Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/mhXII1TmoI3urvchZmrd238HnqI.roa
File: mhXII1TmoI3urvchZmrd238HnqI.roa (raw, json)
Hash identifier: ymkQlbzHXOVaEGzGKdRpU2whYkKkdIgkhGPuabVJPyU=
Subject key identifier: 9A:15:C8:23:54:E6:A0:8D:EE:AE:F7:21:66:6A:DD:DB:7F:07:9E:A2
Certificate issuer: /CN=e12f64f7f697aa9b6e9982c0b76bb7842133876a
Certificate serial: 01951EF2C9A01A454587D56152397CBAA290
Authority key identifier: E1:2F:64:F7:F6:97:AA:9B:6E:99:82:C0:B7:6B:B7:84:21:33:87:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4S9k9_aXqptumYLAt2u3hCEzh2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/mhXII1TmoI3urvchZmrd238HnqI.roa
Signing time: Wed 19 Feb 2025 16:03:02 +0000
ROA not before: Wed 19 Feb 2025 16:03:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61298
IP address blocks: 2001:67c:88::/48 maxlen: 48
2001:67c:2aa0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1e:f2:c9:a0:1a:45:45:87:d5:61:52:39:7c:ba:a2:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e12f64f7f697aa9b6e9982c0b76bb7842133876a
Validity
Not Before: Feb 19 16:03:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a15c82354e6a08deeaef721666adddb7f079ea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6b:8b:9d:8e:61:5c:32:38:8b:6e:25:22:c7:
75:16:92:fd:a9:e0:42:53:47:a5:b0:01:1e:8f:22:
d8:1e:6a:07:6c:01:aa:cb:da:0c:a1:ad:ea:e9:05:
41:93:a2:7e:fe:85:e8:70:fe:a2:0e:55:ca:83:51:
9d:de:2a:ff:a0:c3:c5:6d:de:08:de:36:0d:e2:8b:
74:68:18:e0:29:ea:cb:be:22:8f:b2:40:97:9b:62:
49:e7:10:65:c4:62:7e:05:1b:b9:f8:6f:34:8a:95:
47:0f:47:38:53:f5:77:0d:dd:75:bf:95:ef:03:8d:
7b:80:32:d5:6c:66:21:6d:94:0c:43:91:c5:a6:bd:
6b:d5:db:7d:2f:fd:7d:12:e6:01:12:54:0f:6c:00:
aa:83:1c:c5:a7:aa:d8:44:a3:72:c4:a2:7c:50:d7:
c1:6a:90:33:c8:ab:ab:d8:cf:dc:65:71:59:1c:6c:
c0:89:e8:c3:dd:6a:3e:b0:39:e2:bd:76:ae:28:b3:
0c:77:2b:ae:3a:b8:0f:6b:d9:08:06:b8:88:dc:05:
3d:58:ee:8b:b0:ac:6e:2a:9c:fe:9f:35:d4:22:dd:
76:b2:2d:9e:ca:83:ba:81:b1:fe:3b:ad:49:2c:f5:
b9:a8:49:8c:c1:0e:0a:b0:31:97:a9:d2:41:21:5b:
3d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:15:C8:23:54:E6:A0:8D:EE:AE:F7:21:66:6A:DD:DB:7F:07:9E:A2
X509v3 Authority Key Identifier:
keyid:E1:2F:64:F7:F6:97:AA:9B:6E:99:82:C0:B7:6B:B7:84:21:33:87:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4S9k9_aXqptumYLAt2u3hCEzh2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/mhXII1TmoI3urvchZmrd238HnqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/4S9k9_aXqptumYLAt2u3hCEzh2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:88::/48
2001:67c:2aa0::/48
