Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/d2fda7-3acd-40c2-ba95-3651af83c924/1/mxysG7Sb1L-tYcqruG8sgZfq5m0.roa
File: mxysG7Sb1L-tYcqruG8sgZfq5m0.roa (raw, json)
Hash identifier: IUsctDenEr+GRno6NeOM3XxrvPvlNlUnl9ZCvNEgSlk=
Subject key identifier: 9B:1C:AC:1B:B4:9B:D4:BF:AD:61:CA:AB:B8:6F:2C:81:97:EA:E6:6D
Certificate issuer: /CN=5a14ec270d7b10f30ae361c2291820dee8c8e23e
Certificate serial: 018B65EF30BFD861F5DCC223CE5EF0E0E14F
Authority key identifier: 5A:14:EC:27:0D:7B:10:F3:0A:E3:61:C2:29:18:20:DE:E8:C8:E2:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhTsJw17EPMK42HCKRgg3ujI4j4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/d2fda7-3acd-40c2-ba95-3651af83c924/1/mxysG7Sb1L-tYcqruG8sgZfq5m0.roa
Signing time: Wed 25 Oct 2023 08:24:16 +0000
ROA not before: Wed 25 Oct 2023 08:24:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47539
IP address blocks: 93.95.27.0/24 maxlen: 24
2a13:d440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:65:ef:30:bf:d8:61:f5:dc:c2:23:ce:5e:f0:e0:e1:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a14ec270d7b10f30ae361c2291820dee8c8e23e
Validity
Not Before: Oct 25 08:24:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b1cac1bb49bd4bfad61caabb86f2c8197eae66d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5a:3e:f2:b4:57:53:ed:99:9b:9e:3f:1b:19:
f4:31:00:f3:8e:90:77:b7:df:24:a7:1e:64:77:3c:
15:b7:74:f8:6a:d0:38:be:7a:36:6c:14:43:cb:32:
dd:8a:c5:20:f0:9f:e9:23:78:7f:5a:be:ef:f8:64:
19:ce:db:a6:76:96:30:ac:c0:09:08:d6:9d:83:b0:
43:23:f4:8f:ca:c7:91:98:f0:c9:df:c1:1e:8d:e6:
da:69:67:3c:09:c6:18:a4:f2:cc:33:7c:57:6d:f8:
9e:43:18:d9:75:df:8b:bd:71:ae:6c:b8:48:73:60:
1a:b1:c8:43:03:85:53:5e:98:09:23:f4:72:58:a3:
5e:4e:5d:6b:17:38:09:eb:09:7f:9d:68:84:60:40:
9d:dc:07:e7:96:73:00:64:6b:c9:4c:68:f4:77:bd:
8b:15:fd:59:2e:a8:12:23:5a:9d:13:6c:bf:a3:ce:
fe:9e:64:a9:5f:29:59:3f:64:05:4b:68:d9:93:25:
ae:18:37:01:10:89:4d:7a:42:bc:2d:b9:35:09:a5:
cb:6d:b3:13:14:a3:8f:94:83:e2:97:c8:5f:34:fd:
2f:8b:93:b8:af:8e:14:34:2e:ea:82:a4:67:68:ff:
ce:17:77:0a:c5:cd:36:fe:22:36:3c:14:a6:c5:b6:
6d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:1C:AC:1B:B4:9B:D4:BF:AD:61:CA:AB:B8:6F:2C:81:97:EA:E6:6D
X509v3 Authority Key Identifier:
keyid:5A:14:EC:27:0D:7B:10:F3:0A:E3:61:C2:29:18:20:DE:E8:C8:E2:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhTsJw17EPMK42HCKRgg3ujI4j4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/d2fda7-3acd-40c2-ba95-3651af83c924/1/mxysG7Sb1L-tYcqruG8sgZfq5m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/d2fda7-3acd-40c2-ba95-3651af83c924/1/WhTsJw17EPMK42HCKRgg3ujI4j4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.27.0/24
