Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MPXgSnPg0YtdzMQJHvbXtkv-KZ4.roa
File: MPXgSnPg0YtdzMQJHvbXtkv-KZ4.roa (raw, json)
Hash identifier: WX9V4jr/nTvI0x+BGe9boLQhRB596UvwpRcUg+7uRsA=
Subject key identifier: 30:F5:E0:4A:73:E0:D1:8B:5D:CC:C4:09:1E:F6:D7:B6:4B:FE:29:9E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019573112BC00F5044DDDE9CF5334E084B3E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MPXgSnPg0YtdzMQJHvbXtkv-KZ4.roa
Signing time: Sat 08 Mar 2025 00:04:19 +0000
ROA not before: Sat 08 Mar 2025 00:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:7311:2504/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:73:11:2b:c0:0f:50:44:dd:de:9c:f5:33:4e:08:4b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 8 00:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30f5e04a73e0d18b5dccc4091ef6d7b64bfe299e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0a:3c:05:5d:53:d1:80:21:6b:f0:cd:73:54:
ed:d6:7d:d9:84:d0:7b:8c:32:2b:c7:e8:85:62:47:
33:0b:ec:3d:07:b8:8e:88:29:50:81:67:16:38:48:
e5:fe:76:84:29:83:ad:a6:6a:39:51:14:12:29:69:
46:1f:bc:c1:8a:04:fd:7d:60:09:66:66:4b:b2:c6:
63:9b:fd:ad:f6:ac:c0:29:57:49:d6:c8:85:a9:4c:
cf:a2:3d:19:28:27:dc:d1:35:45:21:da:6e:fd:dd:
14:ea:a5:4a:bb:8b:9f:1c:ca:4e:1a:c1:f1:ea:c8:
dc:e1:fa:cf:66:54:97:9b:45:42:45:d2:52:40:e9:
cf:ba:bb:8a:cd:94:b8:18:39:40:d2:5e:21:d0:f7:
b1:16:4c:5d:a9:5b:25:7a:ee:99:bb:e2:5d:ec:15:
86:d4:22:ea:eb:56:12:72:79:a9:d8:0e:d8:07:d0:
92:53:e0:f4:f6:9b:5e:f3:5a:8c:50:40:bd:50:61:
6b:b9:f9:0e:96:b0:18:c1:f7:5b:51:76:d1:dd:d1:
0c:a4:04:a0:68:02:fb:96:13:02:69:2a:c0:ac:48:
12:2b:6c:1f:ee:de:ee:70:f4:4d:00:0c:65:2d:5e:
16:11:d7:fe:e5:f3:c4:a8:99:28:5c:00:9b:c3:3c:
cc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F5:E0:4A:73:E0:D1:8B:5D:CC:C4:09:1E:F6:D7:B6:4B:FE:29:9E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MPXgSnPg0YtdzMQJHvbXtkv-KZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:7311:2504/128
Signature Algorithm: sha256WithRSAEncryption
64:6b:0e:37:f0:15:0a:a1:21:38:fe:50:70:37:5c:b4:02:8c:
47:9d:07:dd:87:df:22:db:bc:bf:61:5c:cb:00:76:c3:75:82:
49:37:ca:bd:c6:db:79:4e:32:b1:a7:b5:82:bf:00:ef:c6:b7:
e5:5e:2f:d9:51:74:e3:5e:43:a4:d6:7f:4f:e7:c2:c6:0e:1f:
ce:40:b5:4e:55:d6:eb:32:a0:53:6e:13:ea:99:de:c9:0b:e5:
87:f1:cf:8b:fe:7a:03:76:21:38:27:86:8c:de:63:da:c5:ea:
29:28:fd:52:2e:f2:b5:2f:96:d6:b0:8f:2a:f3:f0:fc:ba:9d:
ec:fa:e2:7a:a8:b5:97:83:f2:90:4a:4c:a4:91:94:03:0e:69:
b1:20:3a:75:56:0a:28:6e:5e:0d:88:61:6e:07:fe:db:97:87:
33:6c:73:da:f8:93:02:42:6c:5a:1f:54:eb:be:0f:e6:0c:d4:
cc:b4:6f:1e:58:02:05:cd:db:62:49:37:cb:b4:a6:5f:0f:64:
8c:2d:d6:9b:01:bf:c1:8c:be:08:94:25:c9:31:80:83:0d:e5:
d9:1c:32:48:8c:18:b4:41:df:af:45:4f:6a:9c:08:cc:36:17:
b4:f4:2f:95:c0:7a:5c:f9:50:cb:26:0f:65:23:b5:d7:a6:64:
3b:35:d3:b1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZVzESvAD1BE3d6c9TNOCEs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzA4MDAwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY1ZTA0YTczZTBkMThiNWRjY2M0MDkxZWY2ZDdiNjRiZmUyOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQo8BV1T0YAha/DNc1Tt1n3ZhNB7
jDIrx+iFYkczC+w9B7iOiClQgWcWOEjl/naEKYOtpmo5URQSKWlGH7zBigT9fWAJ
ZmZLssZjm/2t9qzAKVdJ1siFqUzPoj0ZKCfc0TVFIdpu/d0U6qVKu4ufHMpOGsHx
6sjc4frPZlSXm0VCRdJSQOnPuruKzZS4GDlA0l4h0PexFkxdqVsleu6Zu+Jd7BWG
1CLq61YScnmp2A7YB9CSU+D09pte81qMUEC9UGFrufkOlrAYwfdbUXbR3dEMpASg
aAL7lhMCaSrArEgSK2wf7t7ucPRNAAxlLV4WEdf+5fPEqJkoXACbwzzMRwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDD14Epz4NGLXczECR7217ZL/imeMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTVBYZ1NuUGcwWXRkek1RSkh2Ylh0a3YtS1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVcxElBDANBgkqhkiG9w0BAQsFAAOCAQEAZGsON/AVCqEhOP5QcDdctAKM
R50H3YffItu8v2FcywB2w3WCSTfKvcbbeU4ysae1gr8A78a35V4v2VF0415DpNZ/
T+fCxg4fzkC1TlXW6zKgU24T6pneyQvlh/HPi/56A3YhOCeGjN5j2sXqKSj9Ui7y
tS+W1rCPKvPw/Lqd7Prieqi1l4PykEpMpJGUAw5psSA6dVYKKG5eDYhhbgf+25eH
M2xz2viTAkJsWh9U674P5gzUzLRvHlgCBc3bYkk3y7SmXw9kjC3WmwG/wYy+CJQl
yTGAgw3l2RwySIwYtEHfr0VPapwIzDYXtPQvlcB6XPlQyyYPZSO116ZkOzXTsQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:08:55 2025 by rpki-client