Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/cb0d26-893b-4804-b5d2-0c584926d821/1/cMGXmTRMraio0J6I7HNBr7NWueA.roa
File: cMGXmTRMraio0J6I7HNBr7NWueA.roa (raw, json)
Hash identifier: fmI2PBkGPQFw2If/jchTfAwZs8fPgvDxYocX6ZJt4ZY=
Subject key identifier: 70:C1:97:99:34:4C:AD:A8:A8:D0:9E:88:EC:73:41:AF:B3:56:B9:E0
Certificate issuer: /CN=abe5e2eb170e0c2ab861db308dbbcb2a5fd5f18d
Certificate serial: 01965D600830F30778B5D31EAA02D0E55D5B
Authority key identifier: AB:E5:E2:EB:17:0E:0C:2A:B8:61:DB:30:8D:BB:CB:2A:5F:D5:F1:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q-Xi6xcODCq4YdswjbvLKl_V8Y0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/cb0d26-893b-4804-b5d2-0c584926d821/1/cMGXmTRMraio0J6I7HNBr7NWueA.roa
Signing time: Tue 22 Apr 2025 12:01:36 +0000
ROA not before: Tue 22 Apr 2025 12:01:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35236
IP address blocks: 31.170.176.0/21 maxlen: 24
109.205.72.0/21 maxlen: 24
185.124.80.0/22 maxlen: 24
2a00:1238::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:60:08:30:f3:07:78:b5:d3:1e:aa:02:d0:e5:5d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abe5e2eb170e0c2ab861db308dbbcb2a5fd5f18d
Validity
Not Before: Apr 22 12:01:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70c19799344cada8a8d09e88ec7341afb356b9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2f:73:be:cc:04:b1:12:89:0a:6a:28:c1:2e:
f6:73:e6:43:f3:86:14:b2:89:4f:1c:58:55:0c:f4:
ea:41:67:d4:38:fa:0e:11:a2:64:1a:e5:b1:38:5a:
02:24:fd:f8:c0:86:73:ec:84:0b:c5:f1:dd:1f:02:
a2:6a:97:8a:b8:34:7f:95:b2:10:9c:1f:fe:d4:d1:
3a:58:62:75:a7:65:85:b2:ae:be:29:ab:0d:88:21:
b0:f3:b9:bc:28:83:0c:64:68:92:63:25:51:db:0d:
99:f7:aa:ea:f8:4c:8f:e1:9f:30:57:fd:73:16:c2:
89:27:90:f5:13:8b:42:35:80:1a:e9:ce:e2:77:eb:
21:27:c0:d8:da:34:7f:10:c1:b0:e2:13:af:dd:91:
d6:be:94:20:65:8a:92:d3:07:95:f3:83:ab:c7:72:
c6:89:88:67:44:a7:3a:14:b5:ff:d0:72:fe:76:d5:
0b:bc:15:d6:a5:85:c3:88:61:bd:46:05:2b:7a:3e:
05:14:e4:b1:7a:a5:b3:da:2a:03:63:4d:e9:62:39:
7e:cc:04:25:4a:aa:b9:09:74:71:72:70:6f:b0:21:
c8:4d:46:a1:5d:60:72:48:ce:82:f7:85:f3:f5:a5:
f8:1e:87:d5:2c:f7:e5:90:1b:75:3e:b2:69:2f:b9:
91:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C1:97:99:34:4C:AD:A8:A8:D0:9E:88:EC:73:41:AF:B3:56:B9:E0
X509v3 Authority Key Identifier:
keyid:AB:E5:E2:EB:17:0E:0C:2A:B8:61:DB:30:8D:BB:CB:2A:5F:D5:F1:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q-Xi6xcODCq4YdswjbvLKl_V8Y0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/cb0d26-893b-4804-b5d2-0c584926d821/1/cMGXmTRMraio0J6I7HNBr7NWueA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/cb0d26-893b-4804-b5d2-0c584926d821/1/q-Xi6xcODCq4YdswjbvLKl_V8Y0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.176.0/21
