Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/Ma-ZL87NKbXOh3PKteMYs4_0CwA.roa
File: Ma-ZL87NKbXOh3PKteMYs4_0CwA.roa (raw, json)
Hash identifier: 8ACKMnvKrVu9alfiMw6lXVKm3qwxGI4mZvc+z4si/8c=
Subject key identifier: 31:AF:99:2F:CE:CD:29:B5:CE:87:73:CA:B5:E3:18:B3:8F:F4:0B:00
Certificate issuer: /CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Certificate serial: 01942444CF500AB2782E395A609782B05A32
Authority key identifier: 36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/Ma-ZL87NKbXOh3PKteMYs4_0CwA.roa
Signing time: Wed 01 Jan 2025 23:47:56 +0000
ROA not before: Wed 01 Jan 2025 23:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207080
IP address blocks: 2a0c:2f06::/32 maxlen: 34
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:cf:50:0a:b2:78:2e:39:5a:60:97:82:b0:5a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Validity
Not Before: Jan 1 23:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31af992fcecd29b5ce8773cab5e318b38ff40b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ee:57:94:10:b6:d9:d7:86:3f:09:ae:bf:df:
bd:f0:5a:17:60:e3:b1:c3:a8:5b:67:95:28:ba:b5:
0d:cf:53:74:c0:ad:fe:37:43:44:8d:8c:86:32:a7:
93:a6:c4:e4:6d:3a:12:f6:f8:a7:cf:d9:06:51:8c:
29:9d:6c:58:20:a7:30:3f:72:06:37:5b:ca:3c:38:
b9:4a:ce:80:03:96:1f:40:e7:1b:d9:8d:26:3f:d0:
d4:bd:08:fc:ba:a9:c3:94:ca:c6:ce:1b:a7:a7:08:
65:15:de:3f:51:a5:64:93:35:7a:1a:a7:4b:01:ba:
6b:de:1c:e5:53:b1:87:84:1b:64:82:01:d4:1f:bc:
90:12:2c:b2:10:ba:0b:2c:ac:f5:66:49:cd:a9:a3:
e0:c4:99:16:ed:21:4d:86:be:35:94:44:0f:cf:5d:
f1:5d:5c:49:c6:b4:29:e1:b8:ba:b8:02:b6:2f:8e:
47:bd:a5:77:ec:94:0b:8a:d2:b6:30:be:d5:95:ee:
83:a0:a1:0e:54:de:03:b7:26:14:0c:eb:50:c4:2e:
77:9c:d8:b7:ff:bd:4c:ca:5a:94:50:56:9d:ae:e3:
62:96:f4:ef:11:fc:b2:67:0d:c0:ab:90:0f:48:f0:
ee:11:0f:d4:c5:63:81:7d:a2:3a:9f:de:94:f7:79:
0e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:AF:99:2F:CE:CD:29:B5:CE:87:73:CA:B5:E3:18:B3:8F:F4:0B:00
X509v3 Authority Key Identifier:
keyid:36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/Ma-ZL87NKbXOh3PKteMYs4_0CwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:2f06::/32
Signature Algorithm: sha256WithRSAEncryption
1b:d6:71:c4:1a:0c:1e:4e:0b:cc:a9:69:ca:f2:b1:31:59:d0:
f3:e1:96:5e:a5:d4:60:b7:07:07:ab:32:03:76:a7:cd:1c:3a:
1f:2d:6e:73:73:f1:27:4d:05:9d:3a:45:49:0e:62:42:8b:bd:
7d:59:10:c1:6e:25:89:ed:ec:71:18:c6:a8:e1:fa:b6:74:8f:
8e:0d:1a:31:7d:68:a8:94:e2:af:39:6a:16:f8:29:68:54:aa:
da:df:77:12:5b:aa:31:3f:7f:e3:d4:ea:2c:c5:1e:1a:af:3e:
bf:cc:93:df:df:b2:3f:eb:72:4b:6b:46:23:86:63:60:a9:f0:
b4:9b:8d:c9:96:81:b9:3c:d0:23:0b:bd:39:6e:44:52:b4:c9:
31:ea:fa:26:fa:5a:94:eb:6c:a0:f8:09:88:09:c4:49:4d:2c:
f8:7e:3a:4c:27:c1:c1:1a:0e:7a:93:26:9f:8a:e9:bd:0f:f4:
bc:27:89:f9:59:89:04:58:b4:5b:c7:41:ec:e1:a2:9d:54:04:
b7:42:ea:62:01:5e:b6:f5:25:a7:b2:47:7f:c1:e6:2f:07:db:
31:b8:0e:4e:d5:e6:59:50:24:28:07:54:1a:34:af:1c:7c:b6:
87:e5:5a:1b:e4:e3:83:92:b3:b3:84:9e:c0:84:8d:50:1f:0c:
98:d1:79:64
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQkRM9QCrJ4LjlaYJeCsFoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTFkMjk1MDE0NWRjZWFjMDBjMGNhNGViNTM2ZDkyODY3
YjM4ZDMwHhcNMjUwMTAxMjM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWFmOTkyZmNlY2QyOWI1Y2U4NzczY2FiNWUzMThiMzhmZjQwYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+5XlBC22deGPwmuv9+98FoXYOOx
w6hbZ5UourUNz1N0wK3+N0NEjYyGMqeTpsTkbToS9vinz9kGUYwpnWxYIKcwP3IG
N1vKPDi5Ss6AA5YfQOcb2Y0mP9DUvQj8uqnDlMrGzhunpwhlFd4/UaVkkzV6GqdL
Abpr3hzlU7GHhBtkggHUH7yQEiyyELoLLKz1ZknNqaPgxJkW7SFNhr41lEQPz13x
XVxJxrQp4bi6uAK2L45HvaV37JQLitK2ML7Vle6DoKEOVN4DtyYUDOtQxC53nNi3
/71MylqUUFadruNilvTvEfyyZw3Aq5APSPDuEQ/UxWOBfaI6n96U93kOsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDGvmS/OzSm1zodzyrXjGLOP9AsAMB8GA1UdIwQY
MBaAFDaR0pUBRdzqwAwMpOtTbZKGezjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEt
MWRlYzQwNTg0ODA2LzEvTWEtWkw4N05LYlhPaDNQS3RlTVlzNF8wQ3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2
LzEvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgwvBjAN
BgkqhkiG9w0BAQsFAAOCAQEAG9ZxxBoMHk4LzKlpyvKxMVnQ8+GWXqXUYLcHB6sy
A3anzRw6Hy1uc3PxJ00FnTpFSQ5iQou9fVkQwW4lie3scRjGqOH6tnSPjg0aMX1o
qJTirzlqFvgpaFSq2t93EluqMT9/49TqLMUeGq8+v8yT39+yP+tyS2tGI4ZjYKnw
tJuNyZaBuTzQIwu9OW5EUrTJMer6JvpalOtsoPgJiAnESU0s+H46TCfBwRoOepMm
n4rpvQ/0vCeJ+VmJBFi0W8dB7OGinVQEt0LqYgFetvUlp7JHf8HmLwfbMbgOTtXm
WVAkKAdUGjSvHHy2h+VaG+Tjg5Kzs4SewISNUB8MmNF5ZA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:49:53 2025 by rpki-client