Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/93af97-3b9e-4961-8904-a6f611a8ab93/1/MsZP7jFPKkJqiHU_2G78BAV7afI.roa
File: MsZP7jFPKkJqiHU_2G78BAV7afI.roa (raw, json)
Hash identifier: MXKAJZ6YryHNNBfafKO5IJGZB2W0L2svHImaEXgu2Vk=
Subject key identifier: 32:C6:4F:EE:31:4F:2A:42:6A:88:75:3F:D8:6E:FC:04:05:7B:69:F2
Certificate issuer: /CN=09c746f67b7ac56ea6dd85951ec022cbbd67af06
Certificate serial: 01942369A2EBED97A422C09E6A4210DAF07F
Authority key identifier: 09:C7:46:F6:7B:7A:C5:6E:A6:DD:85:95:1E:C0:22:CB:BD:67:AF:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CcdG9nt6xW6m3YWVHsAiy71nrwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/93af97-3b9e-4961-8904-a6f611a8ab93/1/MsZP7jFPKkJqiHU_2G78BAV7afI.roa
Signing time: Wed 01 Jan 2025 19:48:33 +0000
ROA not before: Wed 01 Jan 2025 19:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210759
IP address blocks: 185.204.96.0/24 maxlen: 24
185.204.97.0/24 maxlen: 24
185.204.98.0/24 maxlen: 24
2a0a:f540::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:a2:eb:ed:97:a4:22:c0:9e:6a:42:10:da:f0:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09c746f67b7ac56ea6dd85951ec022cbbd67af06
Validity
Not Before: Jan 1 19:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32c64fee314f2a426a88753fd86efc04057b69f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:70:35:64:d7:d0:68:c2:2e:f4:ee:d7:21:14:
95:d3:53:e1:4e:e6:b9:4d:de:1a:db:6c:59:b8:ca:
8b:3c:41:8d:d4:48:08:32:72:72:15:b0:00:96:03:
5b:86:c0:f5:d2:1b:c1:20:d3:eb:74:76:2b:85:43:
53:de:35:c8:af:42:c8:db:50:41:ef:b9:17:c7:91:
7d:32:b7:94:c1:94:0f:77:67:93:21:89:f3:5c:56:
28:5e:6f:e7:d8:0e:78:9a:41:94:be:c4:98:b2:99:
20:51:fd:69:ca:6c:00:21:f3:2e:9d:42:82:92:94:
26:8a:67:69:8f:ad:38:9e:db:31:9b:4a:e7:fb:58:
7e:ad:26:e2:96:44:54:29:48:71:92:c4:94:6d:ea:
c0:16:43:0d:cd:3f:b6:8d:9a:a8:5e:bf:b7:d9:ac:
87:53:12:79:b5:13:c3:73:3d:2b:29:fd:cf:d1:1c:
b9:97:53:3b:87:ed:74:68:0f:0a:b2:60:b7:3d:ca:
b9:2c:44:1b:c5:5c:0d:52:97:01:0c:34:51:62:9e:
8b:c6:c7:6b:dd:fc:e0:cd:fc:d4:70:87:98:85:1e:
cc:58:d8:33:cc:99:1b:13:c6:d8:80:34:14:56:75:
70:16:47:74:90:b1:2d:76:54:bc:69:16:91:01:6f:
49:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C6:4F:EE:31:4F:2A:42:6A:88:75:3F:D8:6E:FC:04:05:7B:69:F2
X509v3 Authority Key Identifier:
keyid:09:C7:46:F6:7B:7A:C5:6E:A6:DD:85:95:1E:C0:22:CB:BD:67:AF:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CcdG9nt6xW6m3YWVHsAiy71nrwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/93af97-3b9e-4961-8904-a6f611a8ab93/1/MsZP7jFPKkJqiHU_2G78BAV7afI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/93af97-3b9e-4961-8904-a6f611a8ab93/1/CcdG9nt6xW6m3YWVHsAiy71nrwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.96.0-185.204.98.255