Signature Algorithm: sha256WithRSAEncryption
73:b6:5d:2d:b4:b6:90:24:b4:ea:d8:bf:d9:85:d2:ce:64:3c:
f2:5d:e8:c9:12:b7:6b:e0:25:90:06:88:57:f8:6e:43:09:08:
55:ee:07:29:3e:3e:fa:23:2a:d4:d2:f6:84:4d:c6:87:db:d4:
0b:03:8f:a7:07:a4:da:07:8a:8a:de:e3:a9:01:66:36:cb:a0:
f3:ac:36:2b:1f:e7:a8:08:b0:2d:04:fb:f0:8a:50:a5:fc:d1:
6d:70:fe:8f:56:99:e5:a2:68:5d:6c:04:a5:3a:5a:6d:a9:4b:
0f:2c:f2:2b:a2:6c:db:ef:e8:3f:66:27:bc:74:f6:9b:36:85:
2b:c3:75:50:00:a5:29:37:71:ba:16:d3:b4:7c:79:da:7d:b4:
68:7a:76:9b:be:f5:2b:d9:a3:32:2b:eb:56:84:0f:4b:67:90:
2c:4d:14:33:22:df:4d:a2:23:67:cf:f5:04:5d:23:82:26:c8:
f4:4b:91:1d:ad:63:23:ee:62:94:dc:bb:4d:37:ac:ef:66:4d:
b8:d9:67:99:56:4f:a2:8e:86:a5:fe:c2:5a:e7:0f:8b:c0:8b:
c0:51:7b:ad:4b:66:81:e8:30:f7:9e:3d:ca:50:03:81:4b:6a:
03:12:0c:24:bf:7e:75:39:25:97:5b:eb:2c:a3:49:33:72:c9:
8f:b4:11:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUe8smgGkVFh9VhUjl8uqKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMmY2NGY3ZjY5N2FhOWI2ZTk5ODJjMGI3NmJiNzg0MjEz
Mzg3NmEwHhcNMjUwMjE5MTYwMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE1YzgyMzU0ZTZhMDhkZWVhZWY3MjE2NjZhZGRkYjdmMDc5ZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWuLnY5hXDI4i24lIsd1FpL9qeBC
U0elsAEejyLYHmoHbAGqy9oMoa3q6QVBk6J+/oXocP6iDlXKg1Gd3ir/oMPFbd4I
3jYN4ot0aBjgKerLviKPskCXm2JJ5xBlxGJ+BRu5+G80ipVHD0c4U/V3Dd11v5Xv
A417gDLVbGYhbZQMQ5HFpr1r1dt9L/19EuYBElQPbACqgxzFp6rYRKNyxKJ8UNfB
apAzyKur2M/cZXFZHGzAiejD3Wo+sDnivXauKLMMdyuuOrgPa9kIBriI3AU9WO6L
sKxuKpz+nzXUIt12si2eyoO6gbH+O61JLPW5qEmMwQ4KsDGXqdJBIVs9zwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJoVyCNU5qCN7q73IWZq3dt/B56iMB8GA1UdIwQY
MBaAFOEvZPf2l6qbbpmCwLdrt4QhM4dqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFM5azlfYVhxcHR1bVlMQXQydTNoQ0V6aDJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lN2QxYTktYWM3Ni00YTlmLWIxNzUt
NDdjMTBhNWNlNTM0LzEvbWhYSUkxVG1vSTN1cnZjaFptcmQyMzhIbnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lN2QxYTktYWM3Ni00YTlmLWIxNzUtNDdjMTBhNWNlNTM0
LzEvNFM5azlfYVhxcHR1bVlMQXQydTNoQ0V6aDJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfACI
AwcAIAEGfCqgMA0GCSqGSIb3DQEBCwUAA4IBAQBztl0ttLaQJLTq2L/ZhdLOZDzy
XejJErdr4CWQBohX+G5DCQhV7gcpPj76IyrU0vaETcaH29QLA4+nB6TaB4qK3uOp
AWY2y6DzrDYrH+eoCLAtBPvwilCl/NFtcP6PVpnlomhdbASlOlptqUsPLPIromzb
7+g/Zie8dPabNoUrw3VQAKUpN3G6FtO0fHnafbRoenabvvUr2aMyK+tWhA9LZ5As
TRQzIt9NoiNnz/UEXSOCJsj0S5EdrWMj7mKU3LtNN6zvZk242WeZVk+ijoal/sJa
5w+LwIvAUXutS2aB6DD3nj3KUAOBS2oDEgwkv351OSWXW+sso0kzcsmPtBG3
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:25:15 2025 by rpki-client