Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d718e4-8abc-4b23-ac10-c102ee96858e/1/MN9DXXfhSKbEIdYAeS63OJtTNTM.roa
File: MN9DXXfhSKbEIdYAeS63OJtTNTM.roa (raw, json)
Hash identifier: IbJiyeetvwoy/pj327xJTH6HMYNK/ZCgaJ8rwR+7loE=
Subject key identifier: 30:DF:43:5D:77:E1:48:A6:C4:21:D6:00:79:2E:B7:38:9B:53:35:33
Certificate issuer: /CN=e726926b6e8970cf84d6b4756fa9c56211200537
Certificate serial: 01941F8C8A539ECDCF94846077600391097E
Authority key identifier: E7:26:92:6B:6E:89:70:CF:84:D6:B4:75:6F:A9:C5:62:11:20:05:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5yaSa26JcM-E1rR1b6nFYhEgBTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d718e4-8abc-4b23-ac10-c102ee96858e/1/MN9DXXfhSKbEIdYAeS63OJtTNTM.roa
Signing time: Wed 01 Jan 2025 01:48:11 +0000
ROA not before: Wed 01 Jan 2025 01:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47701
IP address blocks: 185.144.40.0/24 maxlen: 24
185.144.41.0/24 maxlen: 24
185.144.42.0/24 maxlen: 24
185.144.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:8a:53:9e:cd:cf:94:84:60:77:60:03:91:09:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e726926b6e8970cf84d6b4756fa9c56211200537
Validity
Not Before: Jan 1 01:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30df435d77e148a6c421d600792eb7389b533533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c4:df:29:d2:fa:67:97:f9:af:b6:5f:4f:f8:
59:fc:15:84:9b:91:a9:fc:fc:e7:81:52:f2:07:b4:
cf:a1:b0:0f:11:3e:a0:4b:99:9b:3e:64:96:5b:86:
4e:b6:ee:da:6b:86:20:5b:3c:b7:13:ba:46:a6:22:
9e:9c:76:87:8a:4b:90:9b:11:b6:4a:e1:df:5f:31:
85:36:14:b1:15:8d:83:fc:7a:05:3e:54:42:e9:e5:
7b:ab:a1:35:f0:91:6f:ec:6c:31:24:61:a5:cd:59:
20:12:b2:73:f7:d8:13:b2:8b:e6:8b:84:a1:d1:c3:
28:7d:19:c1:e8:2d:be:a0:b0:d6:29:10:36:bf:58:
9d:e0:06:32:c4:92:70:58:c9:ff:99:28:03:65:4d:
5c:de:11:00:d0:24:2f:07:09:0c:56:49:1f:03:70:
72:66:63:11:85:c9:48:87:bd:72:b8:73:64:3d:d5:
b5:46:bf:5e:72:32:75:2b:2a:89:77:e6:b0:02:cc:
7f:8a:86:3f:dd:bd:f7:6d:49:a2:96:96:fb:d5:bc:
ee:48:88:39:77:65:e9:33:54:72:81:24:f3:f6:7a:
98:38:95:b9:65:ca:1f:4f:e8:03:b8:5f:d2:77:6b:
9d:e5:0a:43:56:7a:7e:c6:6d:fc:16:21:c8:f0:1b:
dd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:DF:43:5D:77:E1:48:A6:C4:21:D6:00:79:2E:B7:38:9B:53:35:33
X509v3 Authority Key Identifier:
keyid:E7:26:92:6B:6E:89:70:CF:84:D6:B4:75:6F:A9:C5:62:11:20:05:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5yaSa26JcM-E1rR1b6nFYhEgBTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d718e4-8abc-4b23-ac10-c102ee96858e/1/MN9DXXfhSKbEIdYAeS63OJtTNTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d718e4-8abc-4b23-ac10-c102ee96858e/1/5yaSa26JcM-E1rR1b6nFYhEgBTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.40.0/22
