Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/32049c-6393-4106-b30e-1fc1e73f0607/1/mXwM3P_PQQyVSERAjNUZUTUhWjg.roa
File: mXwM3P_PQQyVSERAjNUZUTUhWjg.roa (raw, json)
Hash identifier: 4+JoMMio3r7vvH6PXd1vvlGKdXZmMUa4KFkXT7FGKzk=
Subject key identifier: 99:7C:0C:DC:FF:CF:41:0C:95:48:44:40:8C:D5:19:51:35:21:5A:38
Certificate issuer: /CN=2ffbd9de8d89526c5a49a766c1f485f09f5a9166
Certificate serial: 019422FC21BCB6C16337E0512723085D5B56
Authority key identifier: 2F:FB:D9:DE:8D:89:52:6C:5A:49:A7:66:C1:F4:85:F0:9F:5A:91:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L_vZ3o2JUmxaSadmwfSF8J9akWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/32049c-6393-4106-b30e-1fc1e73f0607/1/mXwM3P_PQQyVSERAjNUZUTUhWjg.roa
Signing time: Wed 01 Jan 2025 17:48:56 +0000
ROA not before: Wed 01 Jan 2025 17:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41561
IP address blocks: 193.201.244.0/22 maxlen: 22
195.78.70.0/23 maxlen: 23
2a04:83c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:21:bc:b6:c1:63:37:e0:51:27:23:08:5d:5b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ffbd9de8d89526c5a49a766c1f485f09f5a9166
Validity
Not Before: Jan 1 17:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=997c0cdcffcf410c954844408cd5195135215a38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7f:cd:8a:db:a4:b4:79:1f:f1:d1:24:97:83:
27:a3:18:0d:9d:11:cd:e7:89:02:09:d5:11:0a:75:
56:2a:1e:b6:7a:08:74:58:a5:4a:02:db:44:fc:e6:
23:28:a0:de:cf:67:f8:ab:6e:10:6f:49:79:06:61:
e1:bd:53:1c:25:78:53:06:71:84:e2:3f:93:3f:7e:
65:b6:d7:82:61:e8:e6:72:08:73:1c:03:6f:fd:48:
1d:67:ac:b3:7c:6d:86:3f:50:e9:05:86:3c:d2:1c:
05:a5:39:0d:4c:f1:25:44:c8:02:0f:cf:4f:35:af:
fb:7a:2d:f8:a0:6d:34:bc:17:7a:44:cf:1d:d9:3a:
9f:80:a6:d4:cf:9b:4f:92:db:ce:c0:18:72:eb:fb:
b3:cd:f1:58:46:3d:8a:10:1b:2a:b2:89:7e:d3:64:
94:27:5d:82:c7:e7:ec:7c:a7:4d:81:b3:ce:b5:9b:
1d:2b:e0:db:3b:93:c5:6b:df:5c:97:eb:20:5d:7a:
75:89:38:fe:c7:cb:74:0c:53:f5:77:60:ef:36:b7:
56:92:39:c2:84:da:c3:d1:da:94:a7:8c:aa:e5:ea:
b8:e0:75:1d:eb:af:0b:d1:0b:34:94:a7:a1:57:6c:
44:6e:00:cc:66:96:5a:67:8e:0f:c6:f4:65:55:1d:
ec:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:7C:0C:DC:FF:CF:41:0C:95:48:44:40:8C:D5:19:51:35:21:5A:38
X509v3 Authority Key Identifier:
keyid:2F:FB:D9:DE:8D:89:52:6C:5A:49:A7:66:C1:F4:85:F0:9F:5A:91:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L_vZ3o2JUmxaSadmwfSF8J9akWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/32049c-6393-4106-b30e-1fc1e73f0607/1/mXwM3P_PQQyVSERAjNUZUTUhWjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/32049c-6393-4106-b30e-1fc1e73f0607/1/L_vZ3o2JUmxaSadmwfSF8J9akWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.244.0/22
