Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/MTuQql9Rh88BHIoSEfi0N5xULhQ.roa
File: MTuQql9Rh88BHIoSEfi0N5xULhQ.roa (raw, json)
Hash identifier: c4KaJbDb+YQM6dcx+R5wyGu53GnRsEWM+y0F8Wui/6Q=
Subject key identifier: 31:3B:90:AA:5F:51:87:CF:01:1C:8A:12:11:F8:B4:37:9C:54:2E:14
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 019420683B3DEE4EA46E4A9196786A9C51B8
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/MTuQql9Rh88BHIoSEfi0N5xULhQ.roa
Signing time: Wed 01 Jan 2025 05:48:09 +0000
ROA not before: Wed 01 Jan 2025 05:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57053
IP address blocks: 185.155.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:3b:3d:ee:4e:a4:6e:4a:91:96:78:6a:9c:51:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Jan 1 05:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=313b90aa5f5187cf011c8a1211f8b4379c542e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:e7:2a:d0:0a:7b:06:0c:bb:4c:ba:c7:76:84:
38:2d:02:47:0c:8f:5d:45:08:e5:32:d3:ef:21:cc:
5f:ea:84:ca:42:75:55:0c:81:5c:8b:c5:a2:dd:2b:
49:7c:6c:f1:d1:a6:15:8f:f7:e3:d6:c8:71:85:97:
20:29:16:70:bb:f6:65:ea:61:5a:49:80:e2:bd:cf:
3b:82:4c:48:07:02:8d:a3:27:7e:31:70:d2:52:17:
d1:79:d6:ab:2f:77:6b:59:63:4f:58:51:88:6c:68:
04:0d:cf:fb:86:68:15:d1:26:48:ee:3a:0e:10:75:
7e:1e:67:ab:e0:c8:20:80:0e:9b:56:f7:75:96:ee:
55:36:e4:bf:ea:88:a5:e6:91:ba:b3:5b:bf:66:ad:
0b:1a:e5:d9:7d:d2:fe:88:a7:81:17:be:97:be:5c:
b6:87:a0:96:3e:55:94:af:be:3d:6a:9b:5a:ed:7e:
89:8e:9b:f3:9d:d5:4b:3e:e0:20:33:1d:61:20:bb:
a6:31:ac:08:eb:4c:81:0e:c5:14:95:9b:e9:cd:c5:
ab:47:89:5d:b5:40:6d:5d:c2:e1:3a:b6:77:f9:55:
e7:ae:37:eb:b8:cc:46:b3:91:a0:6c:b8:a0:cf:4b:
5a:87:3d:26:23:4d:2d:bc:e2:d6:16:6c:ae:2f:bb:
ab:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:3B:90:AA:5F:51:87:CF:01:1C:8A:12:11:F8:B4:37:9C:54:2E:14
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/MTuQql9Rh88BHIoSEfi0N5xULhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.159.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:b2:8e:40:d8:6b:be:4e:07:eb:88:55:02:1c:3f:c5:90:9a:
03:60:4b:e6:e0:2b:e6:c4:aa:c5:dc:d8:f6:93:f2:81:95:6f:
3f:a0:55:c4:ee:67:3d:f0:3e:34:81:90:3a:3e:c3:a7:25:5d:
e7:ec:be:26:e3:b6:51:0a:2d:c6:a2:70:55:20:37:b5:a6:03:
cc:dd:d6:d9:58:0c:a0:77:98:47:55:9d:e8:36:aa:87:3e:9a:
3b:50:e3:03:4c:3a:34:68:ad:04:7f:f2:78:bc:64:b1:f9:99:
15:28:bc:80:7b:94:56:08:f9:4f:5a:71:a3:91:b7:63:96:94:
0a:d9:ec:cc:f1:c0:53:fa:b4:b3:97:ee:e0:5b:13:1b:e0:78:
fa:fe:98:62:ae:00:9d:8f:f7:ed:83:c2:77:2a:36:ef:b2:a6:
d4:82:79:50:64:7e:52:d3:3c:7b:4a:b0:51:dd:b0:dd:9b:d4:
ff:6c:84:a8:4c:53:4d:fe:a5:72:37:83:cb:a8:c3:c9:7c:50:
59:47:ea:d2:5d:26:4f:c5:40:8d:b6:47:d3:ec:5f:5d:d6:5e:
45:e1:e8:32:5d:53:91:56:ec:bf:63:8c:07:ea:2e:64:e2:49:
92:45:6e:af:d0:85:39:08:ff:85:dd:3a:ed:8f:80:ab:f9:0c:
ce:3a:9f:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaDs97k6kbkqRlnhqnFG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjUwMTAxMDU0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTNiOTBhYTVmNTE4N2NmMDExYzhhMTIxMWY4YjQzNzljNTQyZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ecq0Ap7Bgy7TLrHdoQ4LQJHDI9d
RQjlMtPvIcxf6oTKQnVVDIFci8Wi3StJfGzx0aYVj/fj1shxhZcgKRZwu/Zl6mFa
SYDivc87gkxIBwKNoyd+MXDSUhfRedarL3drWWNPWFGIbGgEDc/7hmgV0SZI7joO
EHV+Hmer4MgggA6bVvd1lu5VNuS/6oil5pG6s1u/Zq0LGuXZfdL+iKeBF76Xvly2
h6CWPlWUr749apta7X6JjpvzndVLPuAgMx1hILumMawI60yBDsUUlZvpzcWrR4ld
tUBtXcLhOrZ3+VXnrjfruMxGs5GgbLigz0tahz0mI00tvOLWFmyuL7urfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDE7kKpfUYfPARyKEhH4tDecVC4UMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvTVR1UXFsOVJoODhCSElvU0VmaTBONXhVTGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZufMA0G
CSqGSIb3DQEBCwUAA4IBAQCuso5A2Gu+TgfriFUCHD/FkJoDYEvm4CvmxKrF3Nj2
k/KBlW8/oFXE7mc98D40gZA6PsOnJV3n7L4m47ZRCi3GonBVIDe1pgPM3dbZWAyg
d5hHVZ3oNqqHPpo7UOMDTDo0aK0Ef/J4vGSx+ZkVKLyAe5RWCPlPWnGjkbdjlpQK
2ezM8cBT+rSzl+7gWxMb4Hj6/phirgCdj/ftg8J3KjbvsqbUgnlQZH5S0zx7SrBR
3bDdm9T/bISoTFNN/qVyN4PLqMPJfFBZR+rSXSZPxUCNtkfT7F9d1l5F4egyXVOR
Vuy/Y4wH6i5k4kmSRW6v0IU5CP+F3Trtj4Cr+QzOOp/a
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:15:31 2025 by rpki-client