Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/MG2v0I-hBnivpYlX7pbs7wvhCmg.roa
File: MG2v0I-hBnivpYlX7pbs7wvhCmg.roa (raw, json)
Hash identifier: BHAEwb9gw89QyTRBOuHLZFxhv1Fpr7fmPRZVoJ4HUh0=
Subject key identifier: 30:6D:AF:D0:8F:A1:06:78:AF:A5:89:57:EE:96:EC:EF:0B:E1:0A:68
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 019422202B0BB7B4C2AF1465D09F02D56D99
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/MG2v0I-hBnivpYlX7pbs7wvhCmg.roa
Signing time: Wed 01 Jan 2025 13:48:40 +0000
ROA not before: Wed 01 Jan 2025 13:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200224
IP address blocks: 2a0e:8f02:f053::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:2b:0b:b7:b4:c2:af:14:65:d0:9f:02:d5:6d:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=306dafd08fa10678afa58957ee96ecef0be10a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1b:72:81:c3:49:6a:76:a5:af:34:d4:0c:ae:
60:7d:39:f7:05:05:06:3c:7f:ee:75:14:8c:ff:0d:
99:b1:da:e7:89:da:d2:f0:fd:f8:d4:e6:cc:80:97:
46:15:37:60:3b:26:d1:be:79:2d:6d:52:8d:05:a6:
15:5e:55:45:ec:f4:3d:70:62:41:c1:54:9e:28:58:
b1:53:3c:d4:ed:57:ff:b2:17:f5:9d:6e:e2:be:60:
36:e4:4e:82:16:9f:50:ca:e1:6a:dd:41:71:fd:84:
f1:f8:ec:f5:7a:d9:a1:db:20:31:91:aa:13:55:de:
09:2e:2c:ac:57:d4:4d:94:c3:42:03:1a:7c:bd:ba:
bc:50:ae:3c:d0:78:e5:b2:41:b3:45:ae:82:03:f3:
74:7d:b4:8c:a8:d3:1b:83:ec:c8:ba:53:c7:c4:32:
66:b5:10:6a:29:30:fa:82:4d:11:74:14:0f:b0:ff:
bf:3c:d3:d4:7c:1f:82:2e:dc:3b:3a:7b:47:58:9f:
4f:b0:cf:0b:f8:bd:04:e8:87:23:b8:27:ad:e7:99:
af:fb:18:39:ec:4d:48:ee:80:ac:b7:5d:56:fb:b6:
5f:21:32:2d:a9:92:7b:6d:c7:a2:df:46:bb:86:e7:
03:01:20:ee:7b:1b:38:01:98:4b:f2:24:86:72:25:
ab:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6D:AF:D0:8F:A1:06:78:AF:A5:89:57:EE:96:EC:EF:0B:E1:0A:68
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/MG2v0I-hBnivpYlX7pbs7wvhCmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f053::/48
Signature Algorithm: sha256WithRSAEncryption
5c:98:0b:0e:2b:00:51:60:79:40:a4:3e:89:a4:92:42:9f:1d:
81:3c:40:ee:4d:81:5b:11:bb:f5:e4:2a:23:73:8b:57:ce:19:
fa:fd:a3:c8:bb:34:2f:92:d8:31:52:4b:76:b8:19:d4:e2:f5:
d0:31:00:9c:98:6b:1d:d5:5a:72:2c:2e:1f:0b:f1:ca:b9:a0:
76:da:38:19:9e:67:c1:3d:22:22:c9:62:82:ac:ad:9a:8c:8b:
bb:3b:0d:dd:15:8d:ab:a8:99:24:5f:d3:7b:39:50:5c:91:8e:
76:3f:d6:52:31:e9:5a:db:a1:a4:7f:b6:9f:87:a4:6e:db:35:
71:b2:2e:ba:f1:5d:89:e6:45:f2:0e:9f:92:47:24:8d:82:2e:
7b:e2:a7:0d:48:50:bb:e9:ea:1f:13:5b:d3:d2:0c:5c:8d:95:
5c:2c:eb:ef:2e:2f:a0:38:81:5d:26:5c:1c:b8:97:9d:e9:c5:
bf:22:7d:43:d7:bf:db:f0:67:c7:73:35:23:7e:22:73:0d:cb:
06:2b:ee:c9:b1:12:52:a6:28:06:5b:32:5c:6f:9e:9e:39:36:
6c:3c:d5:98:9e:50:77:da:34:4c:52:4f:83:f5:42:06:94:39:
48:4c:2f:f5:64:e1:b2:32:1b:78:41:9b:ab:33:5e:71:57:98:
17:98:dc:f7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiICsLt7TCrxRl0J8C1W2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDZkYWZkMDhmYTEwNjc4YWZhNTg5NTdlZTk2ZWNlZjBiZTEwYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhtygcNJanalrzTUDK5gfTn3BQUG
PH/udRSM/w2ZsdrnidrS8P341ObMgJdGFTdgOybRvnktbVKNBaYVXlVF7PQ9cGJB
wVSeKFixUzzU7Vf/shf1nW7ivmA25E6CFp9QyuFq3UFx/YTx+Oz1etmh2yAxkaoT
Vd4JLiysV9RNlMNCAxp8vbq8UK480HjlskGzRa6CA/N0fbSMqNMbg+zIulPHxDJm
tRBqKTD6gk0RdBQPsP+/PNPUfB+CLtw7OntHWJ9PsM8L+L0E6IcjuCet55mv+xg5
7E1I7oCst11W+7ZfITItqZJ7bcei30a7hucDASDuexs4AZhL8iSGciWrSQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDBtr9CPoQZ4r6WJV+6W7O8L4QpoMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvTUcydjBJLWhCbml2cFlsWDdwYnM3d3ZoQ21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBT
MA0GCSqGSIb3DQEBCwUAA4IBAQBcmAsOKwBRYHlApD6JpJJCnx2BPEDuTYFbEbv1
5Cojc4tXzhn6/aPIuzQvktgxUkt2uBnU4vXQMQCcmGsd1VpyLC4fC/HKuaB22jgZ
nmfBPSIiyWKCrK2ajIu7Ow3dFY2rqJkkX9N7OVBckY52P9ZSMela26Gkf7afh6Ru
2zVxsi668V2J5kXyDp+SRySNgi574qcNSFC76eofE1vT0gxcjZVcLOvvLi+gOIFd
JlwcuJed6cW/In1D17/b8GfHczUjfiJzDcsGK+7JsRJSpigGWzJcb56eOTZsPNWY
nlB32jRMUk+D9UIGlDlITC/1ZOGyMht4QZurM15xV5gXmNz3
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:18:40 2025 by rpki-client