Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/MlrZXY467hcKkUIRGGimefuysqw.roa
File: MlrZXY467hcKkUIRGGimefuysqw.roa (raw, json)
Hash identifier: 8xTFNLaI9ZUN0WOAqjHb1HCh8TndFu6MdTiusUYVPKk=
Subject key identifier: 32:5A:D9:5D:8E:3A:EE:17:0A:91:42:11:18:68:A6:79:FB:B2:B2:AC
Certificate issuer: /CN=bccd52a6a7f957171b15f7be5e20916428369401
Certificate serial: 01942824DE4F63F32BFD3D6916C22D7060BD
Authority key identifier: BC:CD:52:A6:A7:F9:57:17:1B:15:F7:BE:5E:20:91:64:28:36:94:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vM1Spqf5VxcbFfe-XiCRZCg2lAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/MlrZXY467hcKkUIRGGimefuysqw.roa
Signing time: Thu 02 Jan 2025 17:51:32 +0000
ROA not before: Thu 02 Jan 2025 17:51:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6735
IP address blocks: 62.68.0.0/19 maxlen: 24
195.245.0.0/18 maxlen: 24
2a09:48c0::/29 maxlen: 29
2a0e:ed80::/29 maxlen: 29
2a0f:8040::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:de:4f:63:f3:2b:fd:3d:69:16:c2:2d:70:60:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bccd52a6a7f957171b15f7be5e20916428369401
Validity
Not Before: Jan 2 17:51:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=325ad95d8e3aee170a9142111868a679fbb2b2ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e0:d7:4a:d9:37:83:8b:4d:f7:70:22:27:de:
a2:56:66:c0:40:e5:0f:0a:aa:27:ee:96:3d:6d:29:
a7:2a:0a:66:da:ea:cd:67:57:aa:c4:9f:82:5a:3c:
07:41:9b:24:e2:48:d4:87:e5:33:45:90:1e:ec:95:
ad:b0:50:10:0a:13:b8:80:b1:04:33:9b:8a:19:b3:
17:08:b7:ac:ae:a7:b3:00:43:65:44:1e:a6:12:2e:
bd:06:e7:89:8a:0c:d2:54:fb:05:9c:a7:9b:79:e1:
c0:8b:4e:8b:fb:2d:27:35:48:87:66:1a:b6:e6:65:
f3:42:30:fc:a5:d8:34:3e:64:cc:a5:d0:eb:74:b7:
6a:70:e8:97:d3:b1:34:1e:a7:56:a0:4a:b0:aa:2b:
56:d6:33:05:75:db:77:a1:47:4a:44:ce:7c:f5:e1:
3f:e9:17:72:92:2d:21:1f:3b:c6:fc:0d:ae:f7:4b:
3f:c3:d9:91:2e:2a:eb:38:31:e8:3e:09:66:e1:f6:
4e:c9:a5:51:43:ca:e9:bf:58:ff:b8:24:15:8d:bd:
54:b4:1f:a0:26:aa:38:02:ed:7a:31:2f:be:51:5b:
a5:50:e4:17:68:46:21:1e:bc:17:e2:b0:e1:1f:9c:
eb:7f:a7:16:1e:d9:f7:d1:82:4e:b5:06:18:cb:7e:
9f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:5A:D9:5D:8E:3A:EE:17:0A:91:42:11:18:68:A6:79:FB:B2:B2:AC
X509v3 Authority Key Identifier:
keyid:BC:CD:52:A6:A7:F9:57:17:1B:15:F7:BE:5E:20:91:64:28:36:94:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vM1Spqf5VxcbFfe-XiCRZCg2lAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/MlrZXY467hcKkUIRGGimefuysqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/vM1Spqf5VxcbFfe-XiCRZCg2lAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.0.0/19
195.245.0.0/18
IPv6:
2a09:48c0::/29
