Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/MJg7tjZ2YS5zYW2u8iw1g2oqMU0.roa
File: MJg7tjZ2YS5zYW2u8iw1g2oqMU0.roa (raw, json)
Hash identifier: X+QXFsSzhee86ausU4aiKnbqtRl/bpo3u3VYz3YOas0=
Subject key identifier: 30:98:3B:B6:36:76:61:2E:73:61:6D:AE:F2:2C:35:83:6A:2A:31:4D
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 01941F8C23F05FF5C7F969989196B20FC673
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/MJg7tjZ2YS5zYW2u8iw1g2oqMU0.roa
Signing time: Wed 01 Jan 2025 01:47:45 +0000
ROA not before: Wed 01 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58044
IP address blocks: 2a10:d182::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:23:f0:5f:f5:c7:f9:69:98:91:96:b2:0f:c6:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30983bb63676612e73616daef22c35836a2a314d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7b:f2:2d:f3:29:fd:8d:81:92:c5:50:99:86:
72:24:c4:4c:2a:4a:26:5b:c7:56:06:07:8d:5a:80:
19:de:01:90:e0:ca:70:4a:cf:33:3a:82:67:58:87:
17:e1:6f:e6:83:16:84:82:65:48:5e:2e:f5:2c:ce:
f4:27:fa:99:11:5a:e1:ee:58:33:ec:c5:d4:5b:cd:
93:98:6a:55:34:3d:01:13:f9:52:07:69:a6:4f:7e:
97:87:ad:99:bc:7d:77:77:c3:99:b0:e8:36:93:0a:
3a:32:c7:a5:e0:ca:d5:e1:ab:61:1a:6e:6d:4e:be:
75:9f:a8:4b:c2:8f:07:27:a4:59:c4:64:bd:ab:1a:
0a:39:7c:b9:2c:bd:bb:8f:7e:38:f7:2a:34:b3:81:
5a:ee:02:a2:2b:5c:68:6f:86:e7:4b:c8:6e:a4:bc:
e9:64:03:b5:2c:c3:dc:3f:f9:5f:94:b7:e3:2d:3b:
b3:7c:87:77:af:0a:52:a9:4f:0f:c2:96:6a:a8:26:
ed:38:08:33:a8:04:27:6e:9d:3b:7c:f3:a1:b6:79:
d6:8c:5a:78:fe:d1:f6:29:15:ea:0e:31:1b:9a:86:
55:be:be:a7:0b:20:d5:9b:1b:0b:87:e1:40:1a:9c:
47:6a:e2:52:9a:9d:f8:b4:21:2e:91:b1:21:b7:bc:
03:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:98:3B:B6:36:76:61:2E:73:61:6D:AE:F2:2C:35:83:6A:2A:31:4D
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/MJg7tjZ2YS5zYW2u8iw1g2oqMU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:d182::/32
Signature Algorithm: sha256WithRSAEncryption
58:02:bb:3e:dc:78:a7:62:51:ce:18:bb:e4:ec:b0:67:94:f2:
82:be:bf:aa:ce:0d:49:80:98:61:69:69:8e:cc:b3:7a:0b:5e:
1d:2a:16:c4:04:6d:f9:da:f2:19:4b:87:ce:51:d7:dc:e3:17:
24:59:31:67:1a:53:c3:7d:4c:55:55:86:ce:8a:0f:65:55:00:
72:81:53:bb:ed:a1:15:49:78:d3:b0:5d:be:56:dc:ff:25:98:
b2:61:ad:3d:23:45:59:68:5e:9f:8c:60:8d:88:31:e0:67:7b:
28:cd:94:4d:1e:9e:8d:5a:6d:10:c5:6a:d0:33:04:b3:51:17:
c1:0a:3a:49:6f:71:c0:bf:41:58:19:95:50:ec:ac:b3:dd:66:
b5:14:2e:0a:eb:32:64:da:d2:64:52:53:98:17:49:cf:cd:bf:
f2:3e:c1:a9:57:41:51:75:cd:e1:9b:e3:84:35:04:13:23:e4:
3f:8f:8a:93:e4:d3:a9:88:30:2d:61:7a:bb:13:62:18:45:ac:
fa:a3:f3:89:4e:0c:83:16:f5:59:aa:7c:c0:8f:e7:d7:ce:46:
52:15:2a:f2:7e:1b:2b:66:8a:69:21:0c:8f:bc:c8:10:25:c7:
b4:45:35:14:c0:10:b0:e4:56:e1:78:f5:67:0d:95:64:8b:4f:
9f:17:ae:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQfjCPwX/XH+WmYkZayD8ZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjUwMTAxMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDk4M2JiNjM2NzY2MTJlNzM2MTZkYWVmMjJjMzU4MzZhMmEzMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXvyLfMp/Y2BksVQmYZyJMRMKkom
W8dWBgeNWoAZ3gGQ4MpwSs8zOoJnWIcX4W/mgxaEgmVIXi71LM70J/qZEVrh7lgz
7MXUW82TmGpVND0BE/lSB2mmT36Xh62ZvH13d8OZsOg2kwo6Msel4MrV4athGm5t
Tr51n6hLwo8HJ6RZxGS9qxoKOXy5LL27j3449yo0s4Fa7gKiK1xob4bnS8hupLzp
ZAO1LMPcP/lflLfjLTuzfId3rwpSqU8PwpZqqCbtOAgzqAQnbp07fPOhtnnWjFp4
/tH2KRXqDjEbmoZVvr6nCyDVmxsLh+FAGpxHauJSmp34tCEukbEht7wDPQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDCYO7Y2dmEuc2FtrvIsNYNqKjFNMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvTUpnN3RqWjJZUzV6WVcydThpdzFnMm9xTVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhDRgjAN
BgkqhkiG9w0BAQsFAAOCAQEAWAK7Ptx4p2JRzhi75OywZ5Tygr6/qs4NSYCYYWlp
jsyzegteHSoWxARt+dryGUuHzlHX3OMXJFkxZxpTw31MVVWGzooPZVUAcoFTu+2h
FUl407Bdvlbc/yWYsmGtPSNFWWhen4xgjYgx4Gd7KM2UTR6ejVptEMVq0DMEs1EX
wQo6SW9xwL9BWBmVUOyss91mtRQuCusyZNrSZFJTmBdJz82/8j7BqVdBUXXN4Zvj
hDUEEyPkP4+Kk+TTqYgwLWF6uxNiGEWs+qPziU4Mgxb1Wap8wI/n185GUhUq8n4b
K2aKaSEMj7zIECXHtEU1FMAQsORW4Xj1Zw2VZItPnxeu7g==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:03:15 2025 by rpki-client