Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/0c2ec3-3844-4b5f-9f58-5f1b69048fe2/1/MwggIWb8xKY_Gmyt-jhjyCB3Knk.roa
File: MwggIWb8xKY_Gmyt-jhjyCB3Knk.roa (raw, json)
Hash identifier: 2e03nmncmnuNRXI/WbH4mmPniZO75Z2kJ+MSZTXtduk=
Subject key identifier: 33:08:20:21:66:FC:C4:A6:3F:1A:6C:AD:FA:38:63:C8:20:77:2A:79
Certificate issuer: /CN=423d93054f063cf8a291861735f90059ab9ec169
Certificate serial: 0194236A25BBAA1526A975F39F0DFFED00B1
Authority key identifier: 42:3D:93:05:4F:06:3C:F8:A2:91:86:17:35:F9:00:59:AB:9E:C1:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qj2TBU8GPPiikYYXNfkAWauewWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/0c2ec3-3844-4b5f-9f58-5f1b69048fe2/1/MwggIWb8xKY_Gmyt-jhjyCB3Knk.roa
Signing time: Wed 01 Jan 2025 19:49:06 +0000
ROA not before: Wed 01 Jan 2025 19:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204834
IP address blocks: 178.157.0.0/24 maxlen: 24
185.188.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:25:bb:aa:15:26:a9:75:f3:9f:0d:ff:ed:00:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=423d93054f063cf8a291861735f90059ab9ec169
Validity
Not Before: Jan 1 19:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3308202166fcc4a63f1a6cadfa3863c820772a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9d:0e:4a:10:4d:23:24:c9:df:2f:44:eb:fe:
62:bb:b2:2e:83:40:ed:b8:3b:34:e9:b3:59:8b:44:
90:0a:8d:08:f6:a1:2e:49:0f:64:12:c0:31:8e:0b:
b4:d1:65:62:6c:01:4f:40:ea:26:22:43:a6:08:62:
aa:98:b3:38:d3:6a:4d:aa:c2:a4:81:ba:92:e1:20:
74:f1:af:77:8a:0d:11:5e:62:3d:51:f5:1c:18:2e:
4c:cf:68:4e:8a:f0:d0:d2:e8:04:db:d3:d2:b5:cb:
63:9e:de:4a:b1:a9:b4:58:31:59:3a:19:72:0c:6f:
c8:3f:60:93:1c:d1:83:0e:31:31:ee:83:7a:4e:18:
37:4c:ec:08:7c:b7:5d:84:08:aa:f7:7a:0f:85:f5:
a6:a7:3d:43:3f:ff:23:3c:81:85:cb:6d:61:74:61:
2a:89:f4:11:ac:f5:6b:ba:a3:2b:cd:a0:0b:2a:3c:
48:77:ae:da:6d:9e:f5:50:a9:cb:ee:de:91:69:a1:
4e:a1:bc:e9:b4:33:ae:3e:51:af:96:f1:62:5c:1e:
07:bc:50:ed:2a:7f:95:1a:31:15:25:02:83:c1:86:
c6:69:71:ef:c3:cf:33:10:5a:24:a2:b2:eb:1c:a1:
54:3d:de:dd:01:1d:7d:4a:48:42:0d:be:11:e7:04:
39:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:08:20:21:66:FC:C4:A6:3F:1A:6C:AD:FA:38:63:C8:20:77:2A:79
X509v3 Authority Key Identifier:
keyid:42:3D:93:05:4F:06:3C:F8:A2:91:86:17:35:F9:00:59:AB:9E:C1:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qj2TBU8GPPiikYYXNfkAWauewWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0c2ec3-3844-4b5f-9f58-5f1b69048fe2/1/MwggIWb8xKY_Gmyt-jhjyCB3Knk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0c2ec3-3844-4b5f-9f58-5f1b69048fe2/1/Qj2TBU8GPPiikYYXNfkAWauewWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.157.0.0/24
