Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/mdB3D_zcc3ZMQewiv3J0UZ_sUlo.roa
File: mdB3D_zcc3ZMQewiv3J0UZ_sUlo.roa (raw, json)
Hash identifier: NsB59ITpkzoeK9pRuPozIMWrvt6Lae+60ChrUSCRg50=
Subject key identifier: 99:D0:77:0F:FC:DC:73:76:4C:41:EC:22:BF:72:74:51:9F:EC:52:5A
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 0194221F745F7356BD0D36AA3D81B0DA451A
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/mdB3D_zcc3ZMQewiv3J0UZ_sUlo.roa
Signing time: Wed 01 Jan 2025 13:47:54 +0000
ROA not before: Wed 01 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6910
IP address blocks: 2a03:9c00:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:74:5f:73:56:bd:0d:36:aa:3d:81:b0:da:45:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99d0770ffcdc73764c41ec22bf7274519fec525a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:41:04:f1:a4:f3:2f:4a:b4:4b:6e:a4:83:c4:
c0:16:c8:ef:73:3b:57:90:f1:47:3f:89:00:7d:9b:
67:63:2f:85:0d:dc:cb:46:9f:67:8f:25:35:33:ef:
20:cc:04:21:32:5a:34:a3:6a:bd:9c:ce:d4:a2:19:
e1:7a:08:e2:80:88:ec:25:f5:f2:b1:42:4b:b5:b8:
f1:5f:d9:66:b3:5e:f3:76:ea:b3:1a:70:6f:46:01:
58:bd:fc:c9:44:c0:02:ed:fd:3f:38:b5:1e:3c:38:
d8:66:d1:02:5c:cb:cf:1a:03:52:57:50:d4:71:6f:
1f:47:65:2a:e3:2f:02:e7:19:19:28:a8:97:a1:76:
70:26:4e:19:44:29:7a:c4:4d:d4:8c:8f:30:6f:0d:
95:27:fb:82:34:98:31:67:56:b0:64:9c:f8:34:88:
2c:76:de:04:5a:96:ae:90:b1:f1:04:ad:64:2e:8d:
e9:14:d3:b3:45:39:ea:7b:78:d8:32:8b:04:9a:54:
a4:61:5e:c7:fe:bc:4d:47:be:28:8c:95:6b:2c:32:
8d:95:65:fb:ff:c0:c0:54:24:b9:b9:62:8c:ff:12:
cb:00:b8:59:8c:bf:30:c2:5e:41:c1:9a:98:53:15:
e4:04:0b:d1:3f:f2:95:d3:6c:91:66:8b:5c:ea:22:
a0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D0:77:0F:FC:DC:73:76:4C:41:EC:22:BF:72:74:51:9F:EC:52:5A
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/mdB3D_zcc3ZMQewiv3J0UZ_sUlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9c00:1::/48
Signature Algorithm: sha256WithRSAEncryption
b4:a6:92:bc:5f:de:b7:7b:2b:c1:a4:e6:0e:99:a0:57:bb:84:
08:4f:d0:f0:12:5d:c4:2b:5e:5a:7b:f5:cb:60:ff:0f:4b:62:
22:a8:3b:9b:23:b7:af:0a:7f:02:72:89:82:41:d2:34:63:48:
fb:1b:48:c1:5b:20:12:04:f0:b5:8d:6d:f1:b3:e4:4f:22:ff:
e5:78:eb:16:d5:34:82:c7:e4:ff:9e:cb:95:5a:2b:05:52:52:
98:3d:fb:f9:b3:a0:e0:af:ef:e6:7e:29:ed:71:c9:4a:eb:ff:
76:00:13:d0:32:5b:25:c6:ca:af:04:65:45:f6:af:df:5a:ef:
55:da:11:b9:cf:75:c2:da:02:5e:d9:c4:a8:98:da:b1:4a:bf:
53:5f:3c:e4:08:87:03:53:d6:67:83:a8:25:a8:2c:90:a3:83:
b5:76:ba:78:9e:16:29:50:6b:2e:a4:73:73:8e:7c:90:a7:2f:
62:fc:ba:53:52:b6:0e:f2:fe:5e:4f:18:fa:1c:11:19:83:f0:
b2:19:88:68:bd:83:fe:5a:b0:70:5e:6c:3f:ca:3d:91:07:db:
b5:88:f4:a0:41:05:23:3d:75:fe:c0:8e:e2:b0:91:42:e1:9a:
a4:86:71:fd:53:1f:fc:e0:42:ca:70:13:70:e0:87:9a:db:6c:
12:54:b4:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiH3Rfc1a9DTaqPYGw2kUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjUwMTAxMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQwNzcwZmZjZGM3Mzc2NGM0MWVjMjJiZjcyNzQ1MTlmZWM1MjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkEE8aTzL0q0S26kg8TAFsjvcztX
kPFHP4kAfZtnYy+FDdzLRp9njyU1M+8gzAQhMlo0o2q9nM7UohnhegjigIjsJfXy
sUJLtbjxX9lms17zduqzGnBvRgFYvfzJRMAC7f0/OLUePDjYZtECXMvPGgNSV1DU
cW8fR2Uq4y8C5xkZKKiXoXZwJk4ZRCl6xE3UjI8wbw2VJ/uCNJgxZ1awZJz4NIgs
dt4EWpaukLHxBK1kLo3pFNOzRTnqe3jYMosEmlSkYV7H/rxNR74ojJVrLDKNlWX7
/8DAVCS5uWKM/xLLALhZjL8wwl5BwZqYUxXkBAvRP/KV02yRZotc6iKgIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJnQdw/83HN2TEHsIr9ydFGf7FJaMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvbWRCM0RfemNjM1pNUWV3aXYzSjBVWl9zVWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgOcAAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQC0ppK8X963eyvBpOYOmaBXu4QIT9DwEl3EK15a
e/XLYP8PS2IiqDubI7evCn8CcomCQdI0Y0j7G0jBWyASBPC1jW3xs+RPIv/leOsW
1TSCx+T/nsuVWisFUlKYPfv5s6Dgr+/mfintcclK6/92ABPQMlslxsqvBGVF9q/f
Wu9V2hG5z3XC2gJe2cSomNqxSr9TXzzkCIcDU9Zng6glqCyQo4O1drp4nhYpUGsu
pHNzjnyQpy9i/LpTUrYO8v5eTxj6HBEZg/CyGYhovYP+WrBwXmw/yj2RB9u1iPSg
QQUjPXX+wI7isJFC4ZqkhnH9Ux/84ELKcBNw4Iea22wSVLTn
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:27:52 2025 by rpki-client