Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/MXxh0YHPMrk5arTCf3q6sfloz_s.roa
File: MXxh0YHPMrk5arTCf3q6sfloz_s.roa (raw, json)
Hash identifier: N+z7kc9squE6rbdRMbjpnb079oubXEpLhtNwZjifRAU=
Subject key identifier: 31:7C:61:D1:81:CF:32:B9:39:6A:B4:C2:7F:7A:BA:B1:F9:68:CF:FB
Certificate issuer: /CN=d2075c84f529c87dd85fd4afea4e0934366af54a
Certificate serial: 0194258F6D943DBA11C246FEE6FC95362323
Authority key identifier: D2:07:5C:84:F5:29:C8:7D:D8:5F:D4:AF:EA:4E:09:34:36:6A:F5:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/MXxh0YHPMrk5arTCf3q6sfloz_s.roa
Signing time: Thu 02 Jan 2025 05:49:04 +0000
ROA not before: Thu 02 Jan 2025 05:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20751
IP address blocks: 78.40.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:6d:94:3d:ba:11:c2:46:fe:e6:fc:95:36:23:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2075c84f529c87dd85fd4afea4e0934366af54a
Validity
Not Before: Jan 2 05:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=317c61d181cf32b9396ab4c27f7abab1f968cffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:88:31:2a:44:b4:ee:4d:d0:fe:30:83:9a:e2:
18:9c:9d:f5:eb:e6:52:95:2d:99:b2:40:db:7d:95:
fe:fa:c4:02:8e:34:47:b8:74:3c:07:05:0d:47:c0:
69:8c:4e:01:fc:47:81:5b:a7:22:aa:7c:e7:6f:94:
b1:ce:aa:1e:ca:f9:a7:81:13:35:31:f7:ea:58:b6:
b3:9e:dd:c3:92:ae:d6:10:5d:e2:d8:db:f1:9f:59:
9d:4c:7e:dd:27:59:45:66:39:34:02:7b:62:f9:f6:
35:b6:dc:d9:57:89:d3:36:23:1e:63:c4:3c:a0:f0:
0b:77:c8:45:f0:2c:53:d7:a9:68:be:57:22:7d:7f:
a0:13:39:db:2d:1f:64:2f:d1:ce:73:db:2a:f9:51:
cb:84:95:56:14:c4:d5:3e:f0:48:4a:1d:93:e1:35:
ba:61:14:d4:2e:4c:a7:0f:45:46:73:94:25:07:db:
35:f8:fa:41:ab:5f:c0:8c:a8:59:4d:e0:fd:2c:58:
a3:59:28:5e:f1:bf:74:31:e5:71:7c:73:80:c0:66:
ca:23:93:7b:06:07:42:65:ef:e6:13:5e:29:d7:d1:
b3:7e:a1:fb:3b:b4:5a:d1:c5:98:05:cd:1e:18:bd:
6c:ff:78:44:1c:41:6c:20:65:b4:18:94:99:ae:0c:
b6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7C:61:D1:81:CF:32:B9:39:6A:B4:C2:7F:7A:BA:B1:F9:68:CF:FB
X509v3 Authority Key Identifier:
keyid:D2:07:5C:84:F5:29:C8:7D:D8:5F:D4:AF:EA:4E:09:34:36:6A:F5:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/MXxh0YHPMrk5arTCf3q6sfloz_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.213.0/24
Signature Algorithm: sha256WithRSAEncryption
12:eb:fa:ff:b9:0d:03:76:35:30:e7:b6:db:21:69:b7:7a:17:
72:2a:b4:35:15:6e:a7:f3:c2:6e:72:e1:b7:b7:c3:8e:0c:69:
