Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/mvg8rDgZKnLPExRBzRhpHgK3LbY.roa
File: mvg8rDgZKnLPExRBzRhpHgK3LbY.roa (raw, json)
Hash identifier: waFkjfC8KQlebNd+l8iGgKkWG1h34aF8mUMsYIsBDlc=
Subject key identifier: 9A:F8:3C:AC:38:19:2A:72:CF:13:14:41:CD:18:69:1E:02:B7:2D:B6
Certificate issuer: /CN=09b9d37450b62ae3f144eb42ac52ce243b628a7a
Certificate serial: 01856C01146054650DA024F8AD327CF0494A
Authority key identifier: 09:B9:D3:74:50:B6:2A:E3:F1:44:EB:42:AC:52:CE:24:3B:62:8A:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbnTdFC2KuPxROtCrFLOJDtiino.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/mvg8rDgZKnLPExRBzRhpHgK3LbY.roa
Signing time: Sun 01 Jan 2023 06:24:48 +0000
ROA not before: Sun 01 Jan 2023 06:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3280
IP address blocks: 2a0e:d480::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:14:60:54:65:0d:a0:24:f8:ad:32:7c:f0:49:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09b9d37450b62ae3f144eb42ac52ce243b628a7a
Validity
Not Before: Jan 1 06:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9af83cac38192a72cf131441cd18691e02b72db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e8:04:bc:84:fa:8b:9a:a3:5c:6b:75:ac:7d:
bd:ca:3d:0a:e4:b6:90:4f:3d:11:a9:03:70:0b:67:
98:7f:f6:40:e3:e0:d1:87:af:d4:fb:a1:2c:38:b9:
df:ad:73:24:a0:af:a0:62:85:e7:26:40:0e:1c:49:
31:a4:0b:1f:43:80:f3:7f:cc:ce:53:92:cf:65:bf:
49:92:b2:2d:3d:46:40:90:2b:cf:30:16:1b:d3:22:
bf:e5:3f:a0:31:aa:8b:6e:d3:64:fd:f3:b9:83:8a:
52:19:86:ac:82:25:b5:94:05:a6:f9:48:0f:fa:60:
a1:d7:48:8a:bf:bc:fe:4c:ff:f6:1b:34:4b:f4:25:
5e:8f:1a:80:69:0b:34:f3:9d:1a:5d:e2:0c:42:76:
9b:23:26:50:fa:47:1a:9c:8b:ea:dd:40:0b:1e:fc:
c2:f0:35:57:ae:67:13:ec:d8:e2:9f:a7:d4:cc:e7:
9b:7d:31:2d:3f:8b:03:ff:f8:cf:cf:e7:ef:d0:cf:
c2:c8:3e:f3:a1:0a:37:bb:68:e4:ea:8f:cf:86:c8:
2c:25:a0:6f:6e:02:74:c4:75:84:71:a3:74:96:3b:
75:86:a5:f5:f9:da:8e:1f:53:30:33:3b:3c:6a:9f:
76:1c:40:bb:c8:3a:b0:73:83:ab:d2:70:f9:e0:34:
35:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F8:3C:AC:38:19:2A:72:CF:13:14:41:CD:18:69:1E:02:B7:2D:B6
X509v3 Authority Key Identifier:
keyid:09:B9:D3:74:50:B6:2A:E3:F1:44:EB:42:AC:52:CE:24:3B:62:8A:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbnTdFC2KuPxROtCrFLOJDtiino.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/mvg8rDgZKnLPExRBzRhpHgK3LbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/CbnTdFC2KuPxROtCrFLOJDtiino.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:d480::/40
Signature Algorithm: sha256WithRSAEncryption
