Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/mMdAkncXd62KSLEMH5-GZ2xifmI.roa
File: mMdAkncXd62KSLEMH5-GZ2xifmI.roa (raw, json)
Hash identifier: BsiKxHj0OcEVg20ZYqrvGiqQgj+ynivI6054d313+QE=
Subject key identifier: 98:C7:40:92:77:17:77:AD:8A:48:B1:0C:1F:9F:86:67:6C:62:7E:62
Certificate issuer: /CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Certificate serial: 0194221FBAB4F30FC05DC3DC0AC82036FA0C
Authority key identifier: B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/mMdAkncXd62KSLEMH5-GZ2xifmI.roa
Signing time: Wed 01 Jan 2025 13:48:12 +0000
ROA not before: Wed 01 Jan 2025 13:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20688
IP address blocks: 185.18.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ba:b4:f3:0f:c0:5d:c3:dc:0a:c8:20:36:fa:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Validity
Not Before: Jan 1 13:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98c74092771777ad8a48b10c1f9f86676c627e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:62:b9:14:35:6a:a1:3d:34:f4:f9:b0:4c:d6:
79:ae:0a:7c:62:20:a7:6d:40:4e:67:7c:89:e6:fe:
82:e8:f4:f5:46:dc:5b:0c:54:28:e4:75:c2:d7:3a:
27:c0:3e:91:11:a8:eb:42:ed:24:f6:7b:18:d6:b9:
37:36:d2:49:f0:7d:a0:ee:c0:48:13:ac:70:b4:3b:
6c:d8:78:7e:02:31:58:af:ea:21:7d:7f:ef:e3:3e:
b1:09:c1:6e:1e:29:2b:31:7a:d1:3e:fd:fc:95:49:
b0:6f:a4:6a:26:99:b6:de:bf:f1:f7:3e:e0:4a:61:
56:fd:c0:f8:9b:41:29:28:57:7d:50:58:62:65:51:
2b:42:1a:73:5f:84:0d:11:d3:cd:b1:ba:7a:db:20:
2e:c0:31:8c:d3:78:8c:82:a8:a0:a1:6a:18:e8:45:
f8:fb:0d:7c:dd:8a:99:b5:c2:d9:a9:a1:74:e3:c0:
33:38:b4:5b:89:aa:6d:bc:d4:e0:1f:af:a9:ef:26:
6c:8b:a6:af:c1:0f:ec:4b:64:86:d6:ed:23:89:8f:
2e:60:14:bc:aa:ce:c2:e5:33:71:7b:71:e5:25:45:
4f:e3:54:50:f8:6e:c2:29:8b:c1:3a:7c:e3:99:b2:
a3:68:75:7c:95:4e:fb:73:74:06:ba:04:79:99:66:
52:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C7:40:92:77:17:77:AD:8A:48:B1:0C:1F:9F:86:67:6C:62:7E:62
X509v3 Authority Key Identifier:
keyid:B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/mMdAkncXd62KSLEMH5-GZ2xifmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.91.0/24
Signature Algorithm: sha256WithRSAEncryption
95:3a:fd:d3:6b:7a:11:14:ea:e4:03:b4:8a:a4:d1:6a:19:6b:
a4:45:cf:95:16:73:db:9c:62:a6:f1:a3:9b:34:a0:e3:53:00:
50:d5:8e:85:17:9b:0e:58:ce:8d:9a:11:7e:9a:2f:82:31:5f:
75:8f:c7:27:e5:c6:ba:18:f4:22:c3:08:f7:51:ff:bb:c3:9a:
77:9e:05:a4:7c:32:b9:a2:d6:95:36:37:a4:70:76:f1:20:4f:
f7:2d:d5:8d:29:0a:ca:b5:17:be:56:77:9e:bb:59:26:35:35:
35:20:06:84:86:ab:ad:22:eb:f4:98:9f:56:5b:da:f3:72:22:
07:12:a5:04:1e:eb:7c:2b:a5:47:52:b8:3f:b2:dd:ab:c7:da:
2e:d1:61:d4:04:b3:3b:ab:b1:d4:d9:2a:7f:f7:e1:ca:f4:e5:
1b:99:aa:d1:a3:89:81:7d:b9:6c:01:0e:9c:db:0e:71:9e:5f:
39:5a:82:b3:28:44:25:bd:b1:e6:ca:3d:67:ca:38:77:d6:d2:
83:ca:86:6c:e4:5d:d4:0a:bf:4b:0e:e7:fc:b1:a2:ff:ec:4a:
7d:e9:62:37:a0:db:f3:15:5d:ac:02:85:43:e3:6a:10:a0:27:
9c:fc:50:d5:49:07:1f:d2:09:3d:a7:61:4a:62:de:80:50:ed:
27:b5:c8:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH7q08w/AXcPcCsggNvoMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzI2MWQ3MTUzNDhiZmQ3M2NlOWRiYjcyNDg4NjU2OTkz
YmEyZjEwHhcNMjUwMTAxMTM0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGM3NDA5Mjc3MTc3N2FkOGE0OGIxMGMxZjlmODY2NzZjNjI3ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mK5FDVqoT009PmwTNZ5rgp8YiCn
bUBOZ3yJ5v6C6PT1RtxbDFQo5HXC1zonwD6REajrQu0k9nsY1rk3NtJJ8H2g7sBI
E6xwtDts2Hh+AjFYr+ohfX/v4z6xCcFuHikrMXrRPv38lUmwb6RqJpm23r/x9z7g
SmFW/cD4m0EpKFd9UFhiZVErQhpzX4QNEdPNsbp62yAuwDGM03iMgqigoWoY6EX4
+w183YqZtcLZqaF048AzOLRbiaptvNTgH6+p7yZsi6avwQ/sS2SG1u0jiY8uYBS8
qs7C5TNxe3HlJUVP41RQ+G7CKYvBOnzjmbKjaHV8lU77c3QGugR5mWZSTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjHQJJ3F3etikixDB+fhmdsYn5iMB8GA1UdIwQY
MBaAFLJyYdcVNIv9c86du3JIhlaZO6LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2Yt
NTA0ZjI3NjY3NjBmLzEvbU1kQWtuY1hkNjJLU0xFTUg1LUdaMnhpZm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2YtNTA0ZjI3NjY3NjBm
LzEvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRJbMA0G
CSqGSIb3DQEBCwUAA4IBAQCVOv3Ta3oRFOrkA7SKpNFqGWukRc+VFnPbnGKm8aOb
NKDjUwBQ1Y6FF5sOWM6NmhF+mi+CMV91j8cn5ca6GPQiwwj3Uf+7w5p3ngWkfDK5
otaVNjekcHbxIE/3LdWNKQrKtRe+Vneeu1kmNTU1IAaEhqutIuv0mJ9WW9rzciIH
EqUEHut8K6VHUrg/st2rx9ou0WHUBLM7q7HU2Sp/9+HK9OUbmarRo4mBfblsAQ6c
2w5xnl85WoKzKEQlvbHmyj1nyjh31tKDyoZs5F3UCr9LDuf8saL/7Ep96WI3oNvz
FV2sAoVD42oQoCec/FDVSQcf0gk9p2FKYt6AUO0ntci3
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:55:25 2025 by rpki-client