Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/e439ca-519d-432c-b96a-3d2fb810e191/1/MhCfthOppsmBaiAYHVVk_2GAFYE.roa
File: MhCfthOppsmBaiAYHVVk_2GAFYE.roa (raw, json)
Hash identifier: Prn81nEGvzCuVunt3w8adc4Qe6uMN6AiQAgwWZDR5Uo=
Subject key identifier: 32:10:9F:B6:13:A9:A6:C9:81:6A:20:18:1D:55:64:FF:61:80:15:81
Certificate issuer: /CN=994efc4ce36fc443dc5816274eac1d7693029081
Certificate serial: 019422FB79209C5DE53DDEA533DA36CCF297
Authority key identifier: 99:4E:FC:4C:E3:6F:C4:43:DC:58:16:27:4E:AC:1D:76:93:02:90:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mU78TONvxEPcWBYnTqwddpMCkIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/e439ca-519d-432c-b96a-3d2fb810e191/1/MhCfthOppsmBaiAYHVVk_2GAFYE.roa
Signing time: Wed 01 Jan 2025 17:48:13 +0000
ROA not before: Wed 01 Jan 2025 17:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49142
IP address blocks: 185.139.216.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:79:20:9c:5d:e5:3d:de:a5:33:da:36:cc:f2:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=994efc4ce36fc443dc5816274eac1d7693029081
Validity
Not Before: Jan 1 17:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32109fb613a9a6c9816a20181d5564ff61801581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:82:2a:14:f4:1c:a5:70:13:30:5c:71:26:84:
b2:d2:7c:9c:8a:65:f9:c8:45:a5:c7:87:ea:4b:9d:
fa:e5:20:23:7c:ed:02:33:10:83:da:0b:58:cc:e1:
c6:9e:cf:a3:14:77:ff:d8:94:a4:0d:2f:dc:89:f4:
19:46:c1:d5:76:1f:12:76:e8:4f:3f:36:6d:9d:c5:
44:33:34:49:f4:74:7b:a8:c4:8d:3a:d8:19:b0:99:
06:78:0e:a4:3f:40:0c:7a:ba:ee:4e:96:53:47:da:
d4:96:02:3a:8c:ac:22:71:f1:11:fb:8d:d7:e2:a1:
ec:81:a0:5e:8f:b6:9b:ca:41:8f:ca:49:cb:a2:de:
47:02:91:74:1d:46:c0:c9:e9:a4:61:a7:b6:2f:1c:
fa:a6:f3:82:a3:3e:1e:e2:a8:4c:8f:c2:3c:65:d8:
48:52:f7:05:bc:4b:92:d1:1b:e6:8b:de:e0:9b:f0:
f7:2c:b2:c3:06:e5:1a:32:5a:8d:67:b3:83:fc:06:
a2:7d:5f:e3:bb:44:52:e7:9d:de:5c:29:29:79:b6:
dc:ce:73:99:7b:21:c9:6a:33:e1:2d:68:00:27:37:
6e:34:68:dd:86:b1:31:23:fb:3b:ea:c1:6a:09:c1:
b5:f5:bb:a5:6b:8d:c2:49:92:ea:f4:ce:af:df:fd:
69:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:10:9F:B6:13:A9:A6:C9:81:6A:20:18:1D:55:64:FF:61:80:15:81
X509v3 Authority Key Identifier:
keyid:99:4E:FC:4C:E3:6F:C4:43:DC:58:16:27:4E:AC:1D:76:93:02:90:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mU78TONvxEPcWBYnTqwddpMCkIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/e439ca-519d-432c-b96a-3d2fb810e191/1/MhCfthOppsmBaiAYHVVk_2GAFYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/e439ca-519d-432c-b96a-3d2fb810e191/1/mU78TONvxEPcWBYnTqwddpMCkIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.216.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:be:61:d4:af:b7:a9:57:d0:c6:44:66:d2:e5:84:70:0e:60:
