Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/MG8GkG1guL2JPQamlCCVL0WmXAU.roa
File: MG8GkG1guL2JPQamlCCVL0WmXAU.roa (raw, json)
Hash identifier: zOqvBBG8dg13+yUZPiGoLbhSAZEkww5TYWxAzF0vCsU=
Subject key identifier: 30:6F:06:90:6D:60:B8:BD:89:3D:06:A6:94:20:95:2F:45:A6:5C:05
Certificate issuer: /CN=1902391799337601331f5a12af11e9f4f6421159
Certificate serial: 0194221F9EB2E22E541B5BBF235699976AFF
Authority key identifier: 19:02:39:17:99:33:76:01:33:1F:5A:12:AF:11:E9:F4:F6:42:11:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GQI5F5kzdgEzH1oSrxHp9PZCEVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/MG8GkG1guL2JPQamlCCVL0WmXAU.roa
Signing time: Wed 01 Jan 2025 13:48:05 +0000
ROA not before: Wed 01 Jan 2025 13:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60427
IP address blocks: 80.240.107.0/24 maxlen: 24
185.64.128.0/22 maxlen: 22
185.64.128.0/24 maxlen: 24
185.64.129.0/24 maxlen: 24
185.64.130.0/24 maxlen: 24
185.64.131.0/24 maxlen: 24
185.87.236.0/24 maxlen: 24
194.5.183.0/24 maxlen: 24
2a03:14a0::/32 maxlen: 32
2a03:14a0::/48 maxlen: 48
2a03:14a0:1::/48 maxlen: 48
2a03:14a0:2::/48 maxlen: 48
2a03:14a0:3::/48 maxlen: 48
2a03:14a0:5::/48 maxlen: 48
2a03:14a0:1301::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9e:b2:e2:2e:54:1b:5b:bf:23:56:99:97:6a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1902391799337601331f5a12af11e9f4f6421159
Validity
Not Before: Jan 1 13:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=306f06906d60b8bd893d06a69420952f45a65c05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:bf:73:7c:84:22:f4:bd:e9:ef:da:b4:70:
d0:70:16:f9:47:0c:6b:0d:87:27:57:fc:29:ba:19:
8d:aa:1b:ab:b7:ee:6f:7b:d4:3d:b6:fb:4b:02:a7:
6c:85:ce:e1:67:9c:0d:95:5f:5f:2f:83:77:bf:fd:
b7:3b:5c:20:fe:15:84:1b:1b:6f:65:6c:a0:af:21:
b8:14:97:1c:59:d2:1b:19:3a:95:9c:7b:0c:ff:ef:
0c:a4:2c:b5:d0:fd:c6:0e:28:c3:88:bd:7a:35:c3:
97:a7:81:60:db:fb:87:0f:ad:76:dd:c6:5f:f1:39:
14:60:ae:72:d2:6f:22:22:51:7b:88:ee:a0:d0:fc:
50:bc:db:e7:52:2b:19:d9:bf:f7:0a:17:5b:0f:a5:
e7:7d:e3:0f:12:03:18:99:e4:8b:25:0c:36:69:c4:
e3:13:bc:4a:d7:7f:2a:5d:ce:69:57:3c:31:32:ad:
5e:08:ab:15:37:bc:77:2a:0e:09:38:09:eb:84:93:
b2:32:a3:4c:ec:33:bc:71:0e:4b:35:73:8b:d0:de:
4d:d6:47:09:86:4e:9c:1c:c9:c0:0e:4f:7c:23:85:
b0:9d:6e:18:21:c5:dc:a4:19:86:be:f3:cb:07:3a:
df:3e:66:4c:2a:75:f0:93:8f:2d:3a:85:6f:11:08:
fe:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6F:06:90:6D:60:B8:BD:89:3D:06:A6:94:20:95:2F:45:A6:5C:05
X509v3 Authority Key Identifier:
keyid:19:02:39:17:99:33:76:01:33:1F:5A:12:AF:11:E9:F4:F6:42:11:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GQI5F5kzdgEzH1oSrxHp9PZCEVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/MG8GkG1guL2JPQamlCCVL0WmXAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/GQI5F5kzdgEzH1oSrxHp9PZCEVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.107.0/24
