Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/f4dc76-dcd2-475b-9e68-c22395ce1be4/1/MMlvH8atmySzJI7kLxLVPyyRhLQ.roa
File: MMlvH8atmySzJI7kLxLVPyyRhLQ.roa (raw, json)
Hash identifier: bccMFVINTXPOtpxYZS3LUeW2cuJPhCPq33JXorYAWpk=
Subject key identifier: 30:C9:6F:1F:C6:AD:9B:24:B3:24:8E:E4:2F:12:D5:3F:2C:91:84:B4
Certificate issuer: /CN=38f746b81aec00e36b9bcb7a08642a64e913da5b
Certificate serial: 01942521E966264ECFFF22CFAD6951632D5B
Authority key identifier: 38:F7:46:B8:1A:EC:00:E3:6B:9B:CB:7A:08:64:2A:64:E9:13:DA:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPdGuBrsAONrm8t6CGQqZOkT2ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/f4dc76-dcd2-475b-9e68-c22395ce1be4/1/MMlvH8atmySzJI7kLxLVPyyRhLQ.roa
Signing time: Thu 02 Jan 2025 03:49:26 +0000
ROA not before: Thu 02 Jan 2025 03:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199117
IP address blocks: 91.240.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e9:66:26:4e:cf:ff:22:cf:ad:69:51:63:2d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38f746b81aec00e36b9bcb7a08642a64e913da5b
Validity
Not Before: Jan 2 03:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30c96f1fc6ad9b24b3248ee42f12d53f2c9184b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:15:92:6c:1e:52:0d:fb:44:40:4e:a0:13:be:
8b:58:1b:85:af:43:5e:03:f7:13:02:52:d6:1f:62:
62:06:7e:89:54:f8:6e:e5:02:19:62:fe:44:17:f1:
b4:4c:e0:02:bf:20:4d:68:7f:dc:ca:f8:55:5d:3b:
3a:aa:05:15:bc:51:7d:ae:39:db:29:6f:c9:9b:19:
08:6e:82:ae:a0:e2:3a:f0:f4:1b:5a:f4:a3:24:8b:
a8:ba:b5:79:f3:3f:b5:4a:3f:4e:68:65:e5:f1:68:
e7:b9:f8:82:9f:ce:9e:cb:eb:91:2b:45:cd:06:eb:
b3:0f:93:da:9d:0c:88:79:d5:bf:7d:13:0b:61:81:
df:d8:36:a4:cb:03:79:4a:15:ae:e8:18:b0:9d:6b:
90:6a:22:96:1e:3e:06:42:4e:9f:a5:da:b5:20:c5:
09:bc:d4:db:02:55:8f:79:8f:bf:59:54:84:9c:24:
08:5d:e0:70:e9:cd:51:25:0c:78:44:f9:41:db:8e:
24:95:dc:85:d4:4c:78:c2:4f:21:b2:93:a0:4e:1a:
0b:06:82:f3:bd:6b:33:da:89:c7:64:ae:bf:7a:f5:
12:10:46:ab:8c:66:d3:0d:ca:08:30:ef:aa:87:f0:
c6:91:ce:50:83:ae:b2:3e:d4:3d:e9:78:66:32:4b:
ae:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C9:6F:1F:C6:AD:9B:24:B3:24:8E:E4:2F:12:D5:3F:2C:91:84:B4
X509v3 Authority Key Identifier:
keyid:38:F7:46:B8:1A:EC:00:E3:6B:9B:CB:7A:08:64:2A:64:E9:13:DA:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPdGuBrsAONrm8t6CGQqZOkT2ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f4dc76-dcd2-475b-9e68-c22395ce1be4/1/MMlvH8atmySzJI7kLxLVPyyRhLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f4dc76-dcd2-475b-9e68-c22395ce1be4/1/OPdGuBrsAONrm8t6CGQqZOkT2ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.241.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:63:8f:ab:fc:81:86:d0:0d:58:31:20:12:ef:a4:78:cc:0c:
