Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/mtkhlYdRRxy7HTt4lejr_BK0O0E.roa
File: mtkhlYdRRxy7HTt4lejr_BK0O0E.roa (raw, json)
Hash identifier: XUZOJXssCKIIh5ucQaDh2vYICFb1VOST7rkiATGvktw=
Subject key identifier: 9A:D9:21:95:87:51:47:1C:BB:1D:3B:78:95:E8:EB:FC:12:B4:3B:41
Certificate issuer: /CN=9d0a749ae25c1cbb65871d416a79ab4a884ac468
Certificate serial: 01941FFA2725E0109817A4F955BA48A9A111
Authority key identifier: 9D:0A:74:9A:E2:5C:1C:BB:65:87:1D:41:6A:79:AB:4A:88:4A:C4:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQp0muJcHLtlhx1BanmrSohKxGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/mtkhlYdRRxy7HTt4lejr_BK0O0E.roa
Signing time: Wed 01 Jan 2025 03:47:55 +0000
ROA not before: Wed 01 Jan 2025 03:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35266
IP address blocks: 46.30.8.0/21 maxlen: 24
185.69.13.0/24 maxlen: 24
185.69.14.0/23 maxlen: 24
185.81.188.0/22 maxlen: 24
2a01:b000::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:27:25:e0:10:98:17:a4:f9:55:ba:48:a9:a1:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d0a749ae25c1cbb65871d416a79ab4a884ac468
Validity
Not Before: Jan 1 03:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ad921958751471cbb1d3b7895e8ebfc12b43b41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5d:dd:a0:07:b6:e9:c1:99:2c:b8:bc:46:30:
33:98:62:e6:58:c0:5c:59:8a:2d:da:13:b3:98:af:
04:07:5a:66:6b:3d:c3:61:8d:64:10:db:94:88:dc:
0e:3b:12:8b:ca:17:1d:6c:6d:0d:88:e0:04:30:ca:
3a:f1:fe:71:b5:92:f0:c3:e3:6b:82:b6:f9:b3:30:
9c:15:6b:af:f8:21:75:70:8a:7c:85:34:58:25:4a:
fc:eb:81:1b:d6:83:0e:5b:63:17:d1:19:c3:9a:ff:
cf:0b:a0:65:1f:a5:1c:b3:70:ba:ec:f0:81:64:b4:
7e:c9:ff:42:2e:b7:af:7a:7a:9b:23:fe:39:57:31:
04:cf:74:31:d5:0a:c3:08:25:cc:af:f3:33:04:4d:
25:59:c6:30:7a:ec:4c:6f:4d:cd:2c:7d:ed:8e:9d:
86:a0:28:fc:ff:a0:5a:32:40:f5:ef:f8:0a:47:86:
b7:c5:f8:f4:80:ca:c4:55:3a:de:9c:f7:25:8d:74:
26:2d:1c:0a:2d:11:75:46:8f:be:b8:fa:61:c9:7c:
1e:b7:d6:eb:06:4f:2f:39:8c:20:ee:9a:df:6e:e7:
e0:4c:41:c6:0f:aa:d7:9a:88:ce:01:2c:35:51:44:
b1:c5:b7:c9:62:27:a3:a1:ee:cb:76:eb:c1:4c:fd:
bb:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D9:21:95:87:51:47:1C:BB:1D:3B:78:95:E8:EB:FC:12:B4:3B:41
X509v3 Authority Key Identifier:
keyid:9D:0A:74:9A:E2:5C:1C:BB:65:87:1D:41:6A:79:AB:4A:88:4A:C4:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQp0muJcHLtlhx1BanmrSohKxGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/mtkhlYdRRxy7HTt4lejr_BK0O0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/nQp0muJcHLtlhx1BanmrSohKxGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.8.0/21
185.69.13.0-185.69.15.255
