Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/yq2V4sIvuFvaoLe_dif3a50e_mc.roa
File: yq2V4sIvuFvaoLe_dif3a50e_mc.roa (raw, json)
Hash identifier: bRZVRiZ8fuSs+QqdEAV2unTOx/QBFF2bKk0iFVKmz2Y=
Subject key identifier: CA:AD:95:E2:C2:2F:B8:5B:DA:A0:B7:BF:76:27:F7:6B:9D:1E:FE:67
Certificate issuer: /CN=0330d772ba83225bed588ccd1c5c96af03b3770f
Certificate serial: 019420682B76995364585DC66C5DD1A9F002
Authority key identifier: 03:30:D7:72:BA:83:22:5B:ED:58:8C:CD:1C:5C:96:AF:03:B3:77:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AzDXcrqDIlvtWIzNHFyWrwOzdw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/yq2V4sIvuFvaoLe_dif3a50e_mc.roa
Signing time: Wed 01 Jan 2025 05:48:05 +0000
ROA not before: Wed 01 Jan 2025 05:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50920
IP address blocks: 81.16.24.0/22 maxlen: 24
92.39.160.0/20 maxlen: 24
185.64.60.0/22 maxlen: 24
193.28.91.0/24 maxlen: 24
193.28.229.0/24 maxlen: 24
193.151.60.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2b:76:99:53:64:58:5d:c6:6c:5d:d1:a9:f0:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0330d772ba83225bed588ccd1c5c96af03b3770f
Validity
Not Before: Jan 1 05:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=caad95e2c22fb85bdaa0b7bf7627f76b9d1efe67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:a2:d6:19:b4:b1:82:bd:da:b0:54:83:a6:0d:
f5:38:ba:06:b1:e0:6f:6c:ae:3e:03:8d:e9:1f:1a:
59:ee:1a:93:fb:3b:72:6b:73:43:57:31:6e:3c:c1:
92:57:4d:b6:ab:b5:a0:74:61:2f:1b:30:c8:2a:ab:
7b:33:39:80:12:cb:71:f4:f3:6c:7c:60:40:e6:0b:
fb:52:90:8f:51:73:d3:3f:20:32:6c:26:bc:f2:26:
74:d1:fd:54:49:9f:a4:9f:b5:6f:d2:2e:39:d0:90:
53:ef:3f:78:59:40:45:79:31:e2:57:2e:9a:a5:b0:
08:ad:95:cf:8b:4e:7a:dc:65:a4:59:12:d6:1a:84:
cc:65:19:c5:50:88:f9:9a:c2:ab:9e:1c:8c:7a:59:
4c:83:22:e2:64:cf:8e:f1:1c:dc:61:66:5f:9c:17:
ac:85:e9:b0:d8:d8:78:8d:b4:3c:82:f4:f6:33:b6:
99:30:3b:c7:29:95:4c:8c:2a:ec:d9:12:00:aa:64:
4a:ba:40:1e:6d:3c:0d:8d:58:ed:f3:ad:70:4e:4b:
8e:40:68:d3:79:0d:0d:ed:5e:cc:7d:37:a1:79:45:
ae:79:9d:47:ea:90:83:2d:f6:a1:d9:ba:7a:90:7b:
55:16:85:b1:63:85:af:b2:08:58:93:72:d1:4b:a7:
c6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:AD:95:E2:C2:2F:B8:5B:DA:A0:B7:BF:76:27:F7:6B:9D:1E:FE:67
X509v3 Authority Key Identifier:
keyid:03:30:D7:72:BA:83:22:5B:ED:58:8C:CD:1C:5C:96:AF:03:B3:77:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AzDXcrqDIlvtWIzNHFyWrwOzdw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/yq2V4sIvuFvaoLe_dif3a50e_mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/AzDXcrqDIlvtWIzNHFyWrwOzdw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.16.24.0/22
92.39.160.0/20
