Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/MrSOOhfdgSDu8DQamecQZPxYswE.roa
File: MrSOOhfdgSDu8DQamecQZPxYswE.roa (raw, json)
Hash identifier: mfmpNUSQT/f2SOWnIgX00XuCSJAj/TdvBXwWPhwJxA4=
Subject key identifier: 32:B4:8E:3A:17:DD:81:20:EE:F0:34:1A:99:E7:10:64:FC:58:B3:01
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 019427B56497432D3E03C5247BDC40620386
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/MrSOOhfdgSDu8DQamecQZPxYswE.roa
Signing time: Thu 02 Jan 2025 15:49:46 +0000
ROA not before: Thu 02 Jan 2025 15:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214986
IP address blocks: 2a10:4646:150::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:64:97:43:2d:3e:03:c5:24:7b:dc:40:62:03:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Jan 2 15:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32b48e3a17dd8120eef0341a99e71064fc58b301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bc:70:2b:74:23:ea:17:26:5e:80:2e:bd:68:
c5:2f:a6:e6:65:42:da:c7:d7:8f:95:57:74:cf:3c:
c8:ca:0c:a6:28:a9:b3:38:48:bf:0f:10:fb:2b:31:
67:fc:a9:a8:a7:95:6c:82:9d:e7:85:21:0b:3b:18:
60:70:32:9c:3d:ba:c0:06:9c:59:a4:47:5c:8e:08:
64:b6:dc:e1:bf:4c:e5:e3:43:9a:b8:37:6b:f1:ac:
01:3a:c4:1d:67:9a:b7:e7:48:a6:b0:78:d1:22:7b:
33:d7:fc:d4:d7:61:b6:ab:ef:9a:69:cb:52:f1:07:
31:1e:6f:eb:69:74:da:4a:cb:c4:5b:9e:b8:06:9d:
0c:58:3e:3a:8b:ed:6e:86:2c:7f:c5:4c:74:24:ba:
28:91:d4:56:07:c7:31:96:94:86:83:de:6a:55:59:
df:35:da:d6:6c:36:d5:93:e2:14:7e:e4:08:f4:14:
0a:3e:09:5a:f1:24:e4:42:a3:0b:6a:7e:9a:1c:eb:
0d:41:f4:89:d9:ea:1b:44:4c:44:25:ef:a7:cf:33:
ef:70:28:3b:e2:c4:14:d8:05:63:14:e2:9e:84:9a:
c5:12:d2:f0:e1:3e:a5:ce:1c:49:19:17:65:82:7e:
14:3d:f3:44:21:39:f3:be:de:9f:57:d3:2d:a5:d7:
42:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B4:8E:3A:17:DD:81:20:EE:F0:34:1A:99:E7:10:64:FC:58:B3:01
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/MrSOOhfdgSDu8DQamecQZPxYswE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:150::/44
Signature Algorithm: sha256WithRSAEncryption
77:c5:09:3e:dc:9a:4c:15:b8:a2:ee:07:62:62:53:32:47:e6:
7a:7a:8b:7f:45:1f:8e:a4:3a:d4:a0:76:cf:b6:74:20:10:1c:
f3:d9:61:7d:48:83:4e:25:fe:18:62:91:33:c3:91:3b:94:00:
86:6e:2d:6e:f9:d1:0d:9e:fd:a4:63:6c:3b:f7:bc:fa:dd:0c:
02:2a:ba:77:f9:10:3b:02:7c:97:46:50:68:dc:a9:5e:82:6f:
0e:58:e5:e9:99:a1:38:dc:94:cb:b6:da:82:36:e9:04:87:20:
41:2c:e8:16:4d:42:69:ae:03:9b:b1:38:03:0e:52:1e:ba:1f:
e0:ae:89:6d:b9:a3:9f:74:9f:c7:d2:8b:a9:67:fb:f1:90:17:
b0:3f:7c:63:54:d2:ad:34:16:d3:dc:b1:de:dd:64:92:3a:18:
17:1d:c2:f9:8f:9e:20:73:b0:17:b6:1f:9d:f1:fe:d1:58:4e:
7b:a5:b5:43:54:c5:bc:72:68:d6:12:c1:f4:19:f6:80:3c:33:
46:12:6c:32:0b:ff:45:1b:b2:98:5b:c4:49:9c:da:d7:ed:6a:
40:e5:e3:78:76:cc:26:e1:70:77:f6:a9:e0:10:64:a8:10:9e:
a9:21:40:b1:dc:78:34:41:2f:73:d4:b0:a3:1c:83:ed:30:08:
62:ce:4b:1a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntWSXQy0+A8Uke9xAYgOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjUwMTAyMTU0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmI0OGUzYTE3ZGQ4MTIwZWVmMDM0MWE5OWU3MTA2NGZjNThiMzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLxwK3Qj6hcmXoAuvWjFL6bmZULa
x9ePlVd0zzzIygymKKmzOEi/DxD7KzFn/Kmop5Vsgp3nhSELOxhgcDKcPbrABpxZ
pEdcjghkttzhv0zl40OauDdr8awBOsQdZ5q350imsHjRInsz1/zU12G2q++aactS
8QcxHm/raXTaSsvEW564Bp0MWD46i+1uhix/xUx0JLookdRWB8cxlpSGg95qVVnf
NdrWbDbVk+IUfuQI9BQKPgla8STkQqMLan6aHOsNQfSJ2eobRExEJe+nzzPvcCg7
4sQU2AVjFOKehJrFEtLw4T6lzhxJGRdlgn4UPfNEITnzvt6fV9MtpddCkQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDK0jjoX3YEg7vA0GpnnEGT8WLMBMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvTXJTT09oZmRnU0R1OERRYW1lY1FaUHhZc3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB3xQk+3JpMFbii7gdiYlMyR+Z6eot/RR+OpDrU
oHbPtnQgEBzz2WF9SINOJf4YYpEzw5E7lACGbi1u+dENnv2kY2w797z63QwCKrp3
+RA7AnyXRlBo3Klegm8OWOXpmaE43JTLttqCNukEhyBBLOgWTUJprgObsTgDDlIe
uh/groltuaOfdJ/H0oupZ/vxkBewP3xjVNKtNBbT3LHe3WSSOhgXHcL5j54gc7AX
th+d8f7RWE57pbVDVMW8cmjWEsH0GfaAPDNGEmwyC/9FG7KYW8RJnNrX7WpA5eN4
dswm4XB39qngEGSoEJ6pIUCx3Hg0QS9z1LCjHIPtMAhizksa
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:06:15 2025 by rpki-client