185.81.188.0/22
IPv6:
2a01:b000::/32
Signature Algorithm: sha256WithRSAEncryption
2b:7d:0b:fc:a5:92:92:80:6e:61:23:dc:cc:f5:ba:61:db:02:
b7:d4:a6:c9:f0:aa:56:3c:d0:38:7f:16:8e:0d:aa:88:25:82:
30:52:34:55:8f:a0:d6:5f:0b:2d:bc:27:ed:f8:ac:b9:9f:4d:
73:24:75:a3:28:67:05:ec:38:54:b8:f5:54:59:2d:a5:ab:02:
aa:51:88:a0:a1:ba:e3:49:d9:5a:a2:6d:b8:dc:a4:c9:1d:40:
73:38:61:00:96:b3:2b:9c:7b:3f:fe:b9:71:51:51:3a:65:3f:
54:e4:c9:c2:25:5d:e4:4c:82:9e:7d:3b:0a:b0:8a:89:16:78:
95:60:59:26:3a:83:f1:3f:9b:6f:d3:5c:0d:69:d8:14:de:67:
67:9d:59:29:71:ff:95:0a:f9:18:00:65:25:4b:27:b8:d7:d5:
ff:2a:28:7a:a0:dc:2d:fd:d5:19:b6:cc:35:66:0d:96:82:54:
de:d4:23:5a:a3:10:aa:16:32:cc:48:4a:0b:39:41:70:1d:c7:
ac:8b:90:50:4d:a4:33:3e:22:9c:c8:f6:59:bb:5a:b8:55:5e:
14:38:73:19:b7:26:d4:0b:09:05:e5:fc:91:23:04:f9:53:70:
34:3b:22:28:8a:ac:da:c5:4d:43:61:60:a0:3b:01:1d:b1:c5:
db:7e:7a:3c
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQf+icl4BCYF6T5VbpIqaERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMGE3NDlhZTI1YzFjYmI2NTg3MWQ0MTZhNzlhYjRhODg0
YWM0NjgwHhcNMjUwMTAxMDM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQ5MjE5NTg3NTE0NzFjYmIxZDNiNzg5NWU4ZWJmYzEyYjQzYjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6V3doAe26cGZLLi8RjAzmGLmWMBc
WYot2hOzmK8EB1pmaz3DYY1kENuUiNwOOxKLyhcdbG0NiOAEMMo68f5xtZLww+Nr
grb5szCcFWuv+CF1cIp8hTRYJUr864Eb1oMOW2MX0RnDmv/PC6BlH6Ucs3C67PCB
ZLR+yf9CLrevenqbI/45VzEEz3Qx1QrDCCXMr/MzBE0lWcYweuxMb03NLH3tjp2G
oCj8/6BaMkD17/gKR4a3xfj0gMrEVTrenPcljXQmLRwKLRF1Ro++uPphyXwet9br
Bk8vOYwg7prfbufgTEHGD6rXmojOASw1UUSxxbfJYiejoe7LduvBTP27BwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJrZIZWHUUccux07eJXo6/wStDtBMB8GA1UdIwQY
MBaAFJ0KdJriXBy7ZYcdQWp5q0qISsRoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblFwMG11SmNITHRsaHgxQmFubXJTb2hLeEdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NWQwYTctZDgwMi00MWM0LTgxYWYt
MWE2ZDNjOTlkYzQ4LzEvbXRraGxZZFJSeHk3SFR0NGxlanJfQkswTzBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NWQwYTctZDgwMi00MWM0LTgxYWYtMWE2ZDNjOTlkYzQ4
LzEvblFwMG11SmNITHRsaHgxQmFubXJTb2hLeEdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDLh4IMAwD
BAC5RQ0DBAS5RQADBAK5UbwwDQQCAAIwBwMFACoBsAAwDQYJKoZIhvcNAQELBQAD
ggEBACt9C/ylkpKAbmEj3Mz1umHbArfUpsnwqlY80Dh/Fo4NqoglgjBSNFWPoNZf
Cy28J+34rLmfTXMkdaMoZwXsOFS49VRZLaWrAqpRiKChuuNJ2VqibbjcpMkdQHM4
YQCWsyucez/+uXFRUTplP1TkycIlXeRMgp59OwqwiokWeJVgWSY6g/E/m2/TXA1p
2BTeZ2edWSlx/5UK+RgAZSVLJ7jX1f8qKHqg3C391Rm2zDVmDZaCVN7UI1qjEKoW
MsxISgs5QXAdx6yLkFBNpDM+IpzI9lm7WrhVXhQ4cxm3JtQLCQXl/JEjBPlTcDQ7
IiiKrNrFTUNhYKA7AR2xxdt+ejw=
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:56:21 2025 by rpki-client