Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/MPxrAGmlXi-R_-aAmj075zLDNVQ.roa
File: MPxrAGmlXi-R_-aAmj075zLDNVQ.roa (raw, json)
Hash identifier: u+cdaGdIb9sz6WUdHND28+hGiYkwyguJ2P/NJZ6f3PE=
Subject key identifier: 30:FC:6B:00:69:A5:5E:2F:91:FF:E6:80:9A:3D:3B:E7:32:C3:35:54
Certificate issuer: /CN=7744c6b6fba373811e00bee484e224c6b6e23fd2
Certificate serial: 0194214458FB501F5097B44C64DFD85DB6C8
Authority key identifier: 77:44:C6:B6:FB:A3:73:81:1E:00:BE:E4:84:E2:24:C6:B6:E2:3F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d0TGtvujc4EeAL7khOIkxrbiP9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/MPxrAGmlXi-R_-aAmj075zLDNVQ.roa
Signing time: Wed 01 Jan 2025 09:48:34 +0000
ROA not before: Wed 01 Jan 2025 09:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49232
IP address blocks: 37.123.224.0/21 maxlen: 21
37.123.225.0/24 maxlen: 24
193.169.164.0/23 maxlen: 23
194.169.225.0/24 maxlen: 24
2a00:59c0::/32 maxlen: 32
2a00:59c0:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:58:fb:50:1f:50:97:b4:4c:64:df:d8:5d:b6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7744c6b6fba373811e00bee484e224c6b6e23fd2
Validity
Not Before: Jan 1 09:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30fc6b0069a55e2f91ffe6809a3d3be732c33554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d7:a0:f3:dc:9f:04:e4:49:da:8d:4e:d4:39:
6c:2c:c7:46:a5:28:ac:92:57:fc:05:5b:d2:c2:91:
fe:da:3f:bb:7d:8f:7d:f8:34:43:3c:d3:78:61:fe:
cc:94:87:d1:94:30:cd:e5:22:ff:d1:ab:bd:1f:0d:
72:e4:57:43:7f:b8:78:41:30:fa:4c:f9:78:8b:05:
09:40:ad:45:3c:99:c5:aa:68:1f:4a:30:fe:11:48:
03:7f:4d:05:1c:11:51:78:9d:69:39:bd:43:fc:42:
3e:64:75:73:f2:05:0e:e6:60:ea:30:df:e0:84:f8:
ac:65:a8:d0:68:1d:fe:b5:0c:5c:b8:c3:5b:b3:0b:
59:39:82:11:fb:94:f7:66:99:ba:cc:85:31:f3:b8:
9b:17:70:c2:28:a1:7b:b0:b6:88:cd:4f:67:0c:fe:
9a:09:bd:c5:d1:41:89:58:ac:fd:96:d7:d0:9e:0c:
82:c1:67:43:68:a8:e5:a8:a7:0f:19:81:09:f2:e2:
6a:3e:83:c2:2f:ac:dc:a5:32:de:b7:c9:7d:26:5f:
2e:52:70:a2:ea:7e:4f:ce:c7:1f:5e:74:12:99:d0:
e8:ea:fc:11:59:df:06:5c:d7:25:b4:1c:5f:32:66:
e2:63:b3:a5:46:14:23:53:a3:80:a4:db:0c:d5:84:
cd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:FC:6B:00:69:A5:5E:2F:91:FF:E6:80:9A:3D:3B:E7:32:C3:35:54
X509v3 Authority Key Identifier:
keyid:77:44:C6:B6:FB:A3:73:81:1E:00:BE:E4:84:E2:24:C6:B6:E2:3F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0TGtvujc4EeAL7khOIkxrbiP9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/MPxrAGmlXi-R_-aAmj075zLDNVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/d0TGtvujc4EeAL7khOIkxrbiP9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.224.0/21