7d:e7:52:bb:43:81:f1:1c:bc:fa:10:45:ed:fa:5b:21:77:d9:
87:ba:b4:34:80:da:6d:99:fe:07:6e:57:b6:79:bf:d3:13:62:
3a:50:1c:5e:43:b8:d3:26:60:39:32:68:77:e6:f4:8b:0f:61:
6c:5a:9f:5e:22:df:04:7f:37:61:cf:2a:fe:fe:9e:ab:ed:01:
e5:5c:36:09:39:86:fa:d5:29:35:40:c0:00:ec:75:2e:e5:5b:
9b:fd:88:af:e5:6d:ab:f7:58:d5:58:50:7e:80:a4:72:56:59:
2e:27:8f:f5:c3:31:d2:38:26:50:5e:32:d8:e8:c0:76:a3:d0:
26:39:d8:3a:69:47:bf:8a:d6:d8:ac:03:f4:6f:5f:69:ce:42:
cc:e8:50:e8:c3:26:2c:b8:37:e2:1d:b7:68:19:46:01:6a:07:
66:ae:8a:4d:0f:ce:22:e3:cc:d3:bf:51:cd:5b:74:9c:ea:f3:
6a:df:90:8e:7d:be:fc:9a:5d:58:5e:fb:01:bd:4a:36:b8:8e:
f5:ff:c3:f3:a2:a1:d3:17:70:8c:5d:d0:99:60:b0:13:7f:b1:
58:a2:02:5d:dd:9c:ae:69:4d:cd:53:f2:28:29:29:9c:20:be:
ae:bc:e1:45:06:63:67:57:41:89:00:cc:f8:57:02:56:75:ec:
54:67:57:11
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsARRgVGUNoCT4rTJ88ElKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YjlkMzc0NTBiNjJhZTNmMTQ0ZWI0MmFjNTJjZTI0M2I2
MjhhN2EwHhcNMjMwMTAxMDYyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWY4M2NhYzM4MTkyYTcyY2YxMzE0NDFjZDE4NjkxZTAyYjcyZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtugEvIT6i5qjXGt1rH29yj0K5LaQ
Tz0RqQNwC2eYf/ZA4+DRh6/U+6EsOLnfrXMkoK+gYoXnJkAOHEkxpAsfQ4Dzf8zO
U5LPZb9JkrItPUZAkCvPMBYb0yK/5T+gMaqLbtNk/fO5g4pSGYasgiW1lAWm+UgP
+mCh10iKv7z+TP/2GzRL9CVejxqAaQs0850aXeIMQnabIyZQ+kcanIvq3UALHvzC
8DVXrmcT7Njin6fUzOebfTEtP4sD//jPz+fv0M/CyD7zoQo3u2jk6o/PhsgsJaBv
bgJ0xHWEcaN0ljt1hqX1+dqOH1MwMzs8ap92HEC7yDqwc4Or0nD54DQ1qwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJr4PKw4GSpyzxMUQc0YaR4Cty22MB8GA1UdIwQY
MBaAFAm503RQtirj8UTrQqxSziQ7Yop6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2JuVGRGQzJLdVB4Uk90Q3JGTE9KRHRpaW5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9lNWMwYjYtODc4OC00YmI5LWI4ODUt
M2ZiZmI5NGQ5MTAwLzEvbXZnOHJEZ1pLbkxQRXhSQnpSaHBIZ0szTGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9lNWMwYjYtODc4OC00YmI5LWI4ODUtM2ZiZmI5NGQ5MTAw
LzEvQ2JuVGRGQzJLdVB4Uk90Q3JGTE9KRHRpaW5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg7UgAAw
DQYJKoZIhvcNAQELBQADggEBAH3nUrtDgfEcvPoQRe36WyF32Ye6tDSA2m2Z/gdu
V7Z5v9MTYjpQHF5DuNMmYDkyaHfm9IsPYWxan14i3wR/N2HPKv7+nqvtAeVcNgk5
hvrVKTVAwADsdS7lW5v9iK/lbav3WNVYUH6ApHJWWS4nj/XDMdI4JlBeMtjowHaj
0CY52DppR7+K1tisA/RvX2nOQszoUOjDJiy4N+Idt2gZRgFqB2auik0PziLjzNO/
Uc1bdJzq82rfkI59vvyaXVhe+wG9Sja4jvX/w/OiodMXcIxd0JlgsBN/sViiAl3d
nK5pTc1T8igpKZwgvq684UUGY2dXQYkAzPhXAlZ17FRnVxE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:39 2025 by rpki-client