Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/1c67ef-e83d-4427-864b-c59825bbcb32/1/Mhhz4wUnWbhungV9qmdIiiClbC4.roa
File: Mhhz4wUnWbhungV9qmdIiiClbC4.roa (raw, json)
Hash identifier: vs++Lho+ybbPqiNcZp7StywgPzEvRC+QjSZW2g6/U6I=
Subject key identifier: 32:18:73:E3:05:27:59:B8:6E:9E:05:7D:AA:67:48:8A:20:A5:6C:2E
Certificate issuer: /CN=d4afe3f0c9e555e52d3505d6163278df3da18cee
Certificate serial: 019620253718B06E7C706575A2C73EF1DBFD
Authority key identifier: D4:AF:E3:F0:C9:E5:55:E5:2D:35:05:D6:16:32:78:DF:3D:A1:8C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1K_j8MnlVeUtNQXWFjJ43z2hjO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/1c67ef-e83d-4427-864b-c59825bbcb32/1/Mhhz4wUnWbhungV9qmdIiiClbC4.roa
Signing time: Thu 10 Apr 2025 14:40:31 +0000
ROA not before: Thu 10 Apr 2025 14:40:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60781
IP address blocks: 46.17.14.0/23 maxlen: 23
2a02:2870:8000::/33 maxlen: 33
2a02:2871::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:20:25:37:18:b0:6e:7c:70:65:75:a2:c7:3e:f1:db:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4afe3f0c9e555e52d3505d6163278df3da18cee
Validity
Not Before: Apr 10 14:40:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=321873e3052759b86e9e057daa67488a20a56c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:30:08:6a:69:fa:0a:fb:02:cf:d4:32:55:61:
a0:aa:3f:ea:21:38:c2:5b:97:89:ac:fe:5d:66:b5:
94:2a:84:5f:ab:d8:02:5b:10:fc:06:50:e4:25:33:
09:1e:c8:84:7f:ec:e3:b1:89:d0:78:15:26:2d:14:
40:12:38:68:bd:50:7c:75:bc:c6:27:40:4e:cb:dd:
f7:24:92:92:57:2f:65:44:2c:fd:88:6f:93:ea:bc:
63:03:05:91:5c:ab:2e:8b:b9:7d:40:4e:07:75:5c:
6d:2f:3f:04:4c:a1:54:f0:8a:24:02:2f:f8:bd:d4:
8f:4c:dc:bf:02:cd:5f:e3:fe:b8:1f:da:59:8a:ed:
00:bc:94:17:fa:81:db:ec:16:78:35:e2:df:04:17:
3f:fb:e9:72:b1:02:9b:69:42:c5:87:79:b3:c5:a0:
8b:ec:72:05:05:81:88:61:a3:05:90:eb:2b:17:eb:
ac:98:7f:89:8c:59:93:a2:7e:4f:e9:44:24:53:dd:
8e:4f:1d:5c:3e:73:ad:47:50:04:9c:0d:ca:8a:7a:
57:c9:92:a5:0c:96:6f:d6:0c:e2:cb:f1:76:00:01:
c2:80:27:43:f5:cf:7f:a2:a3:9c:0a:d6:01:5d:5b:
d0:b4:29:35:a1:9f:a4:ab:ab:35:ad:b8:3f:8e:71:
d7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:18:73:E3:05:27:59:B8:6E:9E:05:7D:AA:67:48:8A:20:A5:6C:2E
X509v3 Authority Key Identifier:
keyid:D4:AF:E3:F0:C9:E5:55:E5:2D:35:05:D6:16:32:78:DF:3D:A1:8C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1K_j8MnlVeUtNQXWFjJ43z2hjO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1c67ef-e83d-4427-864b-c59825bbcb32/1/Mhhz4wUnWbhungV9qmdIiiClbC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1c67ef-e83d-4427-864b-c59825bbcb32/1/1K_j8MnlVeUtNQXWFjJ43z2hjO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.14.0/23