185.188.112.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:2f:5f:78:b8:ad:70:d1:25:f8:ce:99:d6:6c:58:c9:ee:4a:
5f:58:7f:0c:52:ff:b1:7b:2c:30:95:ee:84:cb:24:1f:98:f2:
3c:7b:ee:7e:2a:f1:cd:2e:2c:40:c4:e7:71:18:73:f0:3c:18:
3b:92:9c:7b:ed:d8:b7:27:62:73:f6:a9:13:2c:f5:6d:54:07:
57:c1:be:96:5c:c9:ad:21:92:8f:e6:c9:6f:4e:2b:26:4b:0a:
2e:98:25:6b:d8:10:36:95:31:42:11:47:c1:3e:47:98:d4:8f:
0d:c1:25:12:df:67:b8:9e:a8:43:e0:e6:c0:b0:19:6c:19:73:
cb:1e:5b:e4:5a:06:c4:0f:f2:ef:4e:b1:dc:3a:bf:04:a7:53:
4e:fd:1e:88:f0:41:ec:df:14:66:8d:42:5e:2b:51:f1:e8:d1:
d4:ee:fe:be:cb:71:b2:e8:5f:bf:ad:ee:c9:8c:e2:6a:16:36:
83:18:89:66:54:6e:ac:9f:f6:f0:68:31:69:ab:0f:c2:7d:22:
25:0f:8b:b0:c4:80:16:9e:a7:f7:0f:9a:a4:01:11:00:74:90:
29:74:c8:11:e2:a0:d9:38:d1:04:54:d7:7f:20:8c:db:31:bf:
1e:44:c8:65:08:27:4c:d5:74:99:b1:06:ca:ec:1a:bc:4d:b7:
7f:35:77:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaiW7qhUmqXXznw3/7QCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyM2Q5MzA1NGYwNjNjZjhhMjkxODYxNzM1ZjkwMDU5YWI5
ZWMxNjkwHhcNMjUwMTAxMTk0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzA4MjAyMTY2ZmNjNGE2M2YxYTZjYWRmYTM4NjNjODIwNzcyYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup0OShBNIyTJ3y9E6/5iu7Iug0Dt
uDs06bNZi0SQCo0I9qEuSQ9kEsAxjgu00WVibAFPQOomIkOmCGKqmLM402pNqsKk
gbqS4SB08a93ig0RXmI9UfUcGC5Mz2hOivDQ0ugE29PStctjnt5Ksam0WDFZOhly
DG/IP2CTHNGDDjEx7oN6Thg3TOwIfLddhAiq93oPhfWmpz1DP/8jPIGFy21hdGEq
ifQRrPVruqMrzaALKjxId67abZ71UKnL7t6RaaFOobzptDOuPlGvlvFiXB4HvFDt
Kn+VGjEVJQKDwYbGaXHvw88zEFokorLrHKFUPd7dAR19SkhCDb4R5wQ5kwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDMIICFm/MSmPxpsrfo4Y8ggdyp5MB8GA1UdIwQY
MBaAFEI9kwVPBjz4opGGFzX5AFmrnsFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWoyVEJVOEdQUGlpa1lZWE5ma0FXYXVld1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8wYzJlYzMtMzg0NC00YjVmLTlmNTgt
NWYxYjY5MDQ4ZmUyLzEvTXdnZ0lXYjh4S1lfR215dC1qaGp5Q0IzS25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8wYzJlYzMtMzg0NC00YjVmLTlmNTgtNWYxYjY5MDQ4ZmUy
LzEvUWoyVEJVOEdQUGlpa1lZWE5ma0FXYXVld1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsp0AAwQA
ubxwMA0GCSqGSIb3DQEBCwUAA4IBAQAtL194uK1w0SX4zpnWbFjJ7kpfWH8MUv+x
eywwle6EyyQfmPI8e+5+KvHNLixAxOdxGHPwPBg7kpx77di3J2Jz9qkTLPVtVAdX
wb6WXMmtIZKP5slvTismSwoumCVr2BA2lTFCEUfBPkeY1I8NwSUS32e4nqhD4ObA
sBlsGXPLHlvkWgbED/LvTrHcOr8Ep1NO/R6I8EHs3xRmjUJeK1Hx6NHU7v6+y3Gy
6F+/re7JjOJqFjaDGIlmVG6sn/bwaDFpqw/CfSIlD4uwxIAWnqf3D5qkAREAdJAp
dMgR4qDZONEEVNd/IIzbMb8eRMhlCCdM1XSZsQbK7Bq8Tbd/NXed
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:40:42 2025 by rpki-client