Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/Mk3OCH61bD3mOm8DSaSiAzwW7fk.roa
File: Mk3OCH61bD3mOm8DSaSiAzwW7fk.roa (raw, json)
Hash identifier: oxlH7V9EjPMbmvgDLqeKQJs9KOwBY0gM7ZfOAxvET+w=
Subject key identifier: 32:4D:CE:08:7E:B5:6C:3D:E6:3A:6F:03:49:A4:A2:03:3C:16:ED:F9
Certificate issuer: /CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Certificate serial: 0194221FD983006B844C1FEC1C2F3E027DA9
Authority key identifier: BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/Mk3OCH61bD3mOm8DSaSiAzwW7fk.roa
Signing time: Wed 01 Jan 2025 13:48:20 +0000
ROA not before: Wed 01 Jan 2025 13:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 141.138.225.0/24 maxlen: 24
2a00:10e8:101::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d9:83:00:6b:84:4c:1f:ec:1c:2f:3e:02:7d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Validity
Not Before: Jan 1 13:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=324dce087eb56c3de63a6f0349a4a2033c16edf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e8:de:ff:71:dd:a4:42:3a:a0:c3:7d:2e:c9:
55:25:fb:0c:05:fa:06:5d:c5:ac:78:d1:d4:12:3b:
c2:15:55:cc:63:2d:96:70:27:54:4f:cd:11:dd:af:
65:60:92:57:82:32:8c:11:86:86:3f:33:57:af:44:
75:3e:08:3d:ce:56:4b:a5:91:de:68:df:ba:2b:e0:
e0:8b:02:f3:15:70:a6:83:3b:67:9c:f5:27:36:82:
9b:dc:f6:00:27:4f:f4:b9:bb:2e:f9:95:75:64:cc:
05:1e:2b:f2:fb:55:2a:2e:07:68:61:ec:6d:47:c8:
05:7b:ed:d5:29:09:ae:ad:9e:0d:e4:cc:94:61:87:
f7:34:dc:50:09:eb:5e:89:53:7d:0a:22:6a:83:97:
18:4f:a2:a6:ed:a2:9b:0f:80:26:48:1b:be:c5:c5:
b6:ed:14:16:b4:7e:e5:9b:01:90:cf:10:9f:70:2b:
a7:00:1b:63:61:eb:c6:d0:f3:60:90:c2:4f:74:6b:
c9:18:d1:fb:88:5a:e8:2c:c1:e2:8b:ab:31:bb:5d:
91:32:20:0c:81:6f:d9:62:5b:46:80:57:c1:48:19:
54:5e:6b:49:e2:7d:b4:34:b0:07:3a:00:22:b0:62:
e0:e7:4c:c9:41:1d:19:6f:14:6c:16:67:f8:f0:62:
fd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4D:CE:08:7E:B5:6C:3D:E6:3A:6F:03:49:A4:A2:03:3C:16:ED:F9
X509v3 Authority Key Identifier:
keyid:BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/Mk3OCH61bD3mOm8DSaSiAzwW7fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.225.0/24
IPv6:
2a00:10e8:101::/48
Signature Algorithm: sha256WithRSAEncryption
04:4f:af:f6:cc:55:98:b0:76:2c:fb:6d:ce:3e:32:88:ce:f8:
6a:07:0e:71:d4:23:91:ba:57:a7:cf:56:0a:4f:44:94:7d:76:
09:1b:54:b8:ea:36:60:f8:54:a1:0f:a9:09:dc:5d:0f:e5:0d:
9c:27:09:97:8e:ab:be:06:04:45:7e:07:f5:f2:12:8b:8f:1e:
ad:18:93:48:67:51:13:6f:32:19:f2:f8:90:fc:6f:f5:3b:f7:
a1:ba:a3:ab:a4:19:cd:0d:b8:51:b4:cb:dc:e0:4b:ec:d8:86:
c1:1d:8a:88:65:1b:82:04:69:63:57:22:57:5c:e9:1e:80:35:
0d:92:5d:ac:65:ed:7f:e8:f3:86:1c:cc:f8:79:e9:f9:18:cb:
72:6f:7c:9e:be:6a:dc:fb:04:18:4d:7d:1b:90:5d:1e:36:e1:
b0:6d:13:8e:54:1b:02:c5:22:5d:84:c3:50:60:28:80:8d:7f:
1b:ed:40:78:0e:c9:c6:15:46:96:b5:84:1e:ea:19:ee:e4:8e:
54:0d:27:de:07:0a:02:4f:b9:72:24:7a:0f:2d:c3:76:11:f1:
8f:d2:3a:a6:90:2c:7f:ea:41:52:58:d6:a7:dc:d3:b9:f3:1d:
0c:bb:2f:47:ed:d8:20:46:37:db:8b:b9:70:9e:ff:fd:92:9d:
10:0d:5e:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQiH9mDAGuETB/sHC8+An2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTk2ZDAyYTgyMmY0NjI1M2MyYWVlNjgwNDQxZDVhYzI3
YzNkZjUwHhcNMjUwMTAxMTM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRkY2UwODdlYjU2YzNkZTYzYTZmMDM0OWE0YTIwMzNjMTZlZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uje/3HdpEI6oMN9LslVJfsMBfoG
XcWseNHUEjvCFVXMYy2WcCdUT80R3a9lYJJXgjKMEYaGPzNXr0R1Pgg9zlZLpZHe
aN+6K+DgiwLzFXCmgztnnPUnNoKb3PYAJ0/0ubsu+ZV1ZMwFHivy+1UqLgdoYext
R8gFe+3VKQmurZ4N5MyUYYf3NNxQCeteiVN9CiJqg5cYT6Km7aKbD4AmSBu+xcW2
7RQWtH7lmwGQzxCfcCunABtjYevG0PNgkMJPdGvJGNH7iFroLMHii6sxu12RMiAM
gW/ZYltGgFfBSBlUXmtJ4n20NLAHOgAisGLg50zJQR0ZbxRsFmf48GL9CQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDJNzgh+tWw95jpvA0mkogM8Fu35MB8GA1UdIwQY
MBaAFL2pbQKoIvRiU8Ku5oBEHVrCfD31MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzIt
Y2Y4M2Q2ZTQwNTU4LzEvTWszT0NINjFiRDNtT204RFNhU2lBendXN2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzItY2Y4M2Q2ZTQwNTU4
LzEvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAjYrhMA8E
AgACMAkDBwAqABDoAQEwDQYJKoZIhvcNAQELBQADggEBAARPr/bMVZiwdiz7bc4+
MojO+GoHDnHUI5G6V6fPVgpPRJR9dgkbVLjqNmD4VKEPqQncXQ/lDZwnCZeOq74G
BEV+B/XyEouPHq0Yk0hnURNvMhny+JD8b/U796G6o6ukGc0NuFG0y9zgS+zYhsEd
iohlG4IEaWNXIldc6R6ANQ2SXaxl7X/o84YczPh56fkYy3JvfJ6+atz7BBhNfRuQ
XR424bBtE45UGwLFIl2Ew1BgKICNfxvtQHgOycYVRpa1hB7qGe7kjlQNJ94HCgJP
uXIkeg8tw3YR8Y/SOqaQLH/qQVJY1qfc07nzHQy7L0ft2CBGN9uLuXCe//2SnRAN
XqQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:03:24 2025 by rpki-client