Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/_Mh128pzYy1Xp_Mqu2FTdaxsXrM.roa
File: _Mh128pzYy1Xp_Mqu2FTdaxsXrM.roa (raw, json)
Hash identifier: t+fZ7eI3onUFmCJkmSKbgzVRgPnoPOzTTVumnB2v6Xo=
Subject key identifier: FC:C8:75:DB:CA:73:63:2D:57:A7:F3:2A:BB:61:53:75:AC:6C:5E:B3
Certificate issuer: /CN=b393df877bf2f0cf01a9718973eaeee87b0697d9
Certificate serial: 019426D9951C00F3BBC4E2E2181F386A03D6
Authority key identifier: B3:93:DF:87:7B:F2:F0:CF:01:A9:71:89:73:EA:EE:E8:7B:06:97:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/_Mh128pzYy1Xp_Mqu2FTdaxsXrM.roa
Signing time: Thu 02 Jan 2025 11:49:41 +0000
ROA not before: Thu 02 Jan 2025 11:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43139
IP address blocks: 91.196.148.0/22 maxlen: 22
94.158.80.0/20 maxlen: 20
109.207.192.0/20 maxlen: 20
178.158.192.0/18 maxlen: 24
185.199.96.0/22 maxlen: 22
195.128.24.0/23 maxlen: 23
195.128.26.0/23 maxlen: 23
195.128.27.0/24 maxlen: 24
2001:67c:738::/48 maxlen: 48
2a0a:9b40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:95:1c:00:f3:bb:c4:e2:e2:18:1f:38:6a:03:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b393df877bf2f0cf01a9718973eaeee87b0697d9
Validity
Not Before: Jan 2 11:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fcc875dbca73632d57a7f32abb615375ac6c5eb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:37:c1:2f:50:d3:25:78:67:67:a6:dd:14:57:
54:b5:a5:10:ca:0a:94:0f:d4:0f:58:aa:bd:ee:a1:
d1:57:45:b8:87:d5:3d:b1:31:fb:4f:ea:b0:6b:f4:
6d:b6:4e:62:37:e9:b4:4d:4c:8b:bb:91:23:53:21:
10:c1:8e:ca:63:85:94:51:e0:c1:d0:d8:b0:66:69:
2b:97:56:b6:60:40:06:5c:ca:15:11:a8:61:75:36:
52:d4:ad:9d:c9:fa:23:ad:17:d6:18:4c:64:49:2c:
ec:e9:07:ec:60:c7:fe:d4:11:18:f6:0b:c2:e3:cd:
28:39:aa:72:7f:3b:05:c9:58:26:fc:c4:a4:b4:86:
c2:95:ff:7a:d1:62:67:85:0c:0c:d9:f8:de:d5:4f:
04:32:df:7a:64:e1:b9:63:4b:1d:e0:c5:60:6d:27:
da:3d:6e:83:ce:d8:0b:cc:c2:ef:cc:77:a6:f7:0e:
65:8b:cd:5d:9a:3a:0c:ff:e2:cd:7f:3c:07:9c:a3:
94:0c:2e:0e:86:19:6e:49:5d:af:4a:3d:0d:81:22:
14:38:24:1c:36:12:19:16:9d:63:8a:ba:43:b5:5d:
a8:8c:8b:c8:a6:23:2a:8e:63:fd:24:e8:d8:22:d2:
ce:e7:24:13:72:5d:4e:1a:60:4f:0d:59:ee:da:49:
c8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C8:75:DB:CA:73:63:2D:57:A7:F3:2A:BB:61:53:75:AC:6C:5E:B3
X509v3 Authority Key Identifier:
keyid:B3:93:DF:87:7B:F2:F0:CF:01:A9:71:89:73:EA:EE:E8:7B:06:97:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/_Mh128pzYy1Xp_Mqu2FTdaxsXrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.148.0/22
94.158.80.0/20
109.207.192.0/20
178.158.192.0/18
185.199.96.0/22
195.128.24.0/22
IPv6:
2001:67c:738::/48
2a0a:9b40::/29