IPv6:
2a02:2870:8000::-2a02:2871:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
85:0b:11:0a:23:70:ce:2d:a8:1c:a8:57:56:da:06:c7:42:ae:
6a:f2:61:f9:d8:c8:df:f9:d1:39:3e:1c:28:bd:07:58:df:4a:
92:dc:2c:3d:64:af:89:f4:e7:8d:8b:c5:8d:83:8a:22:28:4c:
db:a7:5c:d7:8f:97:32:c7:ad:dd:78:52:a7:ce:de:48:07:65:
22:85:bf:13:b6:73:b5:4d:a1:c0:08:6e:3a:04:0d:77:12:c2:
d9:cf:f4:f8:6b:f3:f8:90:0c:94:8f:5e:c6:85:d4:cd:e1:5f:
38:51:3f:18:06:81:67:8a:af:47:56:59:cb:0e:4c:3b:a7:00:
a0:a0:dc:e6:27:d4:fa:50:cc:84:00:95:a0:ae:da:c3:3f:33:
ac:d2:a2:24:2f:89:65:1a:b9:29:e8:75:38:f6:ce:5f:d4:0a:
e3:e7:a8:41:33:3e:fc:fe:f1:7e:b6:db:a0:c4:e7:8d:43:4d:
34:e7:2b:a3:e6:d4:5a:70:e0:b8:cf:64:82:f8:3d:ab:df:f1:
69:88:ea:60:de:e5:b5:a8:4b:87:42:85:18:0f:38:2f:a2:c0:
d3:15:9f:0d:68:cd:41:5e:46:0f:9a:43:52:a5:21:b8:8a:89:
86:a8:4f:53:31:10:bc:9f:48:ce:2f:dd:38:54:5f:a2:60:65:
0c:e6:2b:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYgJTcYsG58cGV1osc+8dv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YWZlM2YwYzllNTU1ZTUyZDM1MDVkNjE2MzI3OGRmM2Rh
MThjZWUwHhcNMjUwNDEwMTQ0MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjE4NzNlMzA1Mjc1OWI4NmU5ZTA1N2RhYTY3NDg4YTIwYTU2YzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTAIamn6CvsCz9QyVWGgqj/qITjC
W5eJrP5dZrWUKoRfq9gCWxD8BlDkJTMJHsiEf+zjsYnQeBUmLRRAEjhovVB8dbzG
J0BOy933JJKSVy9lRCz9iG+T6rxjAwWRXKsui7l9QE4HdVxtLz8ETKFU8IokAi/4
vdSPTNy/As1f4/64H9pZiu0AvJQX+oHb7BZ4NeLfBBc/++lysQKbaULFh3mzxaCL
7HIFBYGIYaMFkOsrF+usmH+JjFmTon5P6UQkU92OTx1cPnOtR1AEnA3KinpXyZKl
DJZv1gziy/F2AAHCgCdD9c9/oqOcCtYBXVvQtCk1oZ+kq6s1rbg/jnHXIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIYc+MFJ1m4bp4FfapnSIogpWwuMB8GA1UdIwQY
MBaAFNSv4/DJ5VXlLTUF1hYyeN89oYzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUtfajhNbmxWZVV0TlFYV0ZqSjQzejJoak80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xYzY3ZWYtZTgzZC00NDI3LTg2NGIt
YzU5ODI1YmJjYjMyLzEvTWhoejR3VW5XYmh1bmdWOXFtZElpaUNsYkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xYzY3ZWYtZTgzZC00NDI3LTg2NGItYzU5ODI1YmJjYjMy
LzEvMUtfajhNbmxWZVV0TlFYV0ZqSjQzejJoak80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQBLhEOMBcE
AgACMBEwDwMGByoCKHCAAwUBKgIocDANBgkqhkiG9w0BAQsFAAOCAQEAhQsRCiNw
zi2oHKhXVtoGx0KuavJh+djI3/nROT4cKL0HWN9KktwsPWSvifTnjYvFjYOKIihM
26dc14+XMset3XhSp87eSAdlIoW/E7ZztU2hwAhuOgQNdxLC2c/0+Gvz+JAMlI9e
xoXUzeFfOFE/GAaBZ4qvR1ZZyw5MO6cAoKDc5ifU+lDMhACVoK7awz8zrNKiJC+J
ZRq5Keh1OPbOX9QK4+eoQTM+/P7xfrbboMTnjUNNNOcro+bUWnDguM9kgvg9q9/x
aYjqYN7ltahLh0KFGA84L6LA0xWfDWjNQV5GD5pDUqUhuIqJhqhPUzEQvJ9Izi/d
OFRfomBlDOYrpg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:51 2025 by rpki-client on console.sobornost.net