185.64.60.0/22
193.28.91.0/24
193.28.229.0/24
193.151.60.0/22
Signature Algorithm: sha256WithRSAEncryption
79:d8:1b:87:f2:a3:6b:17:00:ae:f9:48:89:d1:77:1b:60:cc:
4b:7f:2f:e8:b0:d9:06:c4:cb:19:3c:1c:bc:dc:1f:55:af:e4:
aa:dd:91:0e:f1:3d:4a:3b:e4:83:7f:59:01:4e:78:3a:90:a9:
76:4b:a2:bc:4c:b0:f5:da:da:eb:ea:db:16:37:44:1d:6b:cc:
d6:9b:cd:04:bd:e5:6b:e2:c6:89:e5:9c:03:66:90:ea:bd:0e:
9b:9b:c5:6d:2c:9a:89:7c:53:d4:20:49:2c:3d:7c:71:46:b3:
9c:7e:0b:3f:77:fc:52:13:ed:b5:86:d5:8c:79:80:0f:60:45:
21:21:a6:d2:ea:60:bd:8a:50:82:9f:5b:d8:e7:69:c4:48:9c:
aa:d7:b3:96:66:fb:ef:60:dd:18:fc:2f:d1:a2:31:be:37:7b:
a9:08:0b:ad:11:02:0c:4f:c5:10:00:83:8e:5b:46:f9:00:cc:
f4:a4:fb:37:1e:84:15:ef:48:8e:96:45:87:a0:37:a7:22:2b:
31:be:a5:e6:cc:e7:f7:b7:63:71:60:41:b8:dd:18:db:b4:1e:
80:82:92:18:2c:24:e5:e9:76:f6:ad:dd:68:85:83:5b:3a:6b:
31:5d:6d:ad:d8:fd:32:e6:34:50:9e:23:39:c5:47:97:c7:27:
29:cf:42:98
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQgaCt2mVNkWF3GbF3RqfACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMzBkNzcyYmE4MzIyNWJlZDU4OGNjZDFjNWM5NmFmMDNi
Mzc3MGYwHhcNMjUwMTAxMDU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWFkOTVlMmMyMmZiODViZGFhMGI3YmY3NjI3Zjc2YjlkMWVmZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+qLWGbSxgr3asFSDpg31OLoGseBv
bK4+A43pHxpZ7hqT+ztya3NDVzFuPMGSV022q7WgdGEvGzDIKqt7MzmAEstx9PNs
fGBA5gv7UpCPUXPTPyAybCa88iZ00f1USZ+kn7Vv0i450JBT7z94WUBFeTHiVy6a
pbAIrZXPi0563GWkWRLWGoTMZRnFUIj5msKrnhyMellMgyLiZM+O8RzcYWZfnBes
hemw2Nh4jbQ8gvT2M7aZMDvHKZVMjCrs2RIAqmRKukAebTwNjVjt861wTkuOQGjT
eQ0N7V7MfTeheUWueZ1H6pCDLfah2bp6kHtVFoWxY4WvsghYk3LRS6fGtwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMqtleLCL7hb2qC3v3Yn92udHv5nMB8GA1UdIwQY
MBaAFAMw13K6gyJb7ViMzRxclq8Ds3cPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXpEWGNycURJbHZ0V0l6TkhGeVdyd096ZHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGNiY2ItNTBkZS00ODM4LWE4ODct
N2U0NTFjODBkNTZmLzEveXEyVjRzSXZ1RnZhb0xlX2RpZjNhNTBlX21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGNiY2ItNTBkZS00ODM4LWE4ODctN2U0NTFjODBkNTZm
LzEvQXpEWGNycURJbHZ0V0l6TkhGeVdyd096ZHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCURAYAwQE
XCegAwQCuUA8AwQAwRxbAwQAwRzlAwQCwZc8MA0GCSqGSIb3DQEBCwUAA4IBAQB5
2BuH8qNrFwCu+UiJ0XcbYMxLfy/osNkGxMsZPBy83B9Vr+Sq3ZEO8T1KO+SDf1kB
Tng6kKl2S6K8TLD12trr6tsWN0Qda8zWm80EveVr4saJ5ZwDZpDqvQ6bm8VtLJqJ
fFPUIEksPXxxRrOcfgs/d/xSE+21htWMeYAPYEUhIabS6mC9ilCCn1vY52nESJyq
17OWZvvvYN0Y/C/RojG+N3upCAutEQIMT8UQAIOOW0b5AMz0pPs3HoQV70iOlkWH
oDenIisxvqXmzOf3t2NxYEG43RjbtB6AgpIYLCTl6Xb2rd1ohYNbOmsxXW2t2P0y
5jRQniM5xUeXxycpz0KY
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:28:07 2025 by rpki-client