Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/MvkXtMliSNZ4t0doOeJCt7yseKU.roa
File: MvkXtMliSNZ4t0doOeJCt7yseKU.roa (raw, json)
Hash identifier: ywUFrH7OBGZw7qJ85x9kF2rMILkLc6SVWP6XkiZTaAM=
Subject key identifier: 32:F9:17:B4:C9:62:48:D6:78:B7:47:68:39:E2:42:B7:BC:AC:78:A5
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 019427B6561E8A83B8AE3C9153CA3D65BE78
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/MvkXtMliSNZ4t0doOeJCt7yseKU.roa
Signing time: Thu 02 Jan 2025 15:50:48 +0000
ROA not before: Thu 02 Jan 2025 15:50:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398103
IP address blocks: 2a01:488:bb11::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:56:1e:8a:83:b8:ae:3c:91:53:ca:3d:65:be:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 15:50:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32f917b4c96248d678b7476839e242b7bcac78a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:25:b4:85:82:e3:e9:c5:a7:fc:12:83:f0:44:
c9:23:ce:2f:64:18:b9:49:86:11:30:82:3b:43:03:
db:0a:e2:b9:1c:a8:22:c5:f1:31:2d:35:ff:70:09:
9c:9a:19:0f:85:06:c6:91:46:9e:f8:28:92:57:78:
fd:47:6e:96:09:af:53:db:49:c1:32:8b:8c:34:99:
59:0f:cf:cb:43:01:2f:40:03:59:79:81:eb:0f:a0:
13:b6:5d:65:72:81:56:0d:bb:21:d0:92:b8:7e:a2:
60:a6:ad:df:63:68:a9:fe:4f:05:8f:36:ce:d6:dd:
af:56:d1:ef:3d:f2:7f:04:1f:a6:60:73:86:9c:e0:
d2:a3:81:6b:f2:7f:fc:f9:4c:3d:45:3c:ea:80:c1:
02:b3:94:8e:94:73:e0:9d:f8:5f:00:e7:9d:bc:32:
5d:e3:3f:45:50:ac:80:cc:01:7f:f5:7a:18:5a:e6:
4b:26:c2:0f:fb:b9:58:6d:09:cb:fb:f6:d3:4f:c9:
09:dc:e2:2b:31:e1:9d:22:63:7b:6a:a9:f8:00:57:
93:35:b2:1e:23:7e:47:dd:3f:44:d7:c9:b3:a2:16:
cc:56:c5:9b:09:67:5f:36:46:d7:5a:0a:05:81:2c:
e1:51:66:80:e0:d3:90:f9:76:1f:0d:41:89:9d:99:
55:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F9:17:B4:C9:62:48:D6:78:B7:47:68:39:E2:42:B7:BC:AC:78:A5
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/MvkXtMliSNZ4t0doOeJCt7yseKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb11::/48
Signature Algorithm: sha256WithRSAEncryption
3d:cf:ff:59:c8:16:f2:aa:99:f4:66:c0:ad:17:02:d4:b8:82:
ff:47:ec:62:2c:c1:22:17:36:5f:0e:32:ea:b6:ca:0f:13:cb:
fb:5d:cc:26:c5:c6:38:69:36:64:4d:ed:fb:09:7b:74:6d:93:
51:bb:2f:b8:86:8f:c0:ee:a7:48:cf:aa:c2:1d:ca:2c:d7:e1:
bc:7a:a7:cb:b8:1f:e7:ef:74:2e:c6:32:20:f2:10:ea:30:3b:
d1:52:68:d3:6e:68:50:1f:98:4a:52:41:80:09:9e:f5:b3:27:
02:59:6a:2d:c6:e2:12:a9:45:e0:c1:b0:8b:ee:ed:64:50:5e:
20:ae:87:06:fc:42:b9:ad:23:23:87:db:2c:50:d0:f4:3d:22:
5a:4f:fb:fe:aa:02:f4:35:93:1f:77:b0:a9:6c:61:a8:6f:23:
32:aa:e1:22:17:b7:f1:ec:8d:0b:d1:fb:b9:68:16:8e:03:9b:
59:39:8a:2f:73:af:bf:55:8d:31:80:14:1a:e4:a1:aa:a7:8f:
a3:59:29:fe:46:99:5a:27:99:de:c4:78:a3:ac:77:2f:30:f4:
1b:50:f3:65:3b:e0:0f:2b:fd:65:73:79:ad:ff:ed:12:3e:28:
e6:d8:ae:47:86:64:a3:c0:bf:bf:b1:b7:d4:e6:d4:41:ee:f8:
40:67:e2:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntlYeioO4rjyRU8o9Zb54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjUwMTAyMTU1MDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY5MTdiNGM5NjI0OGQ2NzhiNzQ3NjgzOWUyNDJiN2JjYWM3OGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yW0hYLj6cWn/BKD8ETJI84vZBi5
SYYRMII7QwPbCuK5HKgixfExLTX/cAmcmhkPhQbGkUae+CiSV3j9R26WCa9T20nB
MouMNJlZD8/LQwEvQANZeYHrD6ATtl1lcoFWDbsh0JK4fqJgpq3fY2ip/k8FjzbO
1t2vVtHvPfJ/BB+mYHOGnODSo4Fr8n/8+Uw9RTzqgMECs5SOlHPgnfhfAOedvDJd
4z9FUKyAzAF/9XoYWuZLJsIP+7lYbQnL+/bTT8kJ3OIrMeGdImN7aqn4AFeTNbIe
I35H3T9E18mzohbMVsWbCWdfNkbXWgoFgSzhUWaA4NOQ+XYfDUGJnZlVWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDL5F7TJYkjWeLdHaDniQre8rHilMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvTXZrWHRNbGlTTlo0dDBkb09lSkN0N3lzZUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsR
MA0GCSqGSIb3DQEBCwUAA4IBAQA9z/9ZyBbyqpn0ZsCtFwLUuIL/R+xiLMEiFzZf
DjLqtsoPE8v7XcwmxcY4aTZkTe37CXt0bZNRuy+4ho/A7qdIz6rCHcos1+G8eqfL
uB/n73QuxjIg8hDqMDvRUmjTbmhQH5hKUkGACZ71sycCWWotxuISqUXgwbCL7u1k
UF4grocG/EK5rSMjh9ssUND0PSJaT/v+qgL0NZMfd7CpbGGobyMyquEiF7fx7I0L
0fu5aBaOA5tZOYovc6+/VY0xgBQa5KGqp4+jWSn+RplaJ5nexHijrHcvMPQbUPNl
O+APK/1lc3mt/+0SPijm2K5HhmSjwL+/sbfU5tRB7vhAZ+La
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:05 2025 by rpki-client