Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/M9N3MaRnHMWCYC8Hk9zFSlj4D6Q.roa
File: M9N3MaRnHMWCYC8Hk9zFSlj4D6Q.roa (raw, json)
Hash identifier: e786oWDXV8d4rdmxgjxOCoMsmqrUQ795MjKuKCqYgm4=
Subject key identifier: 33:D3:77:31:A4:67:1C:C5:82:60:2F:07:93:DC:C5:4A:58:F8:0F:A4
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 019455AFCC04672B1A87300072B7082B2B41
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/M9N3MaRnHMWCYC8Hk9zFSlj4D6Q.roa
Signing time: Sat 11 Jan 2025 14:06:11 +0000
ROA not before: Sat 11 Jan 2025 14:06:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216243
IP address blocks: 2a13:a5c4::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:55:af:cc:04:67:2b:1a:87:30:00:72:b7:08:2b:2b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Jan 11 14:06:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33d37731a4671cc582602f0793dcc54a58f80fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:03:d3:36:95:94:5e:8d:14:07:19:b4:8f:5d:
79:18:1c:0d:cc:fc:f2:3e:3c:c0:4d:2e:51:3d:95:
d8:a3:0a:c5:c1:6e:5f:e2:11:17:1e:7f:df:3a:08:
e4:a2:63:24:c5:e5:6d:ea:61:7f:e6:dc:7c:8a:e2:
4a:57:7c:10:73:8a:2f:03:da:e6:d9:d9:eb:02:91:
b8:29:2a:be:d0:ae:3c:1b:a2:a9:47:f6:d4:fa:3f:
ef:8b:e8:75:31:18:47:27:c1:db:15:14:0f:28:5e:
82:38:a4:42:d4:71:8d:34:b8:83:2d:a8:a7:c1:06:
55:ef:cc:ca:21:83:dd:2a:4a:8c:7a:c2:a4:ea:eb:
63:c9:c0:a9:da:01:22:ff:d2:f1:e0:38:7b:c3:91:
7d:e3:4a:43:77:36:f9:a6:50:2b:0f:b7:ab:9b:24:
b6:63:35:5e:ff:c1:55:03:da:28:15:43:4c:9b:cb:
8b:a8:86:d3:b7:69:8b:13:af:ba:65:50:59:b0:f7:
c6:30:53:3e:86:f7:d2:ca:5d:ad:36:99:8d:bb:d3:
23:af:33:48:9a:87:21:72:ba:b8:8a:13:bd:0d:1a:
83:d1:60:62:8c:17:36:63:d8:7d:d1:f6:f5:91:97:
50:ce:a4:26:e9:32:7b:3a:ac:7e:00:c5:a8:aa:f7:
f5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D3:77:31:A4:67:1C:C5:82:60:2F:07:93:DC:C5:4A:58:F8:0F:A4
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/M9N3MaRnHMWCYC8Hk9zFSlj4D6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c4::/32
Signature Algorithm: sha256WithRSAEncryption
b1:ca:7a:b8:13:4c:c2:79:e6:1e:57:a6:b0:98:74:16:9d:b4:
c5:54:10:67:8d:72:40:1c:93:10:af:c7:96:a3:c7:fb:26:87:
3e:35:e7:08:08:49:7f:b1:5b:0f:58:61:11:5e:5e:2b:7e:4a:
e2:ef:e7:21:51:e3:1c:f0:d7:c4:a0:04:7b:3b:fd:29:26:3e:
38:a7:97:9c:13:15:b4:09:68:2b:e0:28:12:1d:ba:91:9d:60:
47:3c:3d:52:8f:9a:ca:9b:71:b4:12:85:ea:05:3f:5b:11:05:
1e:d7:3d:d7:d5:b4:83:ca:66:b5:c8:1a:b7:f8:88:6d:49:d0:
c9:fb:da:e7:53:74:98:58:8d:82:f7:46:53:9c:a9:ef:64:90:
ee:1e:d9:27:e2:6d:47:ab:4c:3e:fd:7c:77:bf:1a:cd:4f:a4:
02:a9:89:44:83:04:50:54:76:08:79:8e:88:c5:67:f0:a9:a6:
d4:22:de:f9:ca:9b:74:b8:20:eb:e0:1a:38:c2:50:9f:b7:83:
b4:1e:26:2a:bf:ea:9c:bc:aa:d2:0f:55:24:eb:96:31:52:51:
ca:dc:71:cc:bc:42:c0:0f:b0:3f:f9:13:35:75:f1:5d:ef:95:
f9:d4:f6:80:e3:47:4c:d8:5d:ad:a2:de:e2:59:da:90:2d:1f:
b1:1d:99:ed
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRVr8wEZysahzAAcrcIKytBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjUwMTExMTQwNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2QzNzczMWE0NjcxY2M1ODI2MDJmMDc5M2RjYzU0YTU4ZjgwZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAPTNpWUXo0UBxm0j115GBwNzPzy
PjzATS5RPZXYowrFwW5f4hEXHn/fOgjkomMkxeVt6mF/5tx8iuJKV3wQc4ovA9rm
2dnrApG4KSq+0K48G6KpR/bU+j/vi+h1MRhHJ8HbFRQPKF6COKRC1HGNNLiDLain
wQZV78zKIYPdKkqMesKk6utjycCp2gEi/9Lx4Dh7w5F940pDdzb5plArD7ermyS2
YzVe/8FVA9ooFUNMm8uLqIbTt2mLE6+6ZVBZsPfGMFM+hvfSyl2tNpmNu9MjrzNI
mochcrq4ihO9DRqD0WBijBc2Y9h90fb1kZdQzqQm6TJ7Oqx+AMWoqvf1EQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDPTdzGkZxzFgmAvB5PcxUpY+A+kMB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEvTTlOM01hUm5ITVdDWUM4SGs5ekZTbGo0RDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhOlxDAN
BgkqhkiG9w0BAQsFAAOCAQEAscp6uBNMwnnmHlemsJh0Fp20xVQQZ41yQByTEK/H
lqPH+yaHPjXnCAhJf7FbD1hhEV5eK35K4u/nIVHjHPDXxKAEezv9KSY+OKeXnBMV
tAloK+AoEh26kZ1gRzw9Uo+ayptxtBKF6gU/WxEFHtc919W0g8pmtcgat/iIbUnQ
yfva51N0mFiNgvdGU5yp72SQ7h7ZJ+JtR6tMPv18d78azU+kAqmJRIMEUFR2CHmO
iMVn8Kmm1CLe+cqbdLgg6+AaOMJQn7eDtB4mKr/qnLyq0g9VJOuWMVJRytxxzLxC
wA+wP/kTNXXxXe+V+dT2gONHTNhdraLe4lnakC0fsR2Z7Q==
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:19:57 2025 by rpki-client