Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ccbc52-e094-4e15-b672-71a4c6f9c887/1/cNHMykwUpy3bGSFxoS_LzMt754g.roa
File: cNHMykwUpy3bGSFxoS_LzMt754g.roa (raw, json)
Hash identifier: IP7WoPy8QmSL4iiJgy+Bff3NM4xJQ/u4zcEoLDPem8E=
Subject key identifier: 70:D1:CC:CA:4C:14:A7:2D:DB:19:21:71:A1:2F:CB:CC:CB:7B:E7:88
Certificate issuer: /CN=3269cc291ba260fc71118684e7b302f50ce9628d
Certificate serial: 06DC6F88
Authority key identifier: 32:69:CC:29:1B:A2:60:FC:71:11:86:84:E7:B3:02:F5:0C:E9:62:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmnMKRuiYPxxEYaE57MC9QzpYo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ccbc52-e094-4e15-b672-71a4c6f9c887/1/cNHMykwUpy3bGSFxoS_LzMt754g.roa
Signing time: Sat 01 Jan 2022 10:57:45 +0000
ROA not before: Sat 01 Jan 2022 10:57:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203038
IP address blocks: 2a0a:3507:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115109768 (0x6dc6f88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3269cc291ba260fc71118684e7b302f50ce9628d
Validity
Not Before: Jan 1 10:57:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70d1ccca4c14a72ddb192171a12fcbcccb7be788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:40:8b:e9:8f:8b:ce:55:2e:6f:b7:5f:c4:d8:
7d:20:21:81:13:9c:fd:f0:60:de:6c:1b:8d:ef:85:
5e:66:87:db:37:aa:a0:b2:03:f5:66:0c:a3:e7:16:
46:f5:33:7e:cb:66:78:a5:7b:31:85:bf:01:32:be:
62:11:f3:69:bf:c5:33:ce:98:e9:48:6d:27:ae:4a:
2c:45:48:06:ad:c0:45:2e:76:67:30:3b:20:0b:d0:
51:a1:9d:aa:6a:5f:50:6f:b0:fc:11:45:0b:4e:9f:
3b:b1:f6:8f:c8:93:fd:72:d7:14:7a:78:eb:ca:45:
31:d8:56:ba:e3:a9:f4:c1:6e:47:20:92:e7:b4:b3:
c1:15:e4:33:16:06:1f:c6:b4:87:0f:76:12:a8:df:
01:7c:64:44:44:0f:9c:0e:6d:7d:f2:fa:6c:a1:87:
63:50:52:15:c1:08:a2:03:3a:f6:d3:f2:83:58:17:
9b:ce:2b:24:2d:53:ca:9a:20:3b:5c:c8:97:80:56:
25:f2:54:12:84:ad:62:ed:33:37:3f:5a:55:64:c3:
bf:55:5a:d7:3b:0d:4c:2e:21:ee:97:48:bb:02:92:
fe:46:23:76:45:45:ad:87:70:61:df:89:95:16:a4:
33:93:56:6a:7b:cc:89:24:a1:de:be:2c:00:e2:da:
39:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D1:CC:CA:4C:14:A7:2D:DB:19:21:71:A1:2F:CB:CC:CB:7B:E7:88
X509v3 Authority Key Identifier:
keyid:32:69:CC:29:1B:A2:60:FC:71:11:86:84:E7:B3:02:F5:0C:E9:62:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmnMKRuiYPxxEYaE57MC9QzpYo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ccbc52-e094-4e15-b672-71a4c6f9c887/1/cNHMykwUpy3bGSFxoS_LzMt754g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ccbc52-e094-4e15-b672-71a4c6f9c887/1/MmnMKRuiYPxxEYaE57MC9QzpYo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:3507:1::/48