IPv6:
2a13:d440::/29
Signature Algorithm: sha256WithRSAEncryption
96:62:e8:e7:ae:af:33:a3:fe:e1:76:99:c4:35:e6:9b:6e:02:
61:ce:f7:3f:e2:06:b8:8f:3b:2e:25:89:bf:16:57:24:c9:b7:
4c:10:13:5d:12:6f:1b:76:cc:f8:c3:c8:4f:13:3a:ce:d1:7f:
b7:47:32:86:40:82:45:98:f7:08:3a:18:25:0a:f0:38:36:ef:
e9:e4:46:b3:05:df:a6:62:dd:5c:b4:99:c2:a6:9f:35:0c:77:
f5:e8:e9:98:b5:dc:78:2f:58:99:54:b6:a8:e8:59:c0:16:ac:
33:a0:f3:d1:be:c6:d8:0c:70:fe:8f:be:fd:7c:77:2e:dd:15:
23:78:26:75:a4:70:f8:95:e3:55:51:2b:c3:19:1b:0c:49:3e:
fc:8d:c8:4c:8a:37:07:4b:f8:39:fb:af:1d:53:44:10:38:db:
fa:7c:13:64:67:b2:d2:6c:04:34:23:2b:fa:28:05:32:9f:9c:
8b:e7:5a:f5:69:72:2a:13:8d:01:58:7a:2a:82:9c:9a:23:b3:
48:4b:6b:84:c8:a6:d3:f8:fa:cc:e9:91:23:0e:32:ad:c8:7b:
a7:6b:b3:d8:d2:28:30:3f:80:38:f2:62:0f:5d:83:4a:42:95:
07:7d:b1:f7:9c:9c:bd:0d:61:e4:ce:d5:7f:53:3a:b5:94:ed:
c1:62:83:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYtl7zC/2GH13MIjzl7w4OFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTRlYzI3MGQ3YjEwZjMwYWUzNjFjMjI5MTgyMGRlZThj
OGUyM2UwHhcNMjMxMDI1MDgyNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjFjYWMxYmI0OWJkNGJmYWQ2MWNhYWJiODZmMmM4MTk3ZWFlNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1o+8rRXU+2Zm54/Gxn0MQDzjpB3
t98kpx5kdzwVt3T4atA4vno2bBRDyzLdisUg8J/pI3h/Wr7v+GQZztumdpYwrMAJ
CNadg7BDI/SPyseRmPDJ38EejebaaWc8CcYYpPLMM3xXbfieQxjZdd+LvXGubLhI
c2AaschDA4VTXpgJI/RyWKNeTl1rFzgJ6wl/nWiEYECd3AfnlnMAZGvJTGj0d72L
Ff1ZLqgSI1qdE2y/o87+nmSpXylZP2QFS2jZkyWuGDcBEIlNekK8Lbk1CaXLbbMT
FKOPlIPil8hfNP0vi5O4r44UNC7qgqRnaP/OF3cKxc02/iI2PBSmxbZtFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJscrBu0m9S/rWHKq7hvLIGX6uZtMB8GA1UdIwQY
MBaAFFoU7CcNexDzCuNhwikYIN7oyOI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hUc0p3MTdFUE1LNDJIQ0tSZ2czdWpJNGo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9kMmZkYTctM2FjZC00MGMyLWJhOTUt
MzY1MWFmODNjOTI0LzEvbXh5c0c3U2IxTC10WWNxcnVHOHNnWmZxNW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9kMmZkYTctM2FjZC00MGMyLWJhOTUtMzY1MWFmODNjOTI0
LzEvV2hUc0p3MTdFUE1LNDJIQ0tSZ2czdWpJNGo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXV8bMA0E
AgACMAcDBQMqE9RAMA0GCSqGSIb3DQEBCwUAA4IBAQCWYujnrq8zo/7hdpnENeab
bgJhzvc/4ga4jzsuJYm/FlckybdMEBNdEm8bdsz4w8hPEzrO0X+3RzKGQIJFmPcI
OhglCvA4Nu/p5EazBd+mYt1ctJnCpp81DHf16OmYtdx4L1iZVLao6FnAFqwzoPPR
vsbYDHD+j779fHcu3RUjeCZ1pHD4leNVUSvDGRsMST78jchMijcHS/g5+68dU0QQ
ONv6fBNkZ7LSbAQ0Iyv6KAUyn5yL51r1aXIqE40BWHoqgpyaI7NIS2uEyKbT+PrM
6ZEjDjKtyHuna7PY0igwP4A48mIPXYNKQpUHfbH3nJy9DWHkztV/Uzq1lO3BYoPK
-----END CERTIFICATE-----
Generated at Thu May 1 11:19:34 2025 by rpki-client