2a0e:ed80::/29
2a0f:8040::/29
Signature Algorithm: sha256WithRSAEncryption
27:97:47:0d:bc:56:23:0f:ab:18:29:ce:22:4a:8a:10:55:8c:
43:76:e0:4c:fd:b2:54:4f:e9:8f:da:c5:d2:2f:d0:fb:ca:47:
d7:8c:a7:8b:23:b1:e4:02:af:50:0d:d0:89:05:3b:00:f5:87:
72:ed:b3:e9:da:32:40:c7:7f:2d:45:ea:bb:2d:93:63:9a:f0:
a8:9b:10:58:ec:d9:a9:ec:33:c5:09:36:d1:57:ea:1d:1e:5e:
a5:81:1e:55:9d:85:70:21:4d:61:17:08:54:42:44:36:be:a5:
e6:3a:de:fa:ab:2a:8b:92:b6:e3:b3:50:ab:b8:9b:c5:d0:01:
e4:30:9b:c2:df:c1:ec:33:00:e8:85:7a:0c:0b:9e:56:0b:35:
1b:95:f3:97:c3:bb:0e:4b:56:04:dc:ed:fc:b1:71:dd:cd:85:
b8:e2:40:cd:44:b1:e0:8c:c1:f2:04:44:5f:70:bb:fd:a4:a1:
05:37:3e:d1:7d:2c:0e:1f:94:1f:9c:09:bf:ab:3b:ea:8e:16:
17:80:60:b6:5f:9d:04:5a:c7:64:48:90:3a:aa:f7:95:1f:98:
88:26:66:6c:6b:a1:7a:11:13:66:94:4a:ec:9c:1e:70:01:40:
b2:03:19:61:bc:78:5f:c8:4a:23:e7:7a:11:12:2c:2f:56:ec:
52:47:0f:fc
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQoJN5PY/Mr/T1pFsItcGC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2Q1MmE2YTdmOTU3MTcxYjE1ZjdiZTVlMjA5MTY0Mjgz
Njk0MDEwHhcNMjUwMTAyMTc1MTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjVhZDk1ZDhlM2FlZTE3MGE5MTQyMTExODY4YTY3OWZiYjJiMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvODXStk3g4tN93AiJ96iVmbAQOUP
Cqon7pY9bSmnKgpm2urNZ1eqxJ+CWjwHQZsk4kjUh+UzRZAe7JWtsFAQChO4gLEE
M5uKGbMXCLesrqezAENlRB6mEi69BueJigzSVPsFnKebeeHAi06L+y0nNUiHZhq2
5mXzQjD8pdg0PmTMpdDrdLdqcOiX07E0HqdWoEqwqitW1jMFddt3oUdKRM589eE/
6Rdyki0hHzvG/A2u90s/w9mRLirrODHoPglm4fZOyaVRQ8rpv1j/uCQVjb1UtB+g
Jqo4Au16MS++UVulUOQXaEYhHrwX4rDhH5zrf6cWHtn30YJOtQYYy36flQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDJa2V2OOu4XCpFCERhopnn7srKsMB8GA1UdIwQY
MBaAFLzNUqan+VcXGxX3vl4gkWQoNpQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk0xU3BxZjVWeGNiRmZlLVhpQ1JaQ2cybEFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9lZWFiOWEtZDIwNy00YjJlLWE1MjUt
ZTgyM2UxN2JiNWNjLzEvTWxyWlhZNDY3aGNLa1VJUkdHaW1lZnV5c3F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9lZWFiOWEtZDIwNy00YjJlLWE1MjUtZTgyM2UxN2JiNWNj
LzEvdk0xU3BxZjVWeGNiRmZlLVhpQ1JaQ2cybEFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQFPkQAAwQG
w/UAMBsEAgACMBUDBQMqCUjAAwUDKg7tgAMFAyoPgEAwDQYJKoZIhvcNAQELBQAD
ggEBACeXRw28ViMPqxgpziJKihBVjEN24Ez9slRP6Y/axdIv0PvKR9eMp4sjseQC
r1AN0IkFOwD1h3Lts+naMkDHfy1F6rstk2Oa8KibEFjs2ansM8UJNtFX6h0eXqWB
HlWdhXAhTWEXCFRCRDa+peY63vqrKouStuOzUKu4m8XQAeQwm8LfwewzAOiFegwL
nlYLNRuV85fDuw5LVgTc7fyxcd3NhbjiQM1EseCMwfIERF9wu/2koQU3PtF9LA4f
lB+cCb+rO+qOFheAYLZfnQRax2RIkDqq95UfmIgmZmxroXoRE2aUSuycHnABQLID
GWG8eF/ISiPnehESLC9W7FJHD/w=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:29:56 2025 by rpki-client