Signature Algorithm: sha256WithRSAEncryption
ab:71:16:89:ee:80:c6:34:39:30:aa:0f:bc:c8:05:18:93:ec:
57:e0:40:77:fd:87:07:8f:32:59:9e:25:25:54:9f:07:1c:e2:
b5:60:30:29:ae:18:0c:08:c8:d9:dd:c0:34:e4:94:94:e6:a0:
ff:2e:f2:e3:31:9f:96:ad:6a:fd:5a:e6:00:fb:f6:9d:96:7f:
52:b4:54:c9:7c:48:ac:b4:e4:a3:d1:fa:7c:dc:28:26:a5:3f:
88:f5:c3:58:94:96:5c:21:06:f0:9b:96:5f:12:a2:49:c0:cd:
b7:88:fa:8b:73:d1:ea:9a:50:fa:b3:54:f1:90:95:6a:d7:01:
12:a7:c9:2b:8f:f2:37:93:2e:4d:6c:2d:bf:46:7a:5e:dc:2b:
bf:54:e4:7e:0f:fa:c5:ca:b9:aa:c9:ac:88:4e:2d:ed:87:84:
71:25:1f:b4:94:34:7b:10:bf:67:d0:92:02:c6:67:00:15:03:
26:fa:53:28:ed:1f:11:ec:e4:d7:c7:4f:cb:a2:ac:be:29:b1:
4e:ba:41:d2:34:da:78:b1:c3:f4:df:ce:16:e7:1c:e3:ad:65:
71:70:0e:27:0c:d6:a1:88:a9:ab:ca:75:00:48:4a:fb:78:30:
81:11:b6:42:ca:7a:3a:e7:b1:0b:39:93:3c:4c:55:d8:3f:1e:
1f:cb:1a:5c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBtxviDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjY5Y2MyOTFiYTI2MGZjNzExMTg2ODRlN2IzMDJmNTBjZTk2MjhkMB4XDTIyMDEw
MTEwNTc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBkMWNjY2E0YzE0
YTcyZGRiMTkyMTcxYTEyZmNiY2NjYjdiZTc4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI1Ai+mPi85VLm+3X8TYfSAhgROc/fBg3mwbje+FXmaH2zeq
oLID9WYMo+cWRvUzfstmeKV7MYW/ATK+YhHzab/FM86Y6UhtJ65KLEVIBq3ARS52
ZzA7IAvQUaGdqmpfUG+w/BFFC06fO7H2j8iT/XLXFHp468pFMdhWuuOp9MFuRyCS
57SzwRXkMxYGH8a0hw92EqjfAXxkREQPnA5tffL6bKGHY1BSFcEIogM69tPyg1gX
m84rJC1TypogO1zIl4BWJfJUEoStYu0zNz9aVWTDv1Va1zsNTC4h7pdIuwKS/kYj
dkVFrYdwYd+JlRakM5NWanvMiSSh3r4sAOLaOR8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRw0czKTBSnLdsZIXGhL8vMy3vniDAfBgNVHSMEGDAWgBQyacwpG6Jg/HER
hoTnswL1DOlijTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01tbk1LUnVpWVB4eEVZYUU1N01DOVF6cFlvMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvY2NiYzUyLWUwOTQtNGUxNS1iNjcyLTcxYTRjNmY5Yzg4Ny8x
L2NOSE15a3dVcHkzYkdTRnhvU19Mek10NzU0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
Y2NiYzUyLWUwOTQtNGUxNS1iNjcyLTcxYTRjNmY5Yzg4Ny8xL01tbk1LUnVpWVB4
eEVZYUU1N01DOVF6cFlvMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoKNQcAATANBgkqhkiG9w0BAQsF
AAOCAQEAq3EWie6AxjQ5MKoPvMgFGJPsV+BAd/2HB48yWZ4lJVSfBxzitWAwKa4Y
DAjI2d3ANOSUlOag/y7y4zGflq1q/VrmAPv2nZZ/UrRUyXxIrLTko9H6fNwoJqU/
iPXDWJSWXCEG8JuWXxKiScDNt4j6i3PR6ppQ+rNU8ZCVatcBEqfJK4/yN5MuTWwt
v0Z6Xtwrv1Tkfg/6xcq5qsmsiE4t7YeEcSUftJQ0exC/Z9CSAsZnABUDJvpTKO0f
Eezk18dPy6KsvimxTrpB0jTaeLHD9N/OFucc461lcXAOJwzWoYipq8p1AEhK+3gw
gRG2Qsp6OuexCzmTPExV2D8eH8saXA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:41:43 2025 by rpki-client