Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Mx7rNwHVP82YKC300AuUq1lxEHE.roa
File: Mx7rNwHVP82YKC300AuUq1lxEHE.roa (raw, json)
Hash identifier: YKcccHI+4kjg+3quk94ix6jo57RUfBI8f28mIlTeyjs=
Subject key identifier: 33:1E:EB:37:01:D5:3F:CD:98:28:2D:F4:D0:0B:94:AB:59:71:10:71
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 0194222049C2538EDB9052F917191A7F26F4
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Mx7rNwHVP82YKC300AuUq1lxEHE.roa
Signing time: Wed 01 Jan 2025 13:48:48 +0000
ROA not before: Wed 01 Jan 2025 13:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213033
IP address blocks: 2a0e:8f02:20e0::/44 maxlen: 48
2a0e:8f02:f003::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:49:c2:53:8e:db:90:52:f9:17:19:1a:7f:26:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=331eeb3701d53fcd98282df4d00b94ab59711071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:26:3a:53:f1:82:3d:a2:2a:15:f8:2e:dd:4d:
67:64:3c:f0:8e:a2:07:0b:2c:cb:eb:3b:b2:1f:49:
ac:4b:68:c1:0c:cb:bf:af:06:9f:f9:ae:10:ee:eb:
0f:a5:51:b0:48:11:de:5b:8e:80:2c:25:a9:38:40:
81:86:c1:fb:e2:bb:e9:4c:48:df:dc:c4:16:76:5c:
49:d1:d8:a4:9a:73:55:5c:af:2f:52:77:c2:ac:74:
84:7a:25:b8:aa:80:97:25:af:0e:bb:5a:9e:44:a4:
ef:75:34:ad:75:6f:88:40:6c:79:43:90:95:af:f8:
b2:3a:f2:f7:ea:10:b4:2d:cd:29:a0:ef:99:1e:8d:
07:0b:01:3d:4f:10:92:97:0d:52:70:5b:22:1b:bc:
76:bd:d0:83:77:d2:e6:cc:63:fe:75:6a:0f:76:06:
82:86:2a:e3:42:1c:19:d6:db:dd:52:ba:b5:76:7b:
61:89:03:5b:92:50:94:ed:5a:9d:e9:13:ba:a0:b5:
bc:98:15:ba:e8:c8:20:55:71:3e:bc:bc:6a:36:c5:
f9:32:de:74:0e:a4:dd:5a:83:56:68:44:a2:3f:cb:
63:03:68:f0:57:9e:eb:0b:bd:13:bd:66:00:27:98:
42:24:97:c8:2c:db:7a:a6:c3:9f:ad:05:95:00:cb:
c9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:1E:EB:37:01:D5:3F:CD:98:28:2D:F4:D0:0B:94:AB:59:71:10:71
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Mx7rNwHVP82YKC300AuUq1lxEHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:20e0::/44
2a0e:8f02:f003::/48
Signature Algorithm: sha256WithRSAEncryption
4e:39:5f:c9:bc:36:62:97:93:9c:91:d9:8e:56:70:a1:f9:cd:
ea:3c:d4:1b:4e:10:ac:6a:c9:4c:fe:bf:2b:d5:66:84:f0:44:
da:38:a1:2f:6c:e2:ae:c2:9c:c1:9d:d0:20:0d:ae:f9:9c:dc:
11:59:32:26:f6:17:d7:a5:2e:ba:c0:9f:66:9a:49:9a:a5:8a:
e2:d2:ee:71:ff:9a:71:f3:74:2f:f1:37:13:78:d4:fb:77:9d:
98:c8:ea:08:10:85:47:0b:db:05:73:c0:2d:94:b0:74:f5:a5:
78:5f:dc:41:ba:11:4b:ae:e9:7b:80:29:d2:61:ca:b3:15:f2:
3d:3d:4e:05:ef:e1:37:8e:45:e3:d2:a9:d0:00:3a:e4:24:a5:
03:eb:6e:a0:70:4c:f2:56:53:06:3c:05:d4:ba:e8:0d:81:3e:
4f:82:55:56:16:c8:6f:ce:da:8e:75:7c:85:53:62:21:2d:7e:
6b:9b:67:30:cc:bc:ad:71:ae:0a:0d:a7:76:cb:63:06:85:e2:
4a:68:e0:66:4e:b9:19:87:f4:e5:4a:2f:d7:cc:63:a0:9b:68:
53:1f:97:47:f5:84:ca:1e:f2:a9:91:fc:0a:a7:76:68:e1:e6:
0a:16:34:c1:e2:a7:02:fa:9c:9e:00:a8:12:af:29:f2:a3:d5:
8a:43:91:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiIEnCU47bkFL5Fxkafyb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzFlZWIzNzAxZDUzZmNkOTgyODJkZjRkMDBiOTRhYjU5NzExMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSY6U/GCPaIqFfgu3U1nZDzwjqIH
CyzL6zuyH0msS2jBDMu/rwaf+a4Q7usPpVGwSBHeW46ALCWpOECBhsH74rvpTEjf
3MQWdlxJ0dikmnNVXK8vUnfCrHSEeiW4qoCXJa8Ou1qeRKTvdTStdW+IQGx5Q5CV
r/iyOvL36hC0Lc0poO+ZHo0HCwE9TxCSlw1ScFsiG7x2vdCDd9LmzGP+dWoPdgaC
hirjQhwZ1tvdUrq1dnthiQNbklCU7Vqd6RO6oLW8mBW66MggVXE+vLxqNsX5Mt50
DqTdWoNWaESiP8tjA2jwV57rC70TvWYAJ5hCJJfILNt6psOfrQWVAMvJXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDMe6zcB1T/NmCgt9NALlKtZcRBxMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvTXg3ck53SFZQODJZS0MzMDBBdVVxMWx4RUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6PAiDg
AwcAKg6PAvADMA0GCSqGSIb3DQEBCwUAA4IBAQBOOV/JvDZil5OckdmOVnCh+c3q
PNQbThCsaslM/r8r1WaE8ETaOKEvbOKuwpzBndAgDa75nNwRWTIm9hfXpS66wJ9m
mkmapYri0u5x/5px83Qv8TcTeNT7d52YyOoIEIVHC9sFc8AtlLB09aV4X9xBuhFL
rul7gCnSYcqzFfI9PU4F7+E3jkXj0qnQADrkJKUD626gcEzyVlMGPAXUuugNgT5P
glVWFshvztqOdXyFU2IhLX5rm2cwzLytca4KDad2y2MGheJKaOBmTrkZh/TlSi/X
zGOgm2hTH5dH9YTKHvKpkfwKp3Zo4eYKFjTB4qcC+pyeAKgSrynyo9WKQ5Eo
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:08:17 2025 by rpki-client