185.64.128.0/22
185.87.236.0/24
194.5.183.0/24
IPv6:
2a03:14a0::/32
Signature Algorithm: sha256WithRSAEncryption
c2:16:4e:7c:fd:94:3e:f0:d2:e2:4d:c6:ae:74:4d:1b:a7:ee:
9a:d3:a3:e1:10:a7:74:8e:70:57:c3:aa:80:72:18:30:15:a2:
05:e7:47:36:30:4d:cc:24:8f:5a:6d:84:75:97:12:36:6f:1b:
03:bf:ef:8f:7f:2d:00:42:12:0e:d4:55:21:6e:f1:0d:d9:a1:
ad:48:4b:20:74:28:13:8e:38:a7:53:16:89:19:1e:b0:49:c3:
c7:d8:f6:6c:95:ad:66:5e:c9:d0:15:f2:57:6f:da:2d:74:d3:
2c:ad:ac:81:70:30:42:de:82:51:bb:f2:48:79:68:2f:6e:5d:
c0:49:ce:b2:e0:17:18:71:81:3f:fa:39:0f:7e:66:ba:33:b1:
c9:49:43:af:ef:2c:a4:ac:28:a4:ab:de:63:d9:da:2d:a5:6c:
f3:cb:fa:9b:31:b0:92:92:2c:fa:79:a5:38:7e:d2:35:5a:91:
2c:93:37:ce:a0:d8:f7:31:b7:51:cf:bf:7b:81:f0:51:24:6e:
9b:2e:e3:9c:7d:29:0d:23:33:b1:8a:ab:5f:e9:a4:8d:68:02:
ec:fc:58:70:f0:1b:d0:95:f2:bf:91:9f:c5:58:34:3a:3f:9e:
b6:a8:95:d6:93:a8:f0:2e:2c:36:da:fb:f1:a1:6c:06:9e:d8:
07:79:a4:56
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQiH56y4i5UG1u/I1aZl2r/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MDIzOTE3OTkzMzc2MDEzMzFmNWExMmFmMTFlOWY0ZjY0
MjExNTkwHhcNMjUwMTAxMTM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDZmMDY5MDZkNjBiOGJkODkzZDA2YTY5NDIwOTUyZjQ1YTY1YzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPm/c3yEIvS96e/atHDQcBb5Rwxr
DYcnV/wpuhmNqhurt+5ve9Q9tvtLAqdshc7hZ5wNlV9fL4N3v/23O1wg/hWEGxtv
ZWygryG4FJccWdIbGTqVnHsM/+8MpCy10P3GDijDiL16NcOXp4Fg2/uHD6123cZf
8TkUYK5y0m8iIlF7iO6g0PxQvNvnUisZ2b/3ChdbD6XnfeMPEgMYmeSLJQw2acTj
E7xK138qXc5pVzwxMq1eCKsVN7x3Kg4JOAnrhJOyMqNM7DO8cQ5LNXOL0N5N1kcJ
hk6cHMnADk98I4WwnW4YIcXcpBmGvvPLBzrfPmZMKnXwk48tOoVvEQj+gQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDBvBpBtYLi9iT0GppQglS9FplwFMB8GA1UdIwQY
MBaAFBkCOReZM3YBMx9aEq8R6fT2QhFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1FJNUY1a3pkZ0V6SDFvU3J4SHA5UFpDRVZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9hOWZmMWEtZDU4MC00YjQyLWJkODct
NTU5NzI2MGY2NWVlLzEvTUc4R2tHMWd1TDJKUFFhbWxDQ1ZMMFdtWEFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9hOWZmMWEtZDU4MC00YjQyLWJkODctNTU5NzI2MGY2NWVl
LzEvR1FJNUY1a3pkZ0V6SDFvU3J4SHA5UFpDRVZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAUPBrAwQC
uUCAAwQAuVfsAwQAwgW3MA0EAgACMAcDBQAqAxSgMA0GCSqGSIb3DQEBCwUAA4IB
AQDCFk58/ZQ+8NLiTcaudE0bp+6a06PhEKd0jnBXw6qAchgwFaIF50c2ME3MJI9a
bYR1lxI2bxsDv++Pfy0AQhIO1FUhbvEN2aGtSEsgdCgTjjinUxaJGR6wScPH2PZs
la1mXsnQFfJXb9otdNMsrayBcDBC3oJRu/JIeWgvbl3ASc6y4BcYcYE/+jkPfma6
M7HJSUOv7yykrCikq95j2dotpWzzy/qbMbCSkiz6eaU4ftI1WpEskzfOoNj3MbdR
z797gfBRJG6bLuOcfSkNIzOxiqtf6aSNaALs/Fhw8BvQlfK/kZ/FWDQ6P562qJXW
k6jwLiw22vvxoWwGntgHeaRW
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:45:00 2025 by rpki-client