193.169.164.0/23
194.169.225.0/24
IPv6:
2a00:59c0::/32
Signature Algorithm: sha256WithRSAEncryption
61:0e:8a:a6:fa:84:19:ad:11:10:9a:ed:c5:e8:e7:24:58:08:
9c:f9:fa:44:0b:31:6a:7f:7f:cb:e1:4a:65:5f:a8:b5:c7:be:
27:e7:e6:fc:d3:4e:4c:af:59:ec:04:d8:e7:ea:68:58:51:b2:
ae:a0:66:3c:aa:08:60:3e:ee:c7:47:8e:78:db:90:7f:b8:c6:
d2:5e:25:dd:c1:e6:d0:88:95:b5:9d:54:7b:62:5c:d6:ee:c0:
b8:be:38:f8:7c:c4:30:cc:cb:d8:73:5b:7b:0d:86:45:39:e4:
33:c5:c9:9c:09:e3:fa:15:eb:56:a7:0c:d8:0e:eb:fd:3f:44:
a7:5c:3d:26:e7:15:8c:eb:54:27:32:5e:ec:5e:05:84:16:fa:
19:60:aa:fb:5f:77:34:26:0a:81:b4:e5:4a:65:12:cf:65:00:
67:6f:8e:25:91:fb:77:07:3c:ce:47:f7:70:f7:79:ad:e5:e9:
e9:3a:4f:7a:5b:58:f4:d9:be:06:bb:70:e5:24:1d:c2:0c:fe:
6a:34:64:92:d5:8b:e1:6d:6e:1f:5a:16:8c:17:18:73:86:39:
97:e9:dc:ac:c5:40:f0:38:3e:6b:6f:2c:98:b4:be:33:46:93:
fb:db:d1:af:6e:92:65:3b:ae:64:7e:1e:d4:6d:8f:24:ca:f8:
4c:a1:4b:67
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhRFj7UB9Ql7RMZN/YXbbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NDRjNmI2ZmJhMzczODExZTAwYmVlNDg0ZTIyNGM2YjZl
MjNmZDIwHhcNMjUwMTAxMDk0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGZjNmIwMDY5YTU1ZTJmOTFmZmU2ODA5YTNkM2JlNzMyYzMzNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9eg89yfBORJ2o1O1DlsLMdGpSis
klf8BVvSwpH+2j+7fY99+DRDPNN4Yf7MlIfRlDDN5SL/0au9Hw1y5FdDf7h4QTD6
TPl4iwUJQK1FPJnFqmgfSjD+EUgDf00FHBFReJ1pOb1D/EI+ZHVz8gUO5mDqMN/g
hPisZajQaB3+tQxcuMNbswtZOYIR+5T3Zpm6zIUx87ibF3DCKKF7sLaIzU9nDP6a
Cb3F0UGJWKz9ltfQngyCwWdDaKjlqKcPGYEJ8uJqPoPCL6zcpTLet8l9Jl8uUnCi
6n5PzscfXnQSmdDo6vwRWd8GXNcltBxfMmbiY7OlRhQjU6OApNsM1YTNkwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDD8awBppV4vkf/mgJo9O+cywzVUMB8GA1UdIwQY
MBaAFHdExrb7o3OBHgC+5ITiJMa24j/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDBUR3R2dWpjNEVlQUw3a2hPSWt4cmJpUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83NDRkZjMtOGUyOS00NThiLWE0NTkt
OGY4Yzg5MjI2ZTNlLzEvTVB4ckFHbWxYaS1SXy1hQW1qMDc1ekxETlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83NDRkZjMtOGUyOS00NThiLWE0NTktOGY4Yzg5MjI2ZTNl
LzEvZDBUR3R2dWpjNEVlQUw3a2hPSWt4cmJpUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJXvgAwQB
wamkAwQAwqnhMA0EAgACMAcDBQAqAFnAMA0GCSqGSIb3DQEBCwUAA4IBAQBhDoqm
+oQZrREQmu3F6OckWAic+fpECzFqf3/L4UplX6i1x74n5+b8005Mr1nsBNjn6mhY
UbKuoGY8qghgPu7HR45425B/uMbSXiXdwebQiJW1nVR7YlzW7sC4vjj4fMQwzMvY
c1t7DYZFOeQzxcmcCeP6FetWpwzYDuv9P0SnXD0m5xWM61QnMl7sXgWEFvoZYKr7
X3c0JgqBtOVKZRLPZQBnb44lkft3BzzOR/dw93mt5enpOk96W1j02b4Gu3DlJB3C
DP5qNGSS1YvhbW4fWhaMFxhzhjmX6dysxUDwOD5rbyyYtL4zRpP729GvbpJlO65k
fh7UbY8kyvhMoUtn
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:56:39 2025 by rpki-client