Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/MkGUvFc5JSBVNeM_VILad8s5zXE.roa
File: MkGUvFc5JSBVNeM_VILad8s5zXE.roa (raw, json)
Hash identifier: y7TqFtSF44B35KxghjCNu7WMj5pJpzLxmoZgRpNM7r8=
Subject key identifier: 32:41:94:BC:57:39:25:20:55:35:E3:3F:54:82:DA:77:CB:39:CD:71
Certificate issuer: /CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Certificate serial: 019420D5F023C27567FB613D3973151D6718
Authority key identifier: 3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/MkGUvFc5JSBVNeM_VILad8s5zXE.roa
Signing time: Wed 01 Jan 2025 07:47:59 +0000
ROA not before: Wed 01 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42011
IP address blocks: 185.209.116.0/22 maxlen: 22
2a0b:4540::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f0:23:c2:75:67:fb:61:3d:39:73:15:1d:67:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Validity
Not Before: Jan 1 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=324194bc573925205535e33f5482da77cb39cd71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1f:87:02:39:71:ee:bf:ad:55:46:b7:6f:d4:
59:99:83:cb:47:3c:51:d0:33:6f:48:8f:dc:23:7a:
3f:5a:f2:e2:96:da:0a:f5:d6:b9:e0:44:c3:ec:2c:
ef:45:d6:9c:2d:f8:3e:05:fb:af:1a:c8:a8:19:73:
99:26:b8:6b:9d:42:4c:39:ed:76:18:4f:8c:77:c5:
7b:c2:6f:60:63:51:15:ef:42:32:85:6b:6c:82:ae:
6c:54:c8:80:d7:21:df:4d:ac:b7:fe:1e:73:5c:c5:
b0:35:0c:17:0f:d6:ec:8a:a3:6c:12:5f:32:9c:12:
cc:59:a8:09:3a:67:5f:13:ba:4e:51:ef:1c:46:45:
ca:68:1a:c0:8c:9a:9b:65:68:06:c9:39:86:95:4a:
73:b2:5e:b4:b6:b5:63:4c:fe:a4:3d:8c:40:2e:e5:
31:42:35:a3:3a:25:dd:a9:00:b5:e1:ab:71:60:36:
da:5e:98:fb:29:a4:86:a4:25:0d:94:50:6b:fb:47:
75:f0:82:4a:88:b4:aa:74:2e:30:5b:98:f2:d2:53:
0a:f8:cf:45:e7:9e:77:51:1f:0d:c1:f1:db:1d:29:
15:34:4c:37:d0:1d:97:d3:ca:10:ad:54:0c:42:e9:
b6:8e:7b:84:aa:ad:82:3f:ca:69:9b:dd:52:be:35:
d8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:41:94:BC:57:39:25:20:55:35:E3:3F:54:82:DA:77:CB:39:CD:71
X509v3 Authority Key Identifier:
keyid:3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/MkGUvFc5JSBVNeM_VILad8s5zXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/O9lDbSE1wISJe3TGrTbaFwCnqY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.116.0/22
IPv6:
2a0b:4540::/29
Signature Algorithm: sha256WithRSAEncryption
31:2d:9e:e5:a4:f7:1c:08:f9:eb:6f:e0:3e:ce:8e:c9:08:82:
f8:9b:a7:a1:dd:f1:39:b6:c5:ab:f3:f7:84:68:e2:3d:86:3e:
b8:84:f8:78:ca:b7:11:0d:fc:a1:d0:ea:4e:5c:42:13:54:ca:
b0:6f:e3:c5:34:6b:65:c8:fd:f8:9d:64:af:2c:86:fe:83:a5:
32:4f:6a:60:fa:ef:29:b0:a8:9c:29:61:d8:69:ba:0a:da:0a:
31:6b:f8:09:78:57:6f:f0:b8:63:89:48:ca:78:ec:3d:8d:87:
3d:23:c4:aa:0e:8e:e5:10:f5:41:5d:94:be:d4:13:b6:3a:f3:
48:ac:27:bc:16:57:c9:9c:a1:c2:cc:e0:62:56:4c:fc:3f:c4:
0c:a1:0a:b5:cd:17:2a:a0:77:44:61:d4:05:27:7f:a5:ef:83:
9e:0c:b8:f6:4a:6e:7b:15:97:d8:bd:ba:dc:83:dd:b5:3f:1b:
e7:90:32:7b:fc:6e:ab:93:34:3c:d9:29:8d:1d:d8:84:ab:04:
cf:06:e7:76:c5:8a:cf:4e:37:42:f2:72:07:b2:bc:28:11:52:
1f:d5:91:37:e9:ab:ae:61:c2:b6:ca:bd:8a:56:4f:01:60:65:
03:af:46:f2:dd:db:0f:22:66:35:c7:e0:f3:2e:08:68:17:b7:
cc:78:e1:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1fAjwnVn+2E9OXMVHWcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDk0MzZkMjEzNWMwODQ4OTdiNzRjNmFkMzZkYTE3MDBh
N2E5OGQwHhcNMjUwMTAxMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQxOTRiYzU3MzkyNTIwNTUzNWUzM2Y1NDgyZGE3N2NiMzljZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwh+HAjlx7r+tVUa3b9RZmYPLRzxR
0DNvSI/cI3o/WvLiltoK9da54ETD7CzvRdacLfg+BfuvGsioGXOZJrhrnUJMOe12
GE+Md8V7wm9gY1EV70IyhWtsgq5sVMiA1yHfTay3/h5zXMWwNQwXD9bsiqNsEl8y
nBLMWagJOmdfE7pOUe8cRkXKaBrAjJqbZWgGyTmGlUpzsl60trVjTP6kPYxALuUx
QjWjOiXdqQC14atxYDbaXpj7KaSGpCUNlFBr+0d18IJKiLSqdC4wW5jy0lMK+M9F
5553UR8NwfHbHSkVNEw30B2X08oQrVQMQum2jnuEqq2CP8ppm91SvjXYuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDJBlLxXOSUgVTXjP1SC2nfLOc1xMB8GA1UdIwQY
MBaAFDvZQ20hNcCEiXt0xq022hcAp6mNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTIt
MjYzN2QxMzMzOGYxLzEvTWtHVXZGYzVKU0JWTmVNX1ZJTGFkOHM1elhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTItMjYzN2QxMzMzOGYx
LzEvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudF0MA0E
AgACMAcDBQMqC0VAMA0GCSqGSIb3DQEBCwUAA4IBAQAxLZ7lpPccCPnrb+A+zo7J
CIL4m6eh3fE5tsWr8/eEaOI9hj64hPh4yrcRDfyh0OpOXEITVMqwb+PFNGtlyP34
nWSvLIb+g6UyT2pg+u8psKicKWHYaboK2goxa/gJeFdv8LhjiUjKeOw9jYc9I8Sq
Do7lEPVBXZS+1BO2OvNIrCe8FlfJnKHCzOBiVkz8P8QMoQq1zRcqoHdEYdQFJ3+l
74OeDLj2Sm57FZfYvbrcg921PxvnkDJ7/G6rkzQ82SmNHdiEqwTPBud2xYrPTjdC
8nIHsrwoEVIf1ZE36auuYcK2yr2KVk8BYGUDr0by3dsPImY1x+DzLghoF7fMeOE2
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:00 2025 by rpki-client on console.sobornost.net