Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/mz9x-XM35-Y22gVOGBaJcHq0Zmg.roa
File: mz9x-XM35-Y22gVOGBaJcHq0Zmg.roa (raw, json)
Hash identifier: yq8Wm5ioUPSieQG6aQFKBfrapS6j18FYCLv0+4gc/EY=
Subject key identifier: 9B:3F:71:F9:73:37:E7:E6:36:DA:05:4E:18:16:89:70:7A:B4:66:68
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 019428238FAAD8D378D52026D5796BBE6F42
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/mz9x-XM35-Y22gVOGBaJcHq0Zmg.roa
Signing time: Thu 02 Jan 2025 17:50:06 +0000
ROA not before: Thu 02 Jan 2025 17:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 185.83.200.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:8f:aa:d8:d3:78:d5:20:26:d5:79:6b:be:6f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 2 17:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b3f71f97337e7e636da054e181689707ab46668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:09:49:a7:9b:2b:30:ae:77:54:8f:be:5b:21:
f0:68:6a:60:ed:65:f6:3f:f3:1b:87:48:ac:00:7c:
8f:99:8e:fd:e2:7e:bf:e1:65:a5:a1:b2:4c:04:77:
12:d7:d8:15:b9:5c:5a:fb:bd:7f:7b:c7:18:ce:3f:
65:13:24:f0:4b:bc:af:95:25:0a:5c:c3:87:27:53:
32:83:b8:06:34:8d:de:dd:58:08:0c:eb:55:66:d1:
ed:b2:ae:6d:88:d2:4e:83:fb:12:15:63:75:aa:4d:
7d:31:5f:79:0f:cc:b9:86:0f:37:6a:9d:95:d3:6e:
4b:ed:c8:fd:05:14:94:8b:38:8e:8d:9b:53:8b:36:
05:e3:21:a0:63:d7:a3:98:32:8f:c8:90:9a:61:ea:
ad:a1:44:53:57:a4:c9:dd:bb:b0:be:59:83:62:bb:
bc:d6:72:ef:93:55:a4:30:5c:ff:92:2a:4e:a3:37:
96:d4:08:7b:36:d9:7d:7b:91:2a:0e:3b:31:c4:39:
4b:1a:41:ea:12:ec:66:a6:8b:0a:8b:0b:cb:aa:58:
70:f0:85:a3:82:b8:8b:8e:c4:b4:2b:4d:97:02:4c:
a6:1b:e7:45:f6:e5:07:7f:0a:db:69:a0:7e:f6:aa:
78:63:8f:36:a6:00:57:36:e2:32:5a:c4:59:f3:07:
9a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3F:71:F9:73:37:E7:E6:36:DA:05:4E:18:16:89:70:7A:B4:66:68
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/mz9x-XM35-Y22gVOGBaJcHq0Zmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.200.0/23
Signature Algorithm: sha256WithRSAEncryption
65:14:bf:64:5f:64:bc:13:56:b3:b0:d8:19:9e:03:1a:98:3f:
81:3e:45:63:ed:6e:dc:5a:5c:d7:dc:9b:f7:3e:44:b4:73:ec:
82:9c:b4:01:9a:03:0d:c8:0c:40:11:0b:e8:2c:6d:65:cf:13:
02:bf:ad:05:b9:6e:b2:80:08:25:b7:65:c0:83:76:71:5e:71:
57:96:8b:f2:b4:9d:ed:3c:40:80:f2:c2:e8:8a:b9:86:d6:84:
dc:7c:c5:98:a3:08:c4:45:e5:19:ff:2c:70:43:22:9c:4f:c7:
f8:62:d7:d5:70:b0:c2:fd:dd:8f:2d:24:fa:c6:23:a6:09:a4:
d4:5c:99:5e:23:ea:7d:23:bf:47:63:7e:33:4e:19:25:24:ec:
78:24:1f:7f:b5:a7:85:f5:5d:49:3d:86:b3:7e:6b:45:bd:73:
e3:a7:52:4f:ef:09:92:cd:68:7b:9e:1e:9c:91:e4:67:61:c9:
10:73:d3:65:7e:30:4e:19:47:e0:3b:97:42:ec:98:62:34:ea:
28:dd:d6:66:03:b2:a9:78:ac:94:3e:aa:74:a3:e1:cd:96:e1:
8c:54:83:c4:20:a9:29:83:22:10:30:6b:32:54:98:8b:d7:ce:
fe:85:f1:3e:9b:97:30:1b:ed:d0:8b:53:70:cb:b6:38:45:2b:
a6:67:cc:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI4+q2NN41SAm1Xlrvm9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjUwMTAyMTc1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjNmNzFmOTczMzdlN2U2MzZkYTA1NGUxODE2ODk3MDdhYjQ2NjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsglJp5srMK53VI++WyHwaGpg7WX2
P/Mbh0isAHyPmY794n6/4WWlobJMBHcS19gVuVxa+71/e8cYzj9lEyTwS7yvlSUK
XMOHJ1Myg7gGNI3e3VgIDOtVZtHtsq5tiNJOg/sSFWN1qk19MV95D8y5hg83ap2V
025L7cj9BRSUiziOjZtTizYF4yGgY9ejmDKPyJCaYeqtoURTV6TJ3buwvlmDYru8
1nLvk1WkMFz/kipOozeW1Ah7Ntl9e5EqDjsxxDlLGkHqEuxmposKiwvLqlhw8IWj
griLjsS0K02XAkymG+dF9uUHfwrbaaB+9qp4Y482pgBXNuIyWsRZ8wea4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJs/cflzN+fmNtoFThgWiXB6tGZoMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvbXo5eC1YTTM1LVkyMmdWT0dCYUpjSHEwWm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVPIMA0G
CSqGSIb3DQEBCwUAA4IBAQBlFL9kX2S8E1azsNgZngMamD+BPkVj7W7cWlzX3Jv3
PkS0c+yCnLQBmgMNyAxAEQvoLG1lzxMCv60FuW6ygAglt2XAg3ZxXnFXlovytJ3t
PECA8sLoirmG1oTcfMWYowjEReUZ/yxwQyKcT8f4YtfVcLDC/d2PLST6xiOmCaTU
XJleI+p9I79HY34zThklJOx4JB9/taeF9V1JPYazfmtFvXPjp1JP7wmSzWh7nh6c
keRnYckQc9NlfjBOGUfgO5dC7JhiNOoo3dZmA7KpeKyUPqp0o+HNluGMVIPEIKkp
gyIQMGsyVJiL187+hfE+m5cwG+3Qi1Nwy7Y4RSumZ8xO
-----END CERTIFICATE-----
Generated at Sun Apr 27 06:32:31 2025 by rpki-client