Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/MEXnZVQOJxVAHt5ASI67MyQ6IyQ.roa
File: MEXnZVQOJxVAHt5ASI67MyQ6IyQ.roa (raw, json)
Hash identifier: vokzKPVAsIZlEMe2WD0vZr6RHulhyHO9IZoylOUFrSo=
Subject key identifier: 30:45:E7:65:54:0E:27:15:40:1E:DE:40:48:8E:BB:33:24:3A:23:24
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 019513C21A57A0186B5375C8CF459436A8A6
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/MEXnZVQOJxVAHt5ASI67MyQ6IyQ.roa
Signing time: Mon 17 Feb 2025 11:54:02 +0000
ROA not before: Mon 17 Feb 2025 11:54:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a09:3702::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:c2:1a:57:a0:18:6b:53:75:c8:cf:45:94:36:a8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Feb 17 11:54:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3045e765540e2715401ede40488ebb33243a2324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:0c:53:c3:a5:ba:6f:ed:17:69:ed:f5:e1:74:
68:f2:f2:6a:3b:94:d5:61:71:2c:8f:a7:d7:ef:c9:
7b:7e:0d:a0:bf:9c:22:34:e4:d7:cd:de:87:f8:8f:
6a:d0:ed:25:f9:f4:89:56:09:af:6d:9a:d6:5e:bf:
23:67:6e:a5:35:dd:12:20:56:c6:8f:76:73:6f:1d:
a0:94:72:2a:6f:99:b8:de:3a:70:e0:df:b5:fa:47:
97:c2:e9:85:eb:1d:f6:b1:aa:36:8b:d0:06:24:44:
5f:0e:85:3e:58:90:db:f4:b5:bd:29:e1:d4:c8:57:
26:b1:24:a0:e1:59:c3:4c:ef:0f:dd:5a:96:a3:ad:
0a:f3:e4:21:08:f9:34:47:52:95:bb:6c:13:6a:29:
f6:f0:41:6d:99:a3:ef:5e:95:be:84:1f:a9:97:8a:
66:60:ce:38:22:26:1b:07:4b:46:51:67:da:e8:f8:
3a:1d:e4:5f:26:0d:0d:03:00:22:a1:ce:ac:8d:be:
61:76:d1:0f:32:c8:f2:b4:b8:05:9e:6c:60:06:fc:
fd:45:f5:03:7f:94:2d:b4:39:63:f2:f9:20:e5:af:
c7:57:71:5c:98:68:17:a7:6b:86:ae:83:a2:4a:f1:
ef:eb:5f:a8:d5:70:49:ed:bb:a8:ea:62:52:77:39:
7b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:45:E7:65:54:0E:27:15:40:1E:DE:40:48:8E:BB:33:24:3A:23:24
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/MEXnZVQOJxVAHt5ASI67MyQ6IyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3702::/32
Signature Algorithm: sha256WithRSAEncryption
3b:1d:8d:3b:d2:3c:40:aa:76:71:92:99:45:85:e8:32:53:7e:
70:b1:07:f0:3b:d4:18:fa:24:bc:46:49:30:ee:c7:c0:b5:e6:
c8:5e:02:bb:99:f8:ca:54:6f:e8:b4:07:c0:d4:b3:53:91:2f:
f1:df:e0:95:93:2c:a4:bb:c7:7d:ea:e0:84:88:ba:66:5e:ee:
f0:bd:11:1f:8d:3f:0b:78:d7:69:d6:9e:30:fc:3e:3d:6a:9e:
dd:d3:9a:da:44:6d:c7:b6:d5:a5:dd:87:7a:bc:8c:61:6c:d0:
f7:fb:8f:89:b9:98:92:72:3e:dc:55:17:53:16:91:7a:fc:1d:
6f:1c:bc:6a:fe:48:1a:98:cc:5e:e5:9a:f0:80:7d:e4:7b:7d:
31:4c:c1:bf:36:8c:69:2f:f0:3c:a7:2b:ac:ed:d5:1f:9a:9b:
c9:8c:ad:ba:fd:e4:4e:fa:cd:4c:4b:47:32:a8:22:5f:67:46:
e5:8e:28:d9:91:bb:c5:f6:d4:67:47:a9:73:ba:5c:36:56:b6:
01:e8:6d:d1:42:31:f8:54:37:2b:ec:fa:8d:c6:7c:0a:02:21:
0c:3b:d9:ac:15:16:c7:a6:df:a6:ef:a5:9c:26:c2:e3:b8:fe:
cf:21:77:8a:bb:17:37:c2:e5:85:37:e8:de:84:30:b0:b8:6f:
b4:fc:15:21
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUTwhpXoBhrU3XIz0WUNqimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjUwMjE3MTE1NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDQ1ZTc2NTU0MGUyNzE1NDAxZWRlNDA0ODhlYmIzMzI0M2EyMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9gxTw6W6b+0Xae314XRo8vJqO5TV
YXEsj6fX78l7fg2gv5wiNOTXzd6H+I9q0O0l+fSJVgmvbZrWXr8jZ26lNd0SIFbG
j3Zzbx2glHIqb5m43jpw4N+1+keXwumF6x32sao2i9AGJERfDoU+WJDb9LW9KeHU
yFcmsSSg4VnDTO8P3VqWo60K8+QhCPk0R1KVu2wTain28EFtmaPvXpW+hB+pl4pm
YM44IiYbB0tGUWfa6Pg6HeRfJg0NAwAioc6sjb5hdtEPMsjytLgFnmxgBvz9RfUD
f5QttDlj8vkg5a/HV3FcmGgXp2uGroOiSvHv61+o1XBJ7buo6mJSdzl7kQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDBF52VUDicVQB7eQEiOuzMkOiMkMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvTUVYblpWUU9KeFZBSHQ1QVNJNjdNeVE2SXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgk3AjAN
BgkqhkiG9w0BAQsFAAOCAQEAOx2NO9I8QKp2cZKZRYXoMlN+cLEH8DvUGPokvEZJ
MO7HwLXmyF4Cu5n4ylRv6LQHwNSzU5Ev8d/glZMspLvHferghIi6Zl7u8L0RH40/
C3jXadaeMPw+PWqe3dOa2kRtx7bVpd2HeryMYWzQ9/uPibmYknI+3FUXUxaRevwd
bxy8av5IGpjMXuWa8IB95Ht9MUzBvzaMaS/wPKcrrO3VH5qbyYytuv3kTvrNTEtH
MqgiX2dG5Y4o2ZG7xfbUZ0epc7pcNla2Aeht0UIx+FQ3K+z6jcZ8CgIhDDvZrBUW
x6bfpu+lnCbC47j+zyF3irsXN8LlhTfo3oQwsLhvtPwVIQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:27:10 2025 by rpki-client