Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/MjpFn6xXLJeliOVrxE4LRSoZJq4.roa
File: MjpFn6xXLJeliOVrxE4LRSoZJq4.roa (raw, json)
Hash identifier: o0/RIF6R3143vKZ1QZaL2SQyD+pebwGTDPi1ZlSFxIg=
Subject key identifier: 32:3A:45:9F:AC:57:2C:97:A5:88:E5:6B:C4:4E:0B:45:2A:19:26:AE
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 019450B56025DA89E04030A2D6A707A64377
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/MjpFn6xXLJeliOVrxE4LRSoZJq4.roa
Signing time: Fri 10 Jan 2025 14:54:11 +0000
ROA not before: Fri 10 Jan 2025 14:54:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213605
IP address blocks: 2a14:67c1:a020::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:50:b5:60:25:da:89:e0:40:30:a2:d6:a7:07:a6:43:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Jan 10 14:54:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=323a459fac572c97a588e56bc44e0b452a1926ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a6:e5:ea:bc:06:49:8c:bc:a1:71:87:7d:8a:
b1:c7:86:2e:06:82:f4:96:1f:3c:5a:04:c8:f6:99:
9d:f3:79:ee:1c:bd:9b:51:dd:c6:80:64:d3:31:36:
15:be:17:55:c0:49:73:07:3d:dd:75:35:5a:31:56:
5d:3f:95:c2:26:e0:28:ac:6c:1a:8c:b6:91:dc:db:
7e:f4:1b:c1:ec:a7:61:40:7e:74:dc:b4:06:f3:e7:
e6:f7:37:b0:e6:04:0b:d0:8a:a1:74:d9:27:77:44:
89:02:09:0f:b8:62:eb:28:38:a0:cd:74:f7:fe:05:
42:2d:ed:46:b5:78:b3:b1:19:a5:1a:47:df:3e:c5:
bb:62:d7:cc:00:2e:74:e6:f6:53:71:7f:4f:a6:59:
b2:77:6e:c8:b5:81:46:bd:de:d9:da:98:60:8a:4b:
43:c6:1f:ed:5c:06:3d:4c:60:14:c8:05:d3:40:be:
a5:c6:d7:27:46:ed:97:d0:94:19:95:1a:eb:41:86:
14:3e:35:45:a4:b2:a9:89:35:82:d2:9b:8c:fd:82:
04:be:c5:9c:26:d7:df:81:a9:d2:f7:b7:cc:d2:06:
f8:74:ac:14:fa:11:de:ca:e0:a5:ae:07:9f:4f:1a:
94:3c:92:f5:94:6c:64:eb:b3:77:1b:e3:8b:21:51:
f7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:3A:45:9F:AC:57:2C:97:A5:88:E5:6B:C4:4E:0B:45:2A:19:26:AE
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/MjpFn6xXLJeliOVrxE4LRSoZJq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:a020::/44
Signature Algorithm: sha256WithRSAEncryption
72:cb:02:ad:68:c1:20:3b:9b:bb:c7:4a:1a:01:d3:85:a4:1a:
c4:98:07:b4:d9:85:cd:9e:f8:86:b0:ba:15:9c:2f:2c:30:f2:
ea:89:85:66:83:59:8c:ff:73:c3:46:6d:e0:f7:a6:2d:d0:09:
7b:b7:c5:d4:d1:99:00:4f:12:cb:16:e2:89:80:c0:ba:41:95:
0c:a4:95:60:0d:77:9a:74:38:34:65:7f:08:9a:31:83:34:b5:
31:cc:7c:15:b6:d6:4d:ec:c2:99:8c:1d:43:38:d3:f6:f2:03:
5d:9a:2e:b2:60:ac:81:1e:8a:ee:9f:c3:6b:53:b9:9e:a4:5c:
10:32:e9:3e:c6:b3:d6:a3:a3:7b:7d:c2:6e:99:86:0e:78:95:
92:77:67:41:f8:3c:a5:48:0c:b3:f3:69:15:67:0f:04:6a:80:
a0:63:a3:ef:d7:c6:54:ba:f5:3d:80:be:fa:e1:bc:48:33:66:
77:bd:12:6c:ae:65:77:fc:b1:ae:0d:2f:7b:58:1e:89:a7:10:
3c:41:06:71:f6:ce:47:d2:34:01:94:ab:a8:96:07:fe:87:f7:
d4:e0:43:0a:2e:c9:80:f6:71:8f:80:7c:23:58:24:f4:bd:3f:
a6:05:0a:26:8d:d4:f5:00:d8:8e:8b:c2:85:df:47:fe:73:41:
8f:c1:c6:fa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZRQtWAl2ongQDCi1qcHpkN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUwMTEwMTQ1NDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjNhNDU5ZmFjNTcyYzk3YTU4OGU1NmJjNDRlMGI0NTJhMTkyNmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0abl6rwGSYy8oXGHfYqxx4YuBoL0
lh88WgTI9pmd83nuHL2bUd3GgGTTMTYVvhdVwElzBz3ddTVaMVZdP5XCJuAorGwa
jLaR3Nt+9BvB7KdhQH503LQG8+fm9zew5gQL0IqhdNknd0SJAgkPuGLrKDigzXT3
/gVCLe1GtXizsRmlGkffPsW7YtfMAC505vZTcX9Pplmyd27ItYFGvd7Z2phgiktD
xh/tXAY9TGAUyAXTQL6lxtcnRu2X0JQZlRrrQYYUPjVFpLKpiTWC0puM/YIEvsWc
JtffganS97fM0gb4dKwU+hHeyuClrgefTxqUPJL1lGxk67N3G+OLIVH3ZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDI6RZ+sVyyXpYjla8ROC0UqGSauMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvTWpwRm42eFhMSmVsaU9WcnhFNExSU29aSnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhRnwaAg
MA0GCSqGSIb3DQEBCwUAA4IBAQByywKtaMEgO5u7x0oaAdOFpBrEmAe02YXNnviG
sLoVnC8sMPLqiYVmg1mM/3PDRm3g96Yt0Al7t8XU0ZkATxLLFuKJgMC6QZUMpJVg
DXeadDg0ZX8ImjGDNLUxzHwVttZN7MKZjB1DONP28gNdmi6yYKyBHorun8NrU7me
pFwQMuk+xrPWo6N7fcJumYYOeJWSd2dB+DylSAyz82kVZw8EaoCgY6Pv18ZUuvU9
gL764bxIM2Z3vRJsrmV3/LGuDS97WB6JpxA8QQZx9s5H0jQBlKuolgf+h/fU4EMK
LsmA9nGPgHwjWCT0vT+mBQomjdT1ANiOi8KF30f+c0GPwcb6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:57 2025 by rpki-client