195.78.70.0/23
IPv6:
2a04:83c0::/29
Signature Algorithm: sha256WithRSAEncryption
12:7b:6e:78:fd:53:e1:b3:3c:a3:d0:ae:e3:e6:55:d9:75:da:
7c:79:32:a2:70:0c:57:7e:71:97:6f:40:16:cc:f2:bf:cb:82:
87:d9:c6:08:bf:dc:5b:71:c0:35:ca:78:01:1f:ca:ce:ca:c4:
4d:25:89:30:ee:cf:17:4f:cf:31:08:36:33:f4:34:cd:e4:be:
ce:13:d6:f6:16:7e:5b:ce:36:a0:ff:61:73:2f:10:64:55:0a:
15:6f:ff:24:d9:2a:8b:34:dd:f8:99:b0:1f:8a:88:ad:33:5d:
79:0c:9f:f1:a5:ae:51:06:69:f3:08:a5:8b:77:82:71:36:44:
37:43:2b:51:c0:fd:9b:3a:bc:84:06:62:e2:08:80:35:ec:3c:
bc:8a:5f:ba:f1:4f:83:74:a7:11:a2:69:9a:5d:b1:1f:9c:e0:
66:52:7c:28:29:d3:64:5b:91:f3:b9:46:c6:ce:12:eb:d2:5a:
68:a5:c4:87:7b:4e:4b:fc:5f:2d:b0:e0:d7:36:dc:43:50:98:
1f:77:a0:50:40:5e:b9:4c:38:9f:65:f4:60:48:5d:8a:33:93:
df:d3:74:cb:ca:6e:c4:29:be:b4:a9:59:b6:9a:10:8b:5c:fc:
41:0c:a3:2b:ff:9f:65:1f:0c:8f:81:eb:91:17:cb:39:9d:da:
b0:85:3d:27
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQi/CG8tsFjN+BRJyMIXVtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZmJkOWRlOGQ4OTUyNmM1YTQ5YTc2NmMxZjQ4NWYwOWY1
YTkxNjYwHhcNMjUwMTAxMTc0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTdjMGNkY2ZmY2Y0MTBjOTU0ODQ0NDA4Y2Q1MTk1MTM1MjE1YTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3/NituktHkf8dEkl4MnoxgNnRHN
54kCCdURCnVWKh62egh0WKVKAttE/OYjKKDez2f4q24Qb0l5BmHhvVMcJXhTBnGE
4j+TP35ltteCYejmcghzHANv/UgdZ6yzfG2GP1DpBYY80hwFpTkNTPElRMgCD89P
Na/7ei34oG00vBd6RM8d2TqfgKbUz5tPktvOwBhy6/uzzfFYRj2KEBsqsol+02SU
J12Cx+fsfKdNgbPOtZsdK+DbO5PFa99cl+sgXXp1iTj+x8t0DFP1d2DvNrdWkjnC
hNrD0dqUp4yq5eq44HUd668L0Qs0lKehV2xEbgDMZpZaZ44PxvRlVR3s4QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJl8DNz/z0EMlUhEQIzVGVE1IVo4MB8GA1UdIwQY
MBaAFC/72d6NiVJsWkmnZsH0hfCfWpFmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTF92WjNvMkpVbXhhU2FkbXdmU0Y4Sjlha1dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMjA0OWMtNjM5My00MTA2LWIzMGUt
MWZjMWU3M2YwNjA3LzEvbVh3TTNQX1BRUXlWU0VSQWpOVVpVVFVoV2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMjA0OWMtNjM5My00MTA2LWIzMGUtMWZjMWU3M2YwNjA3
LzEvTF92WjNvMkpVbXhhU2FkbXdmU0Y4Sjlha1dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwcn0AwQB
w05GMA0EAgACMAcDBQMqBIPAMA0GCSqGSIb3DQEBCwUAA4IBAQASe254/VPhszyj
0K7j5lXZddp8eTKicAxXfnGXb0AWzPK/y4KH2cYIv9xbccA1yngBH8rOysRNJYkw
7s8XT88xCDYz9DTN5L7OE9b2Fn5bzjag/2FzLxBkVQoVb/8k2SqLNN34mbAfioit
M115DJ/xpa5RBmnzCKWLd4JxNkQ3QytRwP2bOryEBmLiCIA17Dy8il+68U+DdKcR
ommaXbEfnOBmUnwoKdNkW5HzuUbGzhLr0lpopcSHe05L/F8tsODXNtxDUJgfd6BQ
QF65TDifZfRgSF2KM5Pf03TLym7EKb60qVm2mhCLXPxBDKMr/59lHwyPgeuRF8s5
ndqwhT0n
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net