Signature Algorithm: sha256WithRSAEncryption
43:e2:c2:ba:96:e4:75:1c:ff:15:24:73:a2:13:18:50:96:a6:
44:48:33:51:8b:95:ef:00:b7:48:f1:8f:fc:a4:fb:86:66:83:
eb:ef:5e:d9:9c:7d:95:5f:ad:47:3f:50:85:58:53:ed:7e:b4:
9f:08:55:d8:4a:ba:0d:7f:d5:5c:78:18:94:cd:e2:8c:d7:b2:
8d:53:a1:93:13:af:47:53:d5:d7:c0:5d:5c:5d:77:24:de:df:
4e:db:be:c4:69:f3:3f:53:1e:5c:5d:a1:b4:a0:c3:09:60:a2:
74:77:12:9b:82:b7:6c:5e:ea:b7:88:8f:0c:07:e6:16:a7:b4:
61:4f:88:d8:e0:1a:61:32:2d:c0:76:46:81:1a:bf:8f:dd:5d:
93:6a:2e:73:50:38:9a:f5:bb:3c:e3:77:0f:d2:b0:15:c8:fe:
03:24:00:77:e3:2b:ca:e6:d9:90:c1:b8:a3:05:59:08:b4:34:
39:77:ba:c2:eb:b2:03:1d:30:bb:74:0f:b6:6c:87:86:22:39:
04:6e:9b:3b:eb:fb:b9:b4:b8:cf:91:be:24:d8:9b:8d:c6:07:
11:7c:e6:fe:7e:c0:80:cc:b0:c4:4a:13:d2:e6:b5:81:39:0b:
e4:ce:bc:0d:02:5d:27:66:5d:be:43:a7:60:9b:56:a1:7c:e1:
75:45:86:8f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQm2ZUcAPO7xOLiGB84agPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOTNkZjg3N2JmMmYwY2YwMWE5NzE4OTczZWFlZWU4N2Iw
Njk3ZDkwHhcNMjUwMTAyMTE0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2M4NzVkYmNhNzM2MzJkNTdhN2YzMmFiYjYxNTM3NWFjNmM1ZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7DfBL1DTJXhnZ6bdFFdUtaUQygqU
D9QPWKq97qHRV0W4h9U9sTH7T+qwa/Rttk5iN+m0TUyLu5EjUyEQwY7KY4WUUeDB
0NiwZmkrl1a2YEAGXMoVEahhdTZS1K2dyfojrRfWGExkSSzs6QfsYMf+1BEY9gvC
480oOapyfzsFyVgm/MSktIbClf960WJnhQwM2fje1U8EMt96ZOG5Y0sd4MVgbSfa
PW6DztgLzMLvzHem9w5li81dmjoM/+LNfzwHnKOUDC4OhhluSV2vSj0NgSIUOCQc
NhIZFp1jirpDtV2ojIvIpiMqjmP9JOjYItLO5yQTcl1OGmBPDVnu2knITwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFPzIddvKc2MtV6fzKrthU3WsbF6zMB8GA1UdIwQY
MBaAFLOT34d78vDPAalxiXPq7uh7BpfZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczVQZmgzdnk4TThCcVhHSmMtcnU2SHNHbDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi85Mzc1ZTMtMzc3ZS00YjcwLWJhMzYt
Mzk2YmM3MjBlMmI0LzEvX01oMTI4cHpZeTFYcF9NcXUyRlRkYXhzWHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi85Mzc1ZTMtMzc3ZS00YjcwLWJhMzYtMzk2YmM3MjBlMmI0
LzEvczVQZmgzdnk4TThCcVhHSmMtcnU2SHNHbDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAqBAIAATAkAwQCW8SUAwQE
Xp5QAwQEbc/AAwQGsp7AAwQCucdgAwQCw4AYMBYEAgACMBADBwAgAQZ8BzgDBQMq
CptAMA0GCSqGSIb3DQEBCwUAA4IBAQBD4sK6luR1HP8VJHOiExhQlqZESDNRi5Xv
ALdI8Y/8pPuGZoPr717ZnH2VX61HP1CFWFPtfrSfCFXYSroNf9VceBiUzeKM17KN
U6GTE69HU9XXwF1cXXck3t9O277EafM/Ux5cXaG0oMMJYKJ0dxKbgrdsXuq3iI8M
B+YWp7RhT4jY4BphMi3AdkaBGr+P3V2Tai5zUDia9bs843cP0rAVyP4DJAB34yvK
5tmQwbijBVkItDQ5d7rC67IDHTC7dA+2bIeGIjkEbps76/u5tLjPkb4k2JuNxgcR
fOb+fsCAzLDEShPS5rWBOQvkzrwNAl0nZl2+Q6dgm1ahfOF1RYaP
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:36:33 2025 by rpki-client