Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e9ca7a-411c-43a8-952f-cc540608c41d/1/mWhSvkUBXsFafV4R5CtF1RFCi98.roa
File: mWhSvkUBXsFafV4R5CtF1RFCi98.roa (raw, json)
Hash identifier: SLf4YYuqQC736cXUt3YUMZMsShhNwZceRr+OVNF0Bxc=
Subject key identifier: 99:68:52:BE:45:01:5E:C1:5A:7D:5E:11:E4:2B:45:D5:11:42:8B:DF
Certificate issuer: /CN=c7221e402998abc1f035475e158b74e8c76920c0
Certificate serial: 019421B208566D837305CB6A78A602A48E66
Authority key identifier: C7:22:1E:40:29:98:AB:C1:F0:35:47:5E:15:8B:74:E8:C7:69:20:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xyIeQCmYq8HwNUdeFYt06MdpIMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e9ca7a-411c-43a8-952f-cc540608c41d/1/mWhSvkUBXsFafV4R5CtF1RFCi98.roa
Signing time: Wed 01 Jan 2025 11:48:23 +0000
ROA not before: Wed 01 Jan 2025 11:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208972
IP address blocks: 185.201.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:08:56:6d:83:73:05:cb:6a:78:a6:02:a4:8e:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7221e402998abc1f035475e158b74e8c76920c0
Validity
Not Before: Jan 1 11:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=996852be45015ec15a7d5e11e42b45d511428bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ec:38:f7:af:a4:e5:a6:17:2b:29:9b:43:81:
85:ae:6b:72:b9:76:6c:be:41:73:00:c1:ff:dc:ba:
bc:a0:c5:ee:44:b9:22:7d:12:3e:92:8d:7b:54:3c:
7b:be:08:05:3c:4d:ce:b3:22:65:7f:80:a8:cf:c4:
52:d1:b9:72:6e:48:da:f6:6e:58:10:0b:af:05:67:
f0:e8:78:90:56:0e:da:ff:b3:c9:cb:21:d4:83:57:
bf:b2:69:03:e5:39:15:88:0c:ec:38:c3:16:4e:94:
82:ca:5e:0e:aa:82:74:d5:55:7c:bc:a0:99:5f:02:
58:6f:46:57:cf:5c:51:97:44:5a:7f:15:5b:a9:5f:
26:4e:3e:82:8a:b3:b4:66:2e:74:cd:8f:a9:44:7b:
9e:69:6b:b4:88:63:b8:55:7a:79:49:ea:af:41:f0:
44:10:10:c5:26:eb:5c:e8:87:36:9f:d5:fa:90:76:
d5:b3:f7:a1:f5:25:e0:bd:ee:20:0c:44:ea:4c:bf:
37:be:cc:79:a9:52:1a:47:5c:29:c9:fe:4d:83:de:
66:34:80:a0:51:fd:07:55:85:41:23:b6:a4:06:8d:
53:f3:4b:b7:cd:16:00:e7:86:23:c1:6e:68:88:1d:
20:e9:4c:30:ee:ff:8a:ac:e3:5f:96:4f:98:ef:47:
cb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:68:52:BE:45:01:5E:C1:5A:7D:5E:11:E4:2B:45:D5:11:42:8B:DF
X509v3 Authority Key Identifier:
keyid:C7:22:1E:40:29:98:AB:C1:F0:35:47:5E:15:8B:74:E8:C7:69:20:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xyIeQCmYq8HwNUdeFYt06MdpIMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e9ca7a-411c-43a8-952f-cc540608c41d/1/mWhSvkUBXsFafV4R5CtF1RFCi98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e9ca7a-411c-43a8-952f-cc540608c41d/1/xyIeQCmYq8HwNUdeFYt06MdpIMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.133.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:b7:4d:90:49:6d:3a:b2:58:ed:2c:dc:b3:b8:25:77:26:d6:
