Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MnxoGsj9ph81QG2Xz-jHY4sn8J0.roa
File: MnxoGsj9ph81QG2Xz-jHY4sn8J0.roa (raw, json)
Hash identifier: ThvrgxyNVvf5wh6SX2eCfWvm6IauKOC/AR8Ktw04+20=
Subject key identifier: 32:7C:68:1A:C8:FD:A6:1F:35:40:6D:97:CF:E8:C7:63:8B:27:F0:9D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195B977FF6D72A36E52FF74006A1BAA0E3D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MnxoGsj9ph81QG2Xz-jHY4sn8J0.roa
Signing time: Fri 21 Mar 2025 16:10:03 +0000
ROA not before: Fri 21 Mar 2025 16:10:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 2a07:7880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b9:77:ff:6d:72:a3:6e:52:ff:74:00:6a:1b:aa:0e:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 21 16:10:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=327c681ac8fda61f35406d97cfe8c7638b27f09d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4f:74:ed:c7:31:4d:d2:b1:f8:40:22:87:3b:
e6:78:43:9b:bf:ca:68:3b:aa:b9:d2:42:27:f6:2d:
c3:c7:c9:30:8f:98:42:93:48:d6:59:3f:a7:5e:1f:
db:7c:8c:00:28:4e:fe:ab:9f:cb:8b:4a:bb:a8:d7:
2f:df:42:72:d0:c8:6e:ed:97:d6:db:85:8f:0b:a0:
0d:cc:66:db:4f:e4:4d:17:69:32:f1:c3:5e:0f:7f:
13:bf:6a:13:a7:2b:62:7a:e0:b1:ac:88:14:89:c1:
e9:69:6d:14:d1:23:15:ea:fb:6c:50:4f:41:93:8f:
5e:d5:7f:62:a5:07:fc:a9:42:8c:8c:f5:3d:84:b3:
22:a1:f9:a6:8b:84:59:96:fd:0a:c6:59:5c:a7:cf:
8c:fc:38:d7:0d:85:18:f5:6a:fe:06:05:49:64:04:
0f:36:0e:6d:20:e8:c3:6a:3f:9f:0c:af:52:9e:ac:
bd:1d:96:f3:1a:34:78:72:76:e2:28:fd:d9:f7:db:
c7:43:ca:75:20:74:03:35:51:d3:4b:e9:6f:93:66:
64:4b:c4:ea:e6:a7:d3:81:32:69:be:71:73:79:a4:
ae:1e:4e:96:92:7a:38:40:be:e1:c7:79:63:13:1c:
7a:56:01:04:99:f3:69:28:39:15:71:d1:e6:91:85:
7b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:7C:68:1A:C8:FD:A6:1F:35:40:6D:97:CF:E8:C7:63:8B:27:F0:9D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MnxoGsj9ph81QG2Xz-jHY4sn8J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:7880::/29
Signature Algorithm: sha256WithRSAEncryption
02:92:69:a6:5c:84:d2:7d:dc:23:d4:5d:92:a4:11:52:af:c0:
7f:b5:85:08:48:74:e2:10:ea:36:74:a1:ef:a4:96:1c:0c:5d:
5d:92:f5:6b:1f:07:9b:cd:e0:53:f7:65:b1:ac:b5:b1:44:94:
e1:aa:ad:13:88:d5:1b:1f:40:5c:f9:79:36:8d:71:b1:76:2b:
bb:6b:0a:65:ce:39:46:4f:fd:ed:6f:77:2a:dc:0c:35:bd:81:
06:b7:0f:0a:d1:1e:cc:30:78:9b:c5:b3:93:d2:9f:7d:0a:7d:
4c:ae:d5:63:42:55:ab:a9:96:7a:00:4c:ec:1e:9d:a0:43:29:
bb:85:d7:56:9f:55:58:a4:e1:e5:49:2f:b3:77:f7:54:46:2a:
f6:65:4a:a8:90:ca:1b:55:b6:54:d0:0c:33:5a:bf:89:5c:97:
5e:8a:84:5f:f9:52:8d:f6:98:fd:52:ac:b3:62:f7:cd:65:14:
dc:bd:8d:4f:0b:54:1d:28:a6:d7:3d:52:ca:9b:3e:f1:e8:61:
16:3e:b1:81:9d:80:65:76:8b:0d:6b:29:58:3c:a1:03:ba:d4:
4e:4f:af:58:8d:89:69:81:54:d6:de:86:a4:25:fb:f0:64:a3:
40:01:cb:3a:d5:87:83:9c:ee:5d:82:05:08:76:9d:64:f6:50:
05:55:0c:0a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZW5d/9tcqNuUv90AGobqg49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzIxMTYxMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjdjNjgxYWM4ZmRhNjFmMzU0MDZkOTdjZmU4Yzc2MzhiMjdmMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk907ccxTdKx+EAihzvmeEObv8po
O6q50kIn9i3Dx8kwj5hCk0jWWT+nXh/bfIwAKE7+q5/Li0q7qNcv30Jy0Mhu7ZfW
24WPC6ANzGbbT+RNF2ky8cNeD38Tv2oTpytieuCxrIgUicHpaW0U0SMV6vtsUE9B
k49e1X9ipQf8qUKMjPU9hLMiofmmi4RZlv0Kxllcp8+M/DjXDYUY9Wr+BgVJZAQP
Ng5tIOjDaj+fDK9Snqy9HZbzGjR4cnbiKP3Z99vHQ8p1IHQDNVHTS+lvk2ZkS8Tq
5qfTgTJpvnFzeaSuHk6Wkno4QL7hx3ljExx6VgEEmfNpKDkVcdHmkYV7HQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDJ8aBrI/aYfNUBtl8/ox2OLJ/CdMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTW54b0dzajlwaDgxUUcyWHotakhZNHNuOEowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgd4gDAN
BgkqhkiG9w0BAQsFAAOCAQEAApJpplyE0n3cI9RdkqQRUq/Af7WFCEh04hDqNnSh
76SWHAxdXZL1ax8Hm83gU/dlsay1sUSU4aqtE4jVGx9AXPl5No1xsXYru2sKZc45
Rk/97W93KtwMNb2BBrcPCtEezDB4m8Wzk9KffQp9TK7VY0JVq6mWegBM7B6doEMp
u4XXVp9VWKTh5Ukvs3f3VEYq9mVKqJDKG1W2VNAMM1q/iVyXXoqEX/lSjfaY/VKs
s2L3zWUU3L2NTwtUHSim1z1Syps+8ehhFj6xgZ2AZXaLDWspWDyhA7rUTk+vWI2J
aYFU1t6GpCX78GSjQAHLOtWHg5zuXYIFCHadZPZQBVUMCg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:05:35 2025 by rpki-client