a1:61:43:6b:fc:36:a3:3e:83:66:56:
68:c1:75:89:2b:58:79:44:f5:e8:17:39:87:2a:da:4f:0b:93:
d7:fa:9b:1d:82:c7:1a:e4:4f:4b:72:d7:31:40:a1:3e:f9:a6:
49:95:c2:54:ea:df:fd:f8:5c:5a:92:fb:6a:68:75:44:8c:44:
fe:16:04:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhREbHGcgYx9VE42+wXwfEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Yzk4YjJlNGEzZTA2MGRlZjQ1YWJjNjJjMGUzNDVmYWE4
MGI1ZWMwHhcNMjUwMTAxMDk0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTA2ZDE5YjIzMjI2N2I3NmI3ZTM1MTVkYWNhZTQ0OTE3NWVjY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNZZbAVFXeA2HzlrTWcbILlTWPP0
m2rmQwtQk2fDXR7h6r01EwDMZYuIaEVnU8KpPdmPJz2/xxmpuuiPI1peY0Mi6pC3
lDHhvXHdfceaSqepsKE1qftfdGs+74G+MHWOwifLXLOl90w3aZr+PDqM2g/Sq6DI
UMhCbahGeaooVjjS5/l66iA/vN0MENBEwF57mvdo7DDeGFNk+ae6RKes5yJyzXUy
HU5N38hcJiH5Mpmg6VEP74xfw2yo/TXzd1gRTnsLbohzO6Fe7nXgUURgGaHH47Gk
3/61AQvvuLHAd+bMINu4tdBoFIrIODsetjrSCJHGUrf/DiNVlMeL3DywsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDEG0ZsjIme3a341FdrK5EkXXsz+MB8GA1UdIwQY
MBaAFEbJiy5KPgYN70WrxiwONF+qgLXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEt
MzQ0OTUyMjcxMGU3LzEvTVFiUm15TWlaN2RyZmpVVjJzcmtTUmRlelA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEtMzQ0OTUyMjcxMGU3
LzEvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT2IMA0E
AgACMAcDBQAqAnpgMA0GCSqGSIb3DQEBCwUAA4IBAQAtmWOEY8xsRKZCAUa4i7mv
qu4uDr3VLoSuLDilWkitTX+7yjm5sY7IEcHLATyoIIBicOZR2sJPXIqkYYT0GCwE
4rwkPv1K8EUTXz+VNLWTclDhAOpSPgeA4VBQGjaz1vX0V6Dx6q9yjavVf8FPPj8L
fBpUnQuJIQt+kiD3XzoLBeRW5E3/tab8mvPZu5gBXpB3t4JHalk9b3gB2IO9SjVh
atdbzRK0ShezM83H+NQzeI0jc31zwHFvbsuAoWFDa/w2oz6DZlZowXWJK1h5RPXo
FzmHKtpPC5PX+psdgsca5E9LctcxQKE++aZJlcJU6t/9+FxakvtqaHVEjET+FgQz
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:18:28 2025 by rpki-client