Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/MXgEjfNqzg4ibHIgBnMu6L6lCSM.roa
File: MXgEjfNqzg4ibHIgBnMu6L6lCSM.roa (raw, json)
Hash identifier: fVgHiU9asEnxImlxkLsSy6Pf5pU0/2RHygcrCBHFKNY=
Subject key identifier: 31:78:04:8D:F3:6A:CE:0E:22:6C:72:20:06:73:2E:E8:BE:A5:09:23
Certificate issuer: /CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Certificate serial: 01941FFA0CC35138E8D0B999274021FDDD98
Authority key identifier: 51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/MXgEjfNqzg4ibHIgBnMu6L6lCSM.roa
Signing time: Wed 01 Jan 2025 03:47:48 +0000
ROA not before: Wed 01 Jan 2025 03:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216222
IP address blocks: 2a13:cc87:fc01::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0c:c3:51:38:e8:d0:b9:99:27:40:21:fd:dd:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Validity
Not Before: Jan 1 03:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3178048df36ace0e226c722006732ee8bea50923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a1:49:3a:fd:7f:bf:19:47:9c:29:3c:0e:b4:
8f:de:7c:d6:21:61:da:1e:c1:4d:2d:d2:80:8f:63:
45:27:b6:ca:d2:ae:54:61:f6:54:a5:28:79:5f:46:
52:65:3c:9a:ce:dd:2c:ab:ae:06:ce:15:50:53:0e:
15:4f:1e:5c:d5:24:ef:7b:6e:a9:c2:36:bf:78:4d:
aa:e0:9e:18:67:09:75:b1:74:c0:d8:7f:25:ef:7a:
8b:07:a5:da:f9:75:e6:2a:3c:f8:dc:62:8e:51:b9:
14:eb:ff:4e:5f:63:1d:8e:71:38:02:91:ce:53:ac:
6d:3b:33:ea:3d:cd:8b:85:7f:68:f6:27:12:96:15:
1f:96:f1:ac:06:7f:f3:f1:73:39:40:15:82:29:93:
13:82:bc:31:00:1b:15:c6:e0:fb:3b:1e:28:bb:64:
d2:70:ef:82:68:3a:c5:6e:85:c0:9e:03:43:af:f7:
f0:f6:9c:30:cd:aa:81:40:32:af:66:33:3a:d0:99:
e2:f8:c7:60:82:17:c0:3d:79:89:2f:10:69:9d:be:
bc:42:5b:15:fe:68:49:e1:c1:fc:0d:ca:d8:d0:7b:
63:41:de:17:d1:d2:43:36:06:b5:74:2f:5a:63:95:
fa:33:f0:81:cd:4c:3a:4e:86:80:40:8e:04:bc:68:
fa:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:78:04:8D:F3:6A:CE:0E:22:6C:72:20:06:73:2E:E8:BE:A5:09:23
X509v3 Authority Key Identifier:
keyid:51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/MXgEjfNqzg4ibHIgBnMu6L6lCSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UXoMloQrr8n2MLoUuD6nm9EqU7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:cc87:fc01::/48
Signature Algorithm: sha256WithRSAEncryption
aa:72:c8:40:7c:a6:e6:00:33:9f:94:94:57:36:54:8c:40:90:
69:44:6a:bc:f6:e7:df:7f:58:ae:42:d7:30:0f:67:63:a0:e7:
b5:0e:6b:3a:46:76:b1:f7:de:52:d1:de:5e:db:a1:03:7a:6f:
75:78:2a:b1:a8:37:9b:9f:6e:a2:cb:9a:f6:02:90:4c:eb:41:
d6:7b:e9:b9:86:d5:13:24:83:6d:e8:bf:56:28:a5:49:5f:cc:
40:fb:ff:43:82:f9:32:b7:ec:b3:8a:af:98:1f:db:8b:51:40:
b9:05:4e:c9:f8:6f:1b:f8:57:cb:d6:b4:d4:a4:83:76:88:96:
32:2b:b8:be:65:05:9f:0a:18:bc:de:64:d7:6d:3e:7a:b4:9c:
de:59:66:e6:5d:47:97:9b:be:43:d3:8e:03:30:71:34:16:9b:
14:14:65:b5:bc:c7:c5:97:2f:05:1d:50:66:94:35:51:79:62:
1d:c9:6f:6d:6d:a4:75:2a:c5:b7:80:65:ea:b2:ad:7f:1a:ff:
5c:67:3a:e7:70:d7:b0:9d:03:c0:f7:bd:5d:fa:36:61:44:91:
c7:0e:5d:95:38:fa:e0:6c:f3:18:2d:7b:64:ae:c8:f4:7b:ad:
d1:14:fb:9d:d1:70:99:0c:ca:b1:bf:90:22:d1:9c:f3:1f:e5:
b0:b6:5f:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+gzDUTjo0LmZJ0Ah/d2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxN2EwYzk2ODQyYmFmYzlmNjMwYmExNGI4M2VhNzliZDEy
YTUzYjkwHhcNMjUwMTAxMDM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTc4MDQ4ZGYzNmFjZTBlMjI2YzcyMjAwNjczMmVlOGJlYTUwOTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqFJOv1/vxlHnCk8DrSP3nzWIWHa
HsFNLdKAj2NFJ7bK0q5UYfZUpSh5X0ZSZTyazt0sq64GzhVQUw4VTx5c1STve26p
wja/eE2q4J4YZwl1sXTA2H8l73qLB6Xa+XXmKjz43GKOUbkU6/9OX2MdjnE4ApHO
U6xtOzPqPc2LhX9o9icSlhUflvGsBn/z8XM5QBWCKZMTgrwxABsVxuD7Ox4ou2TS
cO+CaDrFboXAngNDr/fw9pwwzaqBQDKvZjM60Jni+MdgghfAPXmJLxBpnb68QlsV
/mhJ4cH8DcrY0HtjQd4X0dJDNga1dC9aY5X6M/CBzUw6ToaAQI4EvGj6YQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDF4BI3zas4OImxyIAZzLui+pQkjMB8GA1UdIwQY
MBaAFFF6DJaEK6/J9jC6FLg+p5vRKlO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMt
YjBlYjY3MTVlMGFmLzEvTVhnRWpmTnF6ZzRpYkhJZ0JuTXU2TDZsQ1NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMtYjBlYjY3MTVlMGFm
LzEvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPMh/wB
MA0GCSqGSIb3DQEBCwUAA4IBAQCqcshAfKbmADOflJRXNlSMQJBpRGq89ufff1iu
QtcwD2djoOe1Dms6Rnax995S0d5e26EDem91eCqxqDebn26iy5r2ApBM60HWe+m5
htUTJINt6L9WKKVJX8xA+/9Dgvkyt+yziq+YH9uLUUC5BU7J+G8b+FfL1rTUpIN2
iJYyK7i+ZQWfChi83mTXbT56tJzeWWbmXUeXm75D044DMHE0FpsUFGW1vMfFly8F
HVBmlDVReWIdyW9tbaR1KsW3gGXqsq1/Gv9cZzrncNewnQPA971d+jZhRJHHDl2V
OPrgbPMYLXtkrsj0e63RFPud0XCZDMqxv5Ai0ZzzH+Wwtl+/
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:25:13 2025 by rpki-client