Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/MbfTWhiOzXpBK4g53Y8MfHTmFoU.roa
File: MbfTWhiOzXpBK4g53Y8MfHTmFoU.roa (raw, json)
Hash identifier: dneQ51Y/nPVig++XTfWkDRZypD9wmhWVMTNYca5VFlQ=
Subject key identifier: 31:B7:D3:5A:18:8E:CD:7A:41:2B:88:39:DD:8F:0C:7C:74:E6:16:85
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBEBB1BF85E846360E8BDE474B38FE
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/MbfTWhiOzXpBK4g53Y8MfHTmFoU.roa
Signing time: Wed 01 Jan 2025 17:48:42 +0000
ROA not before: Wed 01 Jan 2025 17:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213234
IP address blocks: 2a0c:9a40:8a00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:eb:b1:bf:85:e8:46:36:0e:8b:de:47:4b:38:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31b7d35a188ecd7a412b8839dd8f0c7c74e61685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:a6:a3:f1:a2:54:14:89:25:8e:41:5f:be:
2d:08:be:ce:bd:38:ff:08:82:32:c4:78:ef:60:d1:
f9:bf:58:6d:5b:22:71:17:ed:65:f8:69:01:ed:2b:
c1:0a:b4:3e:bd:84:1e:41:b7:af:f1:91:f0:aa:ca:
89:b8:e4:2f:d2:8a:0c:40:34:ec:91:48:bc:06:6f:
83:6a:2d:40:8a:19:39:1d:8e:c0:a2:af:cb:7d:97:
bc:d5:81:f0:f3:71:1e:ed:a1:86:06:6a:85:72:a5:
6b:fa:4c:b1:16:80:66:4e:85:44:03:22:92:dc:8d:
76:59:d7:91:2a:fc:91:49:24:ac:af:a2:a8:72:5f:
cb:af:2b:3e:20:07:9e:79:b4:ac:98:84:06:8c:19:
f3:6a:61:04:be:b0:f5:73:78:ec:3f:f1:52:8d:3a:
94:89:d8:45:1c:9e:49:50:96:50:b8:b1:9b:60:9f:
74:f2:e7:5c:34:97:6b:60:b0:86:f1:fd:df:8d:ab:
f5:ee:c4:be:22:82:07:18:f7:02:c1:c8:ca:f9:b8:
f3:11:39:a4:9b:3f:c1:de:a3:6e:d0:cc:98:6b:a6:
fc:ab:7d:d8:36:a9:7e:66:d0:3a:86:7e:71:03:ec:
0a:62:7d:27:86:5c:df:9c:59:1e:f3:c7:34:76:ce:
2f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B7:D3:5A:18:8E:CD:7A:41:2B:88:39:DD:8F:0C:7C:74:E6:16:85
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/MbfTWhiOzXpBK4g53Y8MfHTmFoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8a00::/48
Signature Algorithm: sha256WithRSAEncryption
87:25:af:88:23:80:79:39:bf:3f:03:bf:97:a5:bd:74:4d:99:
35:ae:48:45:ff:04:33:52:96:44:86:28:b4:5a:b1:85:24:19:
a1:9e:dd:0e:4b:71:13:cd:9b:49:8d:47:39:fe:23:b1:e3:a2:
25:4e:59:11:9e:5c:4b:fb:59:2d:c9:cb:7b:97:13:12:66:b9:
ef:ed:50:78:05:68:03:36:ad:87:d6:b8:00:07:21:87:c7:79:
c3:bf:61:c3:c3:d8:4b:05:77:52:a9:f1:4f:b3:e5:d8:eb:9f:
02:ab:35:b3:ec:de:ba:27:b1:7c:03:e9:9a:f3:cf:1e:d3:97:
a6:12:6c:d2:a9:89:93:74:2f:2c:23:34:03:a6:0e:11:bd:20:
60:fe:85:e3:39:f4:89:97:7a:28:24:5e:91:71:59:49:ec:27:
00:bb:aa:ee:90:0c:c3:16:ff:a1:f6:32:07:e5:c4:59:0f:32:
b0:08:f0:e7:70:04:84:f6:17:88:7e:fd:6e:39:a1:42:f9:d5:
2d:9c:43:d6:06:64:18:de:4c:28:6f:d8:f3:b0:9e:af:52:a8:
9b:d4:2e:2e:30:2a:50:c5:16:18:53:d5:2b:e3:0f:f9:2d:b0:
50:7b:46:f6:bf:de:00:19:fd:29:d2:70:b3:14:29:6d:68:51:
e0:52:d7:2e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi++uxv4XoRjYOi95HSzj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWI3ZDM1YTE4OGVjZDdhNDEyYjg4MzlkZDhmMGM3Yzc0ZTYxNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8Cmo/GiVBSJJY5BX74tCL7OvTj/
CIIyxHjvYNH5v1htWyJxF+1l+GkB7SvBCrQ+vYQeQbev8ZHwqsqJuOQv0ooMQDTs
kUi8Bm+Dai1Aihk5HY7Aoq/LfZe81YHw83Ee7aGGBmqFcqVr+kyxFoBmToVEAyKS
3I12WdeRKvyRSSSsr6Kocl/Lrys+IAeeebSsmIQGjBnzamEEvrD1c3jsP/FSjTqU
idhFHJ5JUJZQuLGbYJ908udcNJdrYLCG8f3fjav17sS+IoIHGPcCwcjK+bjzETmk
mz/B3qNu0MyYa6b8q33YNql+ZtA6hn5xA+wKYn0nhlzfnFke88c0ds4v/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDG301oYjs16QSuIOd2PDHx05haFMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvTWJmVFdoaU96WHBCSzRnNTNZOE1mSFRtRm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIoA
MA0GCSqGSIb3DQEBCwUAA4IBAQCHJa+II4B5Ob8/A7+Xpb10TZk1rkhF/wQzUpZE
hii0WrGFJBmhnt0OS3ETzZtJjUc5/iOx46IlTlkRnlxL+1ktyct7lxMSZrnv7VB4
BWgDNq2H1rgAByGHx3nDv2HDw9hLBXdSqfFPs+XY658CqzWz7N66J7F8A+ma888e
05emEmzSqYmTdC8sIzQDpg4RvSBg/oXjOfSJl3ooJF6RcVlJ7CcAu6rukAzDFv+h
9jIH5cRZDzKwCPDncASE9heIfv1uOaFC+dUtnEPWBmQY3kwob9jzsJ6vUqib1C4u
MCpQxRYYU9Ur4w/5LbBQe0b2v94AGf0p0nCzFCltaFHgUtcu
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:31:46 2025 by rpki-client