Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mqxA36oMIE-M2hXjOy_hNWRs0so.roa
File: mqxA36oMIE-M2hXjOy_hNWRs0so.roa (raw, json)
Hash identifier: 6fDEymwD+zB7GOQCigNca8iF9Sg7+PSleSKSJB143HQ=
Subject key identifier: 9A:AC:40:DF:AA:0C:20:4F:8C:DA:15:E3:3B:2F:E1:35:64:6C:D2:CA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01943735C821097A7AC686F846EA57B333B1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mqxA36oMIE-M2hXjOy_hNWRs0so.roa
Signing time: Sun 05 Jan 2025 16:04:18 +0000
ROA not before: Sun 05 Jan 2025 16:04:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
2001:67c:64:ffff:0:194:3735:bda9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:37:35:c8:21:09:7a:7a:c6:86:f8:46:ea:57:b3:33:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 5 16:04:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9aac40dfaa0c204f8cda15e33b2fe135646cd2ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c1:e1:b7:a7:e3:9d:52:39:88:fc:98:38:55:
70:94:18:2d:bd:07:79:a8:10:a3:1c:91:3e:cd:0e:
be:5f:ed:c9:49:f7:fa:c2:ec:bf:2c:0b:b4:7f:9d:
64:21:51:c8:cf:f6:a8:34:a6:cc:43:fd:68:2f:5d:
66:12:dd:b3:8a:35:f0:30:b5:c5:7b:39:b3:91:1a:
1a:ff:aa:a3:a2:6d:db:2f:b2:17:1a:80:3f:80:f7:
a6:fa:7c:a8:fa:b6:15:5b:f4:4b:a8:20:ee:ec:d1:
48:c6:ed:4b:93:c3:56:3f:94:30:75:22:ac:fa:f6:
3d:81:60:34:b6:57:ff:bb:18:73:4c:89:f2:81:bb:
7a:05:cf:b2:95:4d:7d:45:0a:c2:0c:09:1f:46:b6:
e6:dd:b0:f0:8a:44:ed:23:67:df:1c:e9:22:9f:85:
d9:4a:b2:6c:96:76:ac:cf:0d:91:7f:7f:e7:b4:b0:
3f:0b:3b:dc:a2:7f:c4:ec:ab:f2:81:ba:df:41:b2:
50:2a:58:26:3a:6c:99:73:3e:6a:4b:d1:53:95:3c:
71:52:1f:9e:90:aa:0c:7b:a9:7b:11:0a:35:a6:be:
52:10:c8:ff:fb:fc:34:f1:60:ed:47:d3:78:7c:0a:
9a:9b:ce:b4:9e:50:9a:3a:b4:79:ba:b3:f0:fd:bd:
f6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:AC:40:DF:AA:0C:20:4F:8C:DA:15:E3:3B:2F:E1:35:64:6C:D2:CA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mqxA36oMIE-M2hXjOy_hNWRs0so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
2001:67c:64:ffff:0:194:3735:bda9/128
Signature Algorithm: sha256WithRSAEncryption
6f:b3:b5:91:d8:5e:cd:66:f7:f3:f2:67:8c:1a:61:e0:73:e5:
f2:ac:54:95:da:96:1c:a0:d9:fd:5a:cd:12:d1:da:26:33:58:
e6:b1:a9:90:cd:90:02:65:d7:26:34:b6:ee:d1:21:ee:1b:f6:
d1:6b:7c:61:61:7c:93:00:86:5e:64:95:f2:ce:66:9e:b5:9a:
8e:6b:7b:ef:cf:57:b7:ca:b8:ff:0e:b4:68:ed:64:3d:33:43:
69:a7:9f:31:53:ae:7e:68:7f:d1:a0:1d:eb:10:70:cc:2a:a4:
17:ee:f5:fc:f3:19:0d:72:1d:9a:eb:64:1f:5e:61:1c:91:b4:
2c:a1:57:b7:c9:45:6f:7c:02:9f:0a:bf:ee:7f:e4:0f:33:99:
d5:43:86:be:df:ea:30:96:7c:40:93:9f:70:c0:87:16:1c:8d:
d9:b9:bc:7a:d5:1a:bc:fe:54:58:ff:0d:5a:3b:3f:37:64:c2:
bb:7b:a4:7b:e6:df:b7:41:83:f4:6a:78:30:72:9e:85:7c:f6:
00:74:a7:67:40:02:0e:cb:90:cf:37:28:16:e3:07:d8:c1:0d:
b8:3a:d2:46:fd:55:66:0c:7f:e0:e0:85:e8:88:29:f6:02:b1:
5b:2f:5a:02:b4:61:d2:d3:ac:8b:d0:2a:e0:3f:c7:97:96:39:
a2:14:0d:dd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQ3NcghCXp6xob4RupXszOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA1MTYwNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWFjNDBkZmFhMGMyMDRmOGNkYTE1ZTMzYjJmZTEzNTY0NmNkMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMHht6fjnVI5iPyYOFVwlBgtvQd5
qBCjHJE+zQ6+X+3JSff6wuy/LAu0f51kIVHIz/aoNKbMQ/1oL11mEt2zijXwMLXF
ezmzkRoa/6qjom3bL7IXGoA/gPem+nyo+rYVW/RLqCDu7NFIxu1Lk8NWP5QwdSKs
+vY9gWA0tlf/uxhzTInygbt6Bc+ylU19RQrCDAkfRrbm3bDwikTtI2ffHOkin4XZ
SrJslnaszw2Rf3/ntLA/Czvcon/E7KvygbrfQbJQKlgmOmyZcz5qS9FTlTxxUh+e
kKoMe6l7EQo1pr5SEMj/+/w08WDtR9N4fAqam860nlCaOrR5urPw/b32+wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJqsQN+qDCBPjNoV4zsv4TVkbNLKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbXF4QTM2b01JRS1NMmhYak95X2hOV1JzMHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGULA1mgAMRACABBnwAZP//AAABlDc1vakwDQYJKoZIhvcNAQELBQADggEB
AG+ztZHYXs1m9/PyZ4waYeBz5fKsVJXalhyg2f1azRLR2iYzWOaxqZDNkAJl1yY0
tu7RIe4b9tFrfGFhfJMAhl5klfLOZp61mo5re+/PV7fKuP8OtGjtZD0zQ2mnnzFT
rn5of9GgHesQcMwqpBfu9fzzGQ1yHZrrZB9eYRyRtCyhV7fJRW98Ap8Kv+5/5A8z
mdVDhr7f6jCWfECTn3DAhxYcjdm5vHrVGrz+VFj/DVo7Pzdkwrt7pHvm37dBg/Rq
eDBynoV89gB0p2dAAg7LkM83KBbjB9jBDbg60kb9VWYMf+DgheiIKfYCsVsvWgK0
YdLTrIvQKuA/x5eWOaIUDd0=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:52:25 2025 by rpki-client