a1:d4:53:15:74:93:57:1d:b0:f9:d0:f6:b7:f3:60:a0:a1:b2:
9e:9d:28:b3:50:75:1f:e1:d9:1e:c3:b6:2e:c9:80:fa:13:2e:
a4:a2:97:a4:4d:4c:c8:6f:fb:77:26:d4:c5:1d:a1:88:38:6b:
03:5d:1a:8f:04:f1:5c:0c:22:21:7e:02:62:63:98:1c:c8:c3:
e4:38:38:62:c4:71:cc:d3:70:de:31:b5:49:c2:6d:c8:5b:1d:
9e:1b:5d:7d:0c:3d:ca:0c:b2:8f:44:8f:22:1c:71:7b:90:00:
3a:35:ce:6c:89:24:f3:12:03:d9:61:35:43:e4:09:61:df:8b:
22:08:3b:f6:51:14:36:62:72:9a:da:7d:99:70:8d:65:89:0e:
f6:dc:39:79:8b:ad:8c:38:c4:ce:76:53:e1:cf:79:a7:fd:ec:
20:ad:87:87:4b:96:56:68:da:49:2e:e9:de:43:f2:1e:86:46:
23:ce:2d:ad:09:9a:e8:b0:ea:e1:b7:26:ec:8a:2d:61:3c:d1:
6a:b0:c8:f0:5f:3f:3a:4a:02:6a:e4:ff:9c:a0:d1:0d:5d:f8:
2c:10:b7:5a:65:76:e6:e7:ac:31:fb:e5:fe:0a:d0:04:f9:c1:
cd:64:a0:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+3kgnF3lPd6lM9o2zPKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NGVmYzRjZTM2ZmM0NDNkYzU4MTYyNzRlYWMxZDc2OTMw
MjkwODEwHhcNMjUwMTAxMTc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjEwOWZiNjEzYTlhNmM5ODE2YTIwMTgxZDU1NjRmZjYxODAxNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4IqFPQcpXATMFxxJoSy0nycimX5
yEWlx4fqS5365SAjfO0CMxCD2gtYzOHGns+jFHf/2JSkDS/cifQZRsHVdh8SduhP
PzZtncVEMzRJ9HR7qMSNOtgZsJkGeA6kP0AMerruTpZTR9rUlgI6jKwicfER+43X
4qHsgaBej7abykGPyknLot5HApF0HUbAyemkYae2Lxz6pvOCoz4e4qhMj8I8ZdhI
UvcFvEuS0Rvmi97gm/D3LLLDBuUaMlqNZ7OD/AaifV/ju0RS553eXCkpebbcznOZ
eyHJajPhLWgAJzduNGjdhrExI/s76sFqCcG19bula43CSZLq9M6v3/1p0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDIQn7YTqabJgWogGB1VZP9hgBWBMB8GA1UdIwQY
MBaAFJlO/Ezjb8RD3FgWJ06sHXaTApCBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVU3OFRPTnZ4RVBjV0JZblRxd2RkcE1Da0lFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lNDM5Y2EtNTE5ZC00MzJjLWI5NmEt
M2QyZmI4MTBlMTkxLzEvTWhDZnRoT3Bwc21CYWlBWUhWVmtfMkdBRllFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lNDM5Y2EtNTE5ZC00MzJjLWI5NmEtM2QyZmI4MTBlMTkx
LzEvbVU3OFRPTnZ4RVBjV0JZblRxd2RkcE1Da0lFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYvYMA0G
CSqGSIb3DQEBCwUAA4IBAQC8vmHUr7epV9DGRGbS5YRwDmCh1FMVdJNXHbD50Pa3
82CgobKenSizUHUf4dkew7YuyYD6Ey6kopekTUzIb/t3JtTFHaGIOGsDXRqPBPFc
DCIhfgJiY5gcyMPkODhixHHM03DeMbVJwm3IWx2eG119DD3KDLKPRI8iHHF7kAA6
Nc5siSTzEgPZYTVD5Alh34siCDv2URQ2YnKa2n2ZcI1liQ723Dl5i62MOMTOdlPh
z3mn/ewgrYeHS5ZWaNpJLuneQ/IehkYjzi2tCZrosOrhtybsii1hPNFqsMjwXz86
SgJq5P+coNENXfgsELdaZXbm56wx++X+CtAE+cHNZKC8
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:16:56 2025 by rpki-client