88:17:2a:4b:24:ec:27:80:2b:73:f8:6d:00:0b:76:df:e9:44:
81:69:ab:1c:39:e6:86:90:7e:7e:7c:aa:2f:d3:2b:05:d7:c3:
2f:b7:04:3a:ca:20:a8:de:8e:b7:ce:86:00:96:cf:46:3b:3c:
28:68:1c:c0:7f:25:ac:03:07:54:51:05:b1:ab:9c:0a:be:4d:
ed:34:bb:2a:02:fe:b9:e6:88:39:71:56:ff:81:c5:cd:0c:01:
8f:b0:b7:a4:35:f0:20:ae:bb:47:8e:97:db:6a:6b:b0:e0:bb:
73:7b:7d:69:49:62:bc:9d:77:e3:38:1b:e5:93:c8:15:43:88:
4b:6d:89:a1:42:f1:99:05:cd:79:86:ae:a2:68:aa:f2:ff:19:
13:4b:9f:00:44:65:cd:e4:52:78:de:44:a1:36:d9:7a:bf:20:
41:9a:9b:00:71:eb:87:8b:af:42:92:52:da:f5:d1:af:28:e7:
d7:a7:45:d7:a3:22:47:4b:a7:65:cc:64:85:80:95:fa:ed:b3:
9e:34:da:e4:a1:43:ac:e2:9f:8f:2b:20:10:48:1c:66:48:49:
72:6c:42:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj22UPboRwkb+5vyVNiMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMDc1Yzg0ZjUyOWM4N2RkODVmZDRhZmVhNGUwOTM0MzY2
YWY1NGEwHhcNMjUwMTAyMDU0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTdjNjFkMTgxY2YzMmI5Mzk2YWI0YzI3ZjdhYmFiMWY5NjhjZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIgxKkS07k3Q/jCDmuIYnJ316+ZS
lS2ZskDbfZX++sQCjjRHuHQ8BwUNR8BpjE4B/EeBW6ciqnznb5SxzqoeyvmngRM1
MffqWLaznt3Dkq7WEF3i2Nvxn1mdTH7dJ1lFZjk0Anti+fY1ttzZV4nTNiMeY8Q8
oPALd8hF8CxT16lovlcifX+gEznbLR9kL9HOc9sq+VHLhJVWFMTVPvBISh2T4TW6
YRTULkynD0VGc5QlB9s1+PpBq1/AjKhZTeD9LFijWShe8b90MeVxfHOAwGbKI5N7
BgdCZe/mE14p19GzfqH7O7Ra0cWYBc0eGL1s/3hEHEFsIGW0GJSZrgy2rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDF8YdGBzzK5OWq0wn96urH5aM/7MB8GA1UdIwQY
MBaAFNIHXIT1Kch92F/Ur+pOCTQ2avVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGdkY2hQVXB5SDNZWDlTdjZrNEpORFpxOVVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9lZWZhNzItOGY0Yy00ODZjLWIwMTkt
YjRlYWEwNTYxZmM3LzEvTVh4aDBZSFBNcms1YXJUQ2YzcTZzZmxvel9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9lZWZhNzItOGY0Yy00ODZjLWIwMTktYjRlYWEwNTYxZmM3
LzEvMGdkY2hQVXB5SDNZWDlTdjZrNEpORFpxOVVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATijVMA0G
CSqGSIb3DQEBCwUAA4IBAQAS6/r/uQ0DdjUw57bbIWm3ehdyKrQ1FW6n88JucuG3
t8OODGmIFypLJOwngCtz+G0AC3bf6USBaascOeaGkH5+fKov0ysF18MvtwQ6yiCo
3o63zoYAls9GOzwoaBzAfyWsAwdUUQWxq5wKvk3tNLsqAv655og5cVb/gcXNDAGP
sLekNfAgrrtHjpfbamuw4Ltze31pSWK8nXfjOBvlk8gVQ4hLbYmhQvGZBc15hq6i
aKry/xkTS58ARGXN5FJ43kShNtl6vyBBmpsAceuHi69CklLa9dGvKOfXp0XXoyJH
S6dlzGSFgJX67bOeNNrkoUOs4p+PKyAQSBxmSElybEI1
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:35:16 2025 by rpki-client