Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/MPj1OV0jwah3lfJCGTMCeUiRXn8.roa
File: MPj1OV0jwah3lfJCGTMCeUiRXn8.roa (raw, json)
Hash identifier: 3uPwGpvq3hS0cNgKS5z33eIbj+fCg75QJwWngsAnFd0=
Subject key identifier: 30:F8:F5:39:5D:23:C1:A8:77:95:F2:42:19:33:02:79:48:91:5E:7F
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 019451CD8E1A0A798C5EF9970787E403695E
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/MPj1OV0jwah3lfJCGTMCeUiRXn8.roa
Signing time: Fri 10 Jan 2025 20:00:13 +0000
ROA not before: Fri 10 Jan 2025 20:00:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152565
IP address blocks: 2a12:bec4:1170::/44 maxlen: 46
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:51:cd:8e:1a:0a:79:8c:5e:f9:97:07:87:e4:03:69:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 10 20:00:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30f8f5395d23c1a87795f2421933027948915e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:26:5e:f0:2c:c8:30:1b:00:e5:06:c0:c1:20:
c1:64:b6:d7:98:ba:f7:7e:bc:5c:c1:5e:70:83:94:
89:97:64:49:9e:ab:bb:a8:b6:a7:85:99:2e:26:0c:
e3:3d:04:05:75:81:8a:77:c8:a5:86:f3:29:55:70:
b4:a9:56:6d:75:0a:45:36:fd:ef:0e:0a:ea:f7:06:
bc:c3:5f:b5:6d:7b:fc:ab:10:95:9a:1e:4d:3d:0e:
3f:df:16:28:25:f4:c8:84:fd:a8:27:fe:05:23:6d:
5f:2c:e2:7f:1a:43:64:4f:e5:ea:da:2f:71:0e:98:
98:9e:4c:3c:a1:27:66:10:16:38:c3:58:28:b9:be:
bb:88:29:ec:2c:b9:e9:64:2b:66:17:8b:4a:64:74:
d9:c6:1b:cc:7a:6f:b3:ae:09:2c:d2:4d:f0:d0:a6:
89:db:b1:fb:cf:eb:5c:fb:cb:bf:3d:be:1b:15:eb:
3e:0f:bd:04:55:cf:e8:fe:8f:d3:47:9b:13:f4:97:
17:ec:06:d4:41:49:87:cc:ac:66:db:63:15:52:51:
65:4d:97:da:63:e5:4d:36:9b:ea:14:02:3a:25:da:
bc:4c:45:a0:61:9f:9c:1c:d9:4f:16:fc:68:26:59:
32:92:f0:49:c0:dc:62:9f:fc:c3:14:b0:31:8c:4c:
b6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F8:F5:39:5D:23:C1:A8:77:95:F2:42:19:33:02:79:48:91:5E:7F
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/MPj1OV0jwah3lfJCGTMCeUiRXn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1170::/44
Signature Algorithm: sha256WithRSAEncryption
84:11:72:64:6a:5c:7a:4f:ae:a3:33:07:c5:0f:01:0d:04:64:
34:54:f5:98:ad:dc:ae:ed:99:55:5e:c1:91:1f:a1:ab:87:34:
1c:ba:fd:23:92:2e:cc:0d:65:59:45:b6:3e:6a:a3:0e:57:7f:
f8:bd:1d:23:f6:52:1d:52:a5:2a:f0:01:2d:3a:70:ca:95:24:
bb:36:82:29:8e:1f:4f:c4:16:6f:91:22:a9:74:bd:75:33:6d:
02:5a:cb:48:93:e4:ed:02:87:94:d2:a1:02:79:88:5f:7f:ad:
0b:cf:f6:f5:21:65:6c:09:6d:a5:78:fb:85:71:55:ed:49:e2:
e7:ad:83:dc:8c:7c:28:d1:35:ea:d1:5b:52:b0:19:f7:d7:fc:
59:ef:8f:11:12:4e:b5:8d:1f:cd:7c:c2:0d:a5:ee:49:4d:10:
8e:0c:59:c3:c9:7b:11:46:42:d3:03:bc:4f:e6:e0:51:69:bc:
af:7a:47:e4:ca:78:be:e4:8a:68:76:e2:01:e2:7c:45:19:1b:
56:ac:c1:42:66:c4:45:55:61:b9:74:57:f5:a9:76:1e:3d:7e:
09:03:d9:18:48:f6:e1:56:f2:ae:d9:76:e5:35:bb:da:a2:d9:
c5:34:78:59:e8:8b:6f:31:45:6c:55:36:11:0d:24:67:c0:c5:
b7:af:1a:30
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZRRzY4aCnmMXvmXB4fkA2leMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTEwMjAwMDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY4ZjUzOTVkMjNjMWE4Nzc5NWYyNDIxOTMzMDI3OTQ4OTE1ZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CZe8CzIMBsA5QbAwSDBZLbXmLr3
frxcwV5wg5SJl2RJnqu7qLanhZkuJgzjPQQFdYGKd8ilhvMpVXC0qVZtdQpFNv3v
Dgrq9wa8w1+1bXv8qxCVmh5NPQ4/3xYoJfTIhP2oJ/4FI21fLOJ/GkNkT+Xq2i9x
DpiYnkw8oSdmEBY4w1goub67iCnsLLnpZCtmF4tKZHTZxhvMem+zrgks0k3w0KaJ
27H7z+tc+8u/Pb4bFes+D70EVc/o/o/TR5sT9JcX7AbUQUmHzKxm22MVUlFlTZfa
Y+VNNpvqFAI6Jdq8TEWgYZ+cHNlPFvxoJlkykvBJwNxin/zDFLAxjEy26wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDD49TldI8God5XyQhkzAnlIkV5/MB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvTVBqMU9WMGp3YWgzbGZKQ0dUTUNlVWlSWG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBFw
MA0GCSqGSIb3DQEBCwUAA4IBAQCEEXJkalx6T66jMwfFDwENBGQ0VPWYrdyu7ZlV
XsGRH6GrhzQcuv0jki7MDWVZRbY+aqMOV3/4vR0j9lIdUqUq8AEtOnDKlSS7NoIp
jh9PxBZvkSKpdL11M20CWstIk+TtAoeU0qECeYhff60Lz/b1IWVsCW2lePuFcVXt
SeLnrYPcjHwo0TXq0VtSsBn31/xZ748REk61jR/NfMINpe5JTRCODFnDyXsRRkLT
A7xP5uBRabyvekfkyni+5IpoduIB4nxFGRtWrMFCZsRFVWG5dFf1qXYePX4JA9kY
SPbhVvKu2XblNbvaotnFNHhZ6ItvMUVsVTYRDSRnwMW3rxow
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:01:26 2025 by rpki-client