Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/MxxFm3hbkft-1GhFxMXh9AZwp90.roa
File: MxxFm3hbkft-1GhFxMXh9AZwp90.roa (raw, json)
Hash identifier: fxNqfARzwgS/GJj9ernsfnRvkF4mbJU9bpJBLq+JUCE=
Subject key identifier: 33:1C:45:9B:78:5B:91:FB:7E:D4:68:45:C4:C5:E1:F4:06:70:A7:DD
Certificate issuer: /CN=f6af433974df373b70abd76b13e1c70c775f554b
Certificate serial: 019423D7235EA3AEAEF60D1B1F1BAF9A29E1
Authority key identifier: F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/MxxFm3hbkft-1GhFxMXh9AZwp90.roa
Signing time: Wed 01 Jan 2025 21:48:09 +0000
ROA not before: Wed 01 Jan 2025 21:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215653
IP address blocks: 2a12:3e80:700::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:23:5e:a3:ae:ae:f6:0d:1b:1f:1b:af:9a:29:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6af433974df373b70abd76b13e1c70c775f554b
Validity
Not Before: Jan 1 21:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=331c459b785b91fb7ed46845c4c5e1f40670a7dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:40:ba:74:7d:55:fd:eb:35:67:3e:c3:97:bd:
42:60:5a:5e:1a:72:dc:c8:1e:8e:a4:64:f5:1d:90:
05:72:2b:ba:80:d6:d9:25:3e:03:20:e0:ab:fa:5c:
a6:99:2f:39:a5:df:c3:0c:57:45:d4:73:56:fb:a5:
09:8a:ba:fb:52:0a:8b:0c:cf:f5:41:63:58:3c:c1:
26:6e:e5:2b:43:1a:e7:66:0d:8e:ed:14:16:5b:e7:
61:2f:dd:a4:b4:9f:da:fc:f8:27:db:b2:9c:2f:3a:
de:1c:11:9c:9d:4d:66:e1:1d:91:62:69:34:7b:4f:
b5:cc:6f:8c:dd:8a:89:e8:c6:8c:2e:2c:fa:66:00:
c6:61:17:99:4d:96:68:a0:bd:74:94:03:f5:ef:57:
df:0a:99:af:bf:a5:39:a8:78:8b:79:c6:3b:31:ec:
a1:96:2b:49:b4:89:00:bc:24:a6:62:c3:03:5b:19:
9f:8d:56:18:09:2e:5e:59:cd:b0:5d:be:80:30:3f:
75:93:41:6a:c1:2c:55:ff:f1:bb:38:0f:f3:b5:50:
a3:31:83:3b:cc:34:1a:05:a7:6a:6c:37:f0:38:4c:
66:c4:a0:0d:aa:78:cd:cd:ae:54:f4:1b:56:55:63:
fb:64:c2:1a:79:b0:65:32:d3:83:55:5a:44:68:91:
a4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:1C:45:9B:78:5B:91:FB:7E:D4:68:45:C4:C5:E1:F4:06:70:A7:DD
X509v3 Authority Key Identifier:
keyid:F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/MxxFm3hbkft-1GhFxMXh9AZwp90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/9q9DOXTfNztwq9drE-HHDHdfVUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3e80:700::/40
Signature Algorithm: sha256WithRSAEncryption
76:c9:7b:ea:d9:47:da:3d:ed:e7:1b:51:df:ea:77:6e:34:6f:
32:20:fc:c7:c1:d6:33:af:c7:44:79:13:4e:be:3a:4b:cf:82:
41:d5:35:cb:b0:86:5d:14:5f:b9:f6:a1:50:d3:6f:ed:77:23:
c5:a1:76:55:66:b6:a8:e4:f8:3b:02:97:48:ab:ca:17:39:10:
08:cf:35:b9:31:6a:2f:8b:9e:07:2f:af:3e:8d:a5:4b:f7:e8:
40:d3:a2:fa:b1:6a:81:78:9e:c5:45:53:94:c9:14:77:d4:85:
b7:17:9f:87:3c:13:92:02:2a:31:4b:51:31:cd:52:f5:47:9f:
7e:b3:72:b5:39:32:68:2f:25:1b:0c:5f:ae:96:f6:e0:f3:66:
d0:6e:2a:d4:02:16:88:b8:4a:18:63:f9:de:0d:ea:6e:50:0e:
26:60:19:fa:26:34:d9:a6:a7:ca:6c:91:0c:ac:44:74:39:e9:
b3:0c:60:4a:a1:ff:7f:97:ee:a5:d6:fb:f6:2b:51:06:ba:fe:
d6:11:58:0e:fc:96:c8:ac:8c:cd:77:32:f8:94:db:3d:ef:e2:
5c:40:91:c5:f3:d2:fe:28:d9:2d:e8:d8:e2:59:46:62:c6:1c:
86:97:8d:1c:49:d0:9c:00:0a:42:dd:40:60:97:7a:c4:32:2a:
23:87:cd:34
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQj1yNeo66u9g0bHxuvminhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWY0MzM5NzRkZjM3M2I3MGFiZDc2YjEzZTFjNzBjNzc1
ZjU1NGIwHhcNMjUwMTAxMjE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzFjNDU5Yjc4NWI5MWZiN2VkNDY4NDVjNGM1ZTFmNDA2NzBhN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEC6dH1V/es1Zz7Dl71CYFpeGnLc
yB6OpGT1HZAFciu6gNbZJT4DIOCr+lymmS85pd/DDFdF1HNW+6UJirr7UgqLDM/1
QWNYPMEmbuUrQxrnZg2O7RQWW+dhL92ktJ/a/Pgn27KcLzreHBGcnU1m4R2RYmk0
e0+1zG+M3YqJ6MaMLiz6ZgDGYReZTZZooL10lAP171ffCpmvv6U5qHiLecY7Meyh
litJtIkAvCSmYsMDWxmfjVYYCS5eWc2wXb6AMD91k0FqwSxV//G7OA/ztVCjMYM7
zDQaBadqbDfwOExmxKANqnjNza5U9BtWVWP7ZMIaebBlMtODVVpEaJGkawIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDMcRZt4W5H7ftRoRcTF4fQGcKfdMB8GA1UdIwQY
MBaAFPavQzl03zc7cKvXaxPhxwx3X1VLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2It
YTI2YmM2NTNiMDZiLzEvTXh4Rm0zaGJrZnQtMUdoRnhNWGg5QVp3cDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2ItYTI2YmM2NTNiMDZi
LzEvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI+gAcw
DQYJKoZIhvcNAQELBQADggEBAHbJe+rZR9o97ecbUd/qd240bzIg/MfB1jOvx0R5
E06+OkvPgkHVNcuwhl0UX7n2oVDTb+13I8WhdlVmtqjk+DsCl0iryhc5EAjPNbkx
ai+Lngcvrz6NpUv36EDTovqxaoF4nsVFU5TJFHfUhbcXn4c8E5ICKjFLUTHNUvVH
n36zcrU5MmgvJRsMX66W9uDzZtBuKtQCFoi4Shhj+d4N6m5QDiZgGfomNNmmp8ps
kQysRHQ56bMMYEqh/3+X7qXW+/YrUQa6/tYRWA78lsisjM13MviU2z3v4lxAkcXz
0v4o2S3o2OJZRmLGHIaXjRxJ0JwACkLdQGCXesQyKiOHzTQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:50:07 2025 by rpki-client