95:c9:0c:77:d6:83:4f:71:bb:fa:50:33:bb:38:2b:1f:76:6a:
48:24:26:e7:75:d8:b2:f8:26:35:30:80:39:82:54:69:5c:0f:
61:7c:2d:e2:ac:d6:50:b4:62:5d:69:b8:0e:d5:2f:a6:e2:ab:
f4:04:45:b8:5e:f4:9b:2b:d5:6f:4c:dc:8a:ea:45:54:64:ab:
33:c5:0d:71:87:28:9c:5d:78:78:f2:14:4d:33:b5:4c:13:66:
f9:34:a1:91:4c:97:e3:73:70:2d:79:4e:1e:64:87:e0:5e:e1:
22:18:49:bb:03:48:80:e2:f4:69:b9:f7:1f:04:1f:a6:18:4b:
b8:5c:ad:3f:49:a3:1a:5b:7c:72:f2:d4:f2:56:dd:4c:4a:80:
e1:67:94:28:9b:60:9a:54:df:ee:97:e2:f2:f1:d8:a6:ed:87:
f8:fa:d9:95:29:65:b7:8d:8e:60:d7:57:5b:d0:7c:f9:7b:85:
56:98:5b:77:85:1e:87:9c:c1:da:3d:64:4c:84:55:f3:a2:01:
c6:d4:7f:f9:4c:bd:c4:45:92:13:2e:22:4e:3c:ee:c2:7c:41:
0f:14:7d:80:47:55:c4:98:34:f1:9d:aa:88:30:7e:86:c1:d8:
44:67:c2:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsghWbYNzBctqeKYCpI5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MjIxZTQwMjk5OGFiYzFmMDM1NDc1ZTE1OGI3NGU4Yzc2
OTIwYzAwHhcNMjUwMTAxMTE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTY4NTJiZTQ1MDE1ZWMxNWE3ZDVlMTFlNDJiNDVkNTExNDI4YmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuw496+k5aYXKymbQ4GFrmtyuXZs
vkFzAMH/3Lq8oMXuRLkifRI+ko17VDx7vggFPE3OsyJlf4Coz8RS0blybkja9m5Y
EAuvBWfw6HiQVg7a/7PJyyHUg1e/smkD5TkViAzsOMMWTpSCyl4OqoJ01VV8vKCZ
XwJYb0ZXz1xRl0RafxVbqV8mTj6CirO0Zi50zY+pRHueaWu0iGO4VXp5SeqvQfBE
EBDFJutc6Ic2n9X6kHbVs/eh9SXgve4gDETqTL83vsx5qVIaR1wpyf5Ng95mNICg
Uf0HVYVBI7akBo1T80u3zRYA54YjwW5oiB0g6Uww7v+KrONflk+Y70fLlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJloUr5FAV7BWn1eEeQrRdURQovfMB8GA1UdIwQY
MBaAFMciHkApmKvB8DVHXhWLdOjHaSDAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHlJZVFDbVlxOEh3TlVkZUZZdDA2TWRwSU1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOWNhN2EtNDExYy00M2E4LTk1MmYt
Y2M1NDA2MDhjNDFkLzEvbVdoU3ZrVUJYc0ZhZlY0UjVDdEYxUkZDaTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOWNhN2EtNDExYy00M2E4LTk1MmYtY2M1NDA2MDhjNDFk
LzEveHlJZVFDbVlxOEh3TlVkZUZZdDA2TWRwSU1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucmFMA0G
CSqGSIb3DQEBCwUAA4IBAQANt02QSW06sljtLNyzuCV3JtaVyQx31oNPcbv6UDO7
OCsfdmpIJCbnddiy+CY1MIA5glRpXA9hfC3irNZQtGJdabgO1S+m4qv0BEW4XvSb
K9VvTNyK6kVUZKszxQ1xhyicXXh48hRNM7VME2b5NKGRTJfjc3AteU4eZIfgXuEi
GEm7A0iA4vRpufcfBB+mGEu4XK0/SaMaW3xy8tTyVt1MSoDhZ5Qom2CaVN/ul+Ly
8dim7Yf4+tmVKWW3jY5g11db0Hz5e4VWmFt3hR6HnMHaPWRMhFXzogHG1H/5TL3E
RZITLiJOPO7CfEEPFH2AR1XEmDTxnaqIMH6GwdhEZ8LL
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:26:13 2025 by rpki-client