50:7b:74:87:2d:f8:2c:26:4b:aa:63:55:a0:c2:a0:0e:2d:0a:
69:24:f8:56:70:ad:ea:c1:12:77:63:1b:c0:90:da:92:45:78:
77:38:a5:f9:99:63:17:14:d1:77:b8:d5:9f:73:70:ae:79:39:
3f:8f:dd:04:92:08:12:41:ee:c3:64:05:6a:bf:05:24:cf:05:
cd:d3:08:bd:ff:59:c7:8d:55:a3:12:42:a0:8a:7e:25:d1:c6:
cb:48:72:33:3b:24:22:10:ef:3b:10:ca:26:ea:64:e4:f0:1f:
9e:5e:ea:02:49:ac:6e:34:87:e4:ea:ee:75:7f:23:00:a7:6a:
bc:27:19:5d:9d:64:65:b7:63:d8:76:0b:57:93:14:d6:24:49:
95:2b:dd:bd:f5:2c:a3:4a:41:c4:3a:b3:59:1f:4e:51:b0:1e:
0b:80:64:48:52:9d:d9:26:33:08:19:4f:54:d9:bb:04:09:1c:
05:44:9d:c4:5d:36:db:7e:2a:41:ed:7a:70:57:02:bc:be:52:
0d:a7:3d:6e:c0:66:47:df:12:cc:28:d6:04:22:bf:e4:fc:8f:
b2:95:f9:53:a6:2b:00:10:41:34:f0:7a:23:db:c8:d0:fd:59:
b5:cb:7a:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIelmJk7P/yLPrWlRYy1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Zjc0NmI4MWFlYzAwZTM2YjliY2I3YTA4NjQyYTY0ZTkx
M2RhNWIwHhcNMjUwMTAyMDM0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGM5NmYxZmM2YWQ5YjI0YjMyNDhlZTQyZjEyZDUzZjJjOTE4NGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohWSbB5SDftEQE6gE76LWBuFr0Ne
A/cTAlLWH2JiBn6JVPhu5QIZYv5EF/G0TOACvyBNaH/cyvhVXTs6qgUVvFF9rjnb
KW/JmxkIboKuoOI68PQbWvSjJIuourV58z+1Sj9OaGXl8WjnufiCn86ey+uRK0XN
BuuzD5PanQyIedW/fRMLYYHf2DakywN5ShWu6BiwnWuQaiKWHj4GQk6fpdq1IMUJ
vNTbAlWPeY+/WVSEnCQIXeBw6c1RJQx4RPlB244kldyF1Ex4wk8hspOgThoLBoLz
vWsz2onHZK6/evUSEEarjGbTDcoIMO+qh/DGkc5Qg66yPtQ96XhmMkuuKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDDJbx/GrZsksySO5C8S1T8skYS0MB8GA1UdIwQY
MBaAFDj3Rrga7ADja5vLeghkKmTpE9pbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BkR3VCcnNBT05ybTh0NkNHUXFaT2tUMmxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9mNGRjNzYtZGNkMi00NzViLTllNjgt
YzIyMzk1Y2UxYmU0LzEvTU1sdkg4YXRteVN6Skk3a0x4TFZQeXlSaExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9mNGRjNzYtZGNkMi00NzViLTllNjgtYzIyMzk1Y2UxYmU0
LzEvT1BkR3VCcnNBT05ybTh0NkNHUXFaT2tUMmxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/DxMA0G
CSqGSIb3DQEBCwUAA4IBAQCgY4+r/IGG0A1YMSAS76R4zAxQe3SHLfgsJkuqY1Wg
wqAOLQppJPhWcK3qwRJ3YxvAkNqSRXh3OKX5mWMXFNF3uNWfc3CueTk/j90EkggS
Qe7DZAVqvwUkzwXN0wi9/1nHjVWjEkKgin4l0cbLSHIzOyQiEO87EMom6mTk8B+e
XuoCSaxuNIfk6u51fyMAp2q8JxldnWRlt2PYdgtXkxTWJEmVK9299SyjSkHEOrNZ
H05RsB4LgGRIUp3ZJjMIGU9U2bsECRwFRJ3EXTbbfipB7XpwVwK8vlINpz1uwGZH
3xLMKNYEIr/k/I+ylflTpisAEEE08Hoj28jQ/Vm1y3p+
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:40:51 2025 by rpki-client