109.205.72.0/21
185.124.80.0/22
IPv6:
2a00:1238::/32
Signature Algorithm: sha256WithRSAEncryption
52:1e:36:cc:65:6e:06:d0:6c:fb:47:ce:24:9a:12:60:22:3f:
d4:1c:9c:66:c3:ee:d6:3d:e3:10:54:84:4d:a9:95:72:f6:96:
8f:ec:57:e7:4f:70:04:b6:dd:24:bc:2a:95:7d:f8:9d:0c:ff:
f6:f0:15:40:a9:fa:f1:8d:28:6b:2e:7c:33:ec:94:72:7a:4f:
47:9b:6c:42:09:73:01:6e:02:98:26:72:b2:cd:f9:bb:3c:50:
68:08:2f:c0:ee:4b:6d:4d:63:21:82:16:1b:32:00:82:74:dc:
49:d3:16:47:fc:38:a4:f6:aa:c8:9d:ec:37:5c:1e:bf:a8:81:
d6:6d:02:13:9b:79:fd:6d:f3:94:93:e8:b6:f7:ad:78:91:2b:
cb:24:a8:18:7c:ea:4c:01:69:5b:24:66:33:2c:fd:3c:78:0b:
a7:b3:07:f8:51:ac:63:70:f2:38:47:d5:4c:d2:dc:d1:05:9d:
36:37:7c:54:98:ec:e0:51:52:e5:12:61:5f:d1:98:9e:3b:90:
1a:24:46:5a:27:20:c8:00:5f:dc:dc:fc:4b:bf:1c:45:7c:10:
99:84:a2:89:e7:d2:48:32:d7:50:71:86:06:77:db:55:91:2e:
a5:bf:f7:e5:03:6c:69:e9:7d:46:e6:f8:af:bc:e1:bb:48:09:
13:4b:b1:f9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZZdYAgw8wd4tdMeqgLQ5V1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZTVlMmViMTcwZTBjMmFiODYxZGIzMDhkYmJjYjJhNWZk
NWYxOGQwHhcNMjUwNDIyMTIwMTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGMxOTc5OTM0NGNhZGE4YThkMDllODhlYzczNDFhZmIzNTZiOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2C9zvswEsRKJCmoowS72c+ZD84YU
solPHFhVDPTqQWfUOPoOEaJkGuWxOFoCJP34wIZz7IQLxfHdHwKiapeKuDR/lbIQ
nB/+1NE6WGJ1p2WFsq6+KasNiCGw87m8KIMMZGiSYyVR2w2Z96rq+EyP4Z8wV/1z
FsKJJ5D1E4tCNYAa6c7id+shJ8DY2jR/EMGw4hOv3ZHWvpQgZYqS0weV84Orx3LG
iYhnRKc6FLX/0HL+dtULvBXWpYXDiGG9RgUrej4FFOSxeqWz2ioDY03pYjl+zAQl
Sqq5CXRxcnBvsCHITUahXWBySM6C94Xz9aX4HofVLPflkBt1PrJpL7mRcQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHDBl5k0TK2oqNCeiOxzQa+zVrngMB8GA1UdIwQY
MBaAFKvl4usXDgwquGHbMI27yypf1fGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcS1YaTZ4Y09EQ3E0WWRzd2pidkxLbF9WOFkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9jYjBkMjYtODkzYi00ODA0LWI1ZDIt
MGM1ODQ5MjZkODIxLzEvY01HWG1UUk1yYWlvMEo2STdITkJyN05XdWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9jYjBkMjYtODkzYi00ODA0LWI1ZDItMGM1ODQ5MjZkODIx
LzEvcS1YaTZ4Y09EQ3E0WWRzd2pidkxLbF9WOFkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH6qwAwQD
bc1IAwQCuXxQMA0EAgACMAcDBQAqABI4MA0GCSqGSIb3DQEBCwUAA4IBAQBSHjbM
ZW4G0Gz7R84kmhJgIj/UHJxmw+7WPeMQVIRNqZVy9paP7FfnT3AEtt0kvCqVffid
DP/28BVAqfrxjShrLnwz7JRyek9Hm2xCCXMBbgKYJnKyzfm7PFBoCC/A7kttTWMh
ghYbMgCCdNxJ0xZH/Dik9qrInew3XB6/qIHWbQITm3n9bfOUk+i29614kSvLJKgY
fOpMAWlbJGYzLP08eAunswf4UaxjcPI4R9VM0tzRBZ02N3xUmOzgUVLlEmFf0Zie
O5AaJEZaJyDIAF/c3PxLvxxFfBCZhKKJ59JIMtdQcYYGd9tVkS6lv/flA2xp6X1G
5vivvOG7SAkTS7H5
-----END CERTIFICATE-----
Generated at Sun May 11 22:36:40 2025 by rpki-client