IPv6:
2a0a:f540::/29
Signature Algorithm: sha256WithRSAEncryption
b5:c8:4a:88:a4:09:c6:40:19:83:6f:70:81:2f:2c:8e:57:90:
7a:07:74:62:a5:09:a7:7c:c4:09:d1:46:e4:7d:f2:72:34:52:
98:b4:41:c2:3d:95:3e:c0:63:fc:cc:37:19:7b:cf:ad:89:17:
cf:61:8f:4c:30:c3:a5:31:3a:05:05:b3:02:d0:3d:e3:77:e0:
bd:fa:f0:af:5b:63:e0:57:49:37:10:11:10:60:9b:e6:ba:72:
06:3b:47:4e:88:84:1d:c4:9f:da:51:d9:ae:f8:aa:d5:5e:6b:
60:08:ad:35:f1:52:66:4e:f5:1c:07:85:8e:1b:a3:07:92:94:
58:b7:4f:48:ac:18:72:77:df:a8:69:8f:b4:1c:c6:33:75:25:
ce:e3:51:f4:ae:40:1d:c4:c4:16:b6:af:d9:f6:0d:50:49:3e:
02:9a:9d:ee:f3:f5:e8:da:8a:ad:c1:b6:61:60:b6:20:53:76:
19:b2:a1:a6:57:6e:c0:21:d3:e6:42:e9:df:3d:8b:93:4e:05:
d7:8a:8c:d5:76:e8:d3:28:a9:28:6f:46:d6:e8:ad:33:fd:bb:
f3:2d:29:b4:c2:3f:6d:83:12:12:53:df:0b:b8:3b:41:35:86:
f0:ef:0a:c6:1a:3f:91:5b:f8:38:ac:12:81:13:da:0c:b9:8e:
dc:0f:d2:2e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQjaaLr7ZekIsCeakIQ2vB/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5Yzc0NmY2N2I3YWM1NmVhNmRkODU5NTFlYzAyMmNiYmQ2
N2FmMDYwHhcNMjUwMTAxMTk0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmM2NGZlZTMxNGYyYTQyNmE4ODc1M2ZkODZlZmMwNDA1N2I2OWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XA1ZNfQaMIu9O7XIRSV01PhTua5
Td4a22xZuMqLPEGN1EgIMnJyFbAAlgNbhsD10hvBINPrdHYrhUNT3jXIr0LI21BB
77kXx5F9MreUwZQPd2eTIYnzXFYoXm/n2A54mkGUvsSYspkgUf1pymwAIfMunUKC
kpQmimdpj604ntsxm0rn+1h+rSbilkRUKUhxksSUberAFkMNzT+2jZqoXr+32ayH
UxJ5tRPDcz0rKf3P0Ry5l1M7h+10aA8KsmC3Pcq5LEQbxVwNUpcBDDRRYp6Lxsdr
3fzgzfzUcIeYhR7MWNgzzJkbE8bYgDQUVnVwFkd0kLEtdlS8aRaRAW9JzwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDLGT+4xTypCaoh1P9hu/AQFe2nyMB8GA1UdIwQY
MBaAFAnHRvZ7esVupt2FlR7AIsu9Z68GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2NkRzludDZ4VzZtM1lXVkhzQWl5NzFucndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC85M2FmOTctM2I5ZS00OTYxLTg5MDQt
YTZmNjExYThhYjkzLzEvTXNaUDdqRlBLa0pxaUhVXzJHNzhCQVY3YWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC85M2FmOTctM2I5ZS00OTYxLTg5MDQtYTZmNjExYThhYjkz
LzEvQ2NkRzludDZ4VzZtM1lXVkhzQWl5NzFucndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAW5zGAD
BAC5zGIwDQQCAAIwBwMFAyoK9UAwDQYJKoZIhvcNAQELBQADggEBALXISoikCcZA
GYNvcIEvLI5XkHoHdGKlCad8xAnRRuR98nI0Upi0QcI9lT7AY/zMNxl7z62JF89h
j0www6UxOgUFswLQPeN34L368K9bY+BXSTcQERBgm+a6cgY7R06IhB3En9pR2a74
qtVea2AIrTXxUmZO9RwHhY4boweSlFi3T0isGHJ336hpj7QcxjN1Jc7jUfSuQB3E
xBa2r9n2DVBJPgKane7z9ejaiq3BtmFgtiBTdhmyoaZXbsAh0+ZC6d89i5NOBdeK
jNV26NMoqShvRtborTP9u/MtKbTCP22DEhJT3wu4O0E1hvDvCsYaP5Fb+DisEoET
2gy5jtwP0i4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:21:46 2025 by rpki-client