Signature Algorithm: sha256WithRSAEncryption
98:ed:30:91:f9:cc:d2:36:a2:1f:f7:52:f2:3f:af:0f:d7:64:
3d:22:99:df:4c:75:3d:b6:4f:7f:2d:fb:cb:42:db:ef:ce:84:
f0:16:bc:0d:00:9e:27:01:10:c9:75:1b:05:8c:d3:4c:87:f1:
74:e9:ce:2d:0d:70:b6:85:9e:70:1b:07:ce:9d:82:26:2a:61:
80:3a:ff:87:01:7d:a4:da:f5:d1:18:2d:5d:6d:15:bd:de:47:
f0:ac:e9:04:7d:71:c2:b4:d1:9f:a9:d1:e8:82:ae:ed:1c:fe:
7f:97:89:5d:ad:c0:9a:7e:f4:7d:73:4b:ce:1e:51:8d:5a:ae:
0a:94:6b:24:09:5a:7c:54:6a:e0:b6:11:15:6d:d8:fa:74:08:
a8:93:c6:de:e2:19:57:42:fd:c8:6a:35:f1:b5:5b:5d:ef:b0:
fd:cd:12:3c:5e:2d:cb:bb:04:00:32:f9:46:ee:af:e9:a0:eb:
c6:8f:e7:5a:91:af:a0:b5:4e:e0:af:ab:fb:d8:11:07:6b:24:
8c:de:c7:08:86:cc:35:e2:34:c5:3d:c1:fc:42:48:d3:b1:bb:
57:6f:fc:0a:32:e3:50:fb:c6:8e:84:fc:64:ba:c1:36:2b:50:
a4:8f:ab:3f:bf:29:03:c3:31:45:20:19:77:7f:b2:af:66:45:
65:5e:56:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjIpTns3PlIRgd2ADkQl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MjY5MjZiNmU4OTcwY2Y4NGQ2YjQ3NTZmYTljNTYyMTEy
MDA1MzcwHhcNMjUwMTAxMDE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGRmNDM1ZDc3ZTE0OGE2YzQyMWQ2MDA3OTJlYjczODliNTMzNTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8TfKdL6Z5f5r7ZfT/hZ/BWEm5Gp
/PzngVLyB7TPobAPET6gS5mbPmSWW4ZOtu7aa4YgWzy3E7pGpiKenHaHikuQmxG2
SuHfXzGFNhSxFY2D/HoFPlRC6eV7q6E18JFv7GwxJGGlzVkgErJz99gTsovmi4Sh
0cMofRnB6C2+oLDWKRA2v1id4AYyxJJwWMn/mSgDZU1c3hEA0CQvBwkMVkkfA3By
ZmMRhclIh71yuHNkPdW1Rr9ecjJ1KyqJd+awAsx/ioY/3b33bUmilpb71bzuSIg5
d2XpM1RygSTz9nqYOJW5ZcofT+gDuF/Sd2ud5QpDVnp+xm38FiHI8BvdqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDDfQ1134UimxCHWAHkutzibUzUzMB8GA1UdIwQY
MBaAFOcmkmtuiXDPhNa0dW+pxWIRIAU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXlhU2EyNkpjTS1FMXJSMWI2bkZZaEVnQlRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kNzE4ZTQtOGFiYy00YjIzLWFjMTAt
YzEwMmVlOTY4NThlLzEvTU45RFhYZmhTS2JFSWRZQWVTNjNPSnRUTlRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kNzE4ZTQtOGFiYy00YjIzLWFjMTAtYzEwMmVlOTY4NThl
LzEvNXlhU2EyNkpjTS1FMXJSMWI2bkZZaEVnQlRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZAoMA0G
CSqGSIb3DQEBCwUAA4IBAQCY7TCR+czSNqIf91LyP68P12Q9IpnfTHU9tk9/LfvL
QtvvzoTwFrwNAJ4nARDJdRsFjNNMh/F06c4tDXC2hZ5wGwfOnYImKmGAOv+HAX2k
2vXRGC1dbRW93kfwrOkEfXHCtNGfqdHogq7tHP5/l4ldrcCafvR9c0vOHlGNWq4K
lGskCVp8VGrgthEVbdj6dAiok8be4hlXQv3IajXxtVtd77D9zRI8Xi3LuwQAMvlG
7q/poOvGj+daka+gtU7gr6v72BEHaySM3scIhsw14jTFPcH8QkjTsbtXb/wKMuNQ
+8aOhPxkusE2K1Ckj6s/vykDwzFFIBl3f7KvZkVlXlbt
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:21:25 2025 by rpki-client