Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/MXn2hZIOebHapyt1qs-VnjTjQ5Q.roa
File: MXn2hZIOebHapyt1qs-VnjTjQ5Q.roa (raw, json)
Hash identifier: weAav9yiXDwMSooPcWTe+TJdvexu4hlJqCVaVvCHXMc=
Subject key identifier: 31:79:F6:85:92:0E:79:B1:DA:A7:2B:75:AA:CF:95:9E:34:E3:43:94
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 0195149EBF0859E277C76D1C32E6F9260334
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/MXn2hZIOebHapyt1qs-VnjTjQ5Q.roa
Signing time: Mon 17 Feb 2025 15:55:02 +0000
ROA not before: Mon 17 Feb 2025 15:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 2a0f:b242:6000::/36 maxlen: 36
2a0f:b245::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:14:9e:bf:08:59:e2:77:c7:6d:1c:32:e6:f9:26:03:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 17 15:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3179f685920e79b1daa72b75aacf959e34e34394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:25:13:91:6f:dd:9d:db:30:aa:7d:a8:ce:04:
51:3f:5f:3f:2a:ec:df:53:87:9c:da:17:46:df:7f:
8d:1e:8c:1b:3c:7e:f0:fb:6f:1f:3e:c8:a7:ba:44:
6d:c6:e0:a9:5e:4b:03:3f:84:71:9a:65:f9:f4:d1:
65:b9:24:cc:29:1c:2f:53:ae:88:b3:9f:6e:62:3c:
56:d2:f7:41:2a:24:d3:30:ba:ef:f6:61:37:5d:51:
81:05:ca:53:a6:4f:0a:d4:d3:43:29:e7:c7:12:69:
00:c1:6d:45:30:b0:48:9b:fe:c1:82:d5:21:db:b3:
98:ba:a0:d3:64:43:ae:2b:15:bd:3b:cf:3c:2a:c2:
50:72:c0:3d:f4:5b:45:80:91:5e:9f:99:0e:d9:fa:
b7:74:74:5c:22:bf:31:aa:d7:f7:aa:d7:6b:5f:16:
b3:a0:26:5a:e3:20:f6:66:37:75:87:86:44:48:7d:
b0:93:d7:9a:dc:67:4b:88:7e:76:af:b6:35:14:92:
bc:9c:4e:fc:a9:c0:ba:28:d0:6a:bc:f9:c7:4d:fa:
41:a5:b6:9b:15:a8:84:f4:29:c6:24:eb:b4:ac:b1:
aa:06:b8:9f:f3:4e:62:dc:58:92:86:18:ee:97:79:
82:0b:48:61:ad:f1:4f:c3:46:1a:93:c3:3e:77:44:
45:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:79:F6:85:92:0E:79:B1:DA:A7:2B:75:AA:CF:95:9E:34:E3:43:94
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/MXn2hZIOebHapyt1qs-VnjTjQ5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b242:6000::/36
2a0f:b245::/32
Signature Algorithm: sha256WithRSAEncryption
8d:40:18:ea:f4:60:e6:a1:91:f7:45:02:cb:73:bd:28:6c:c8:
fe:0a:2b:bc:c1:b3:f5:6c:fe:bd:99:6f:18:04:8b:6c:94:f3:
a8:fe:5e:ff:65:c8:5e:6f:55:45:57:82:1b:74:23:c7:15:40:
39:f3:c0:b3:a7:f2:33:88:73:82:e6:20:ce:a5:04:55:1e:5a:
f1:f5:0a:72:cb:d5:85:ea:1e:30:70:a4:12:7a:c6:93:e0:18:
70:c7:15:50:ba:8f:57:90:9a:a0:e4:f9:55:a4:25:2e:48:ec:
1f:e2:74:f1:fc:a0:d4:f6:79:fd:7a:81:d6:47:97:cf:e9:6b:
fe:a9:08:af:39:96:6c:de:c7:d3:c6:6a:2f:9c:20:06:1e:62:
75:64:14:c2:8a:47:17:15:1a:84:cf:2e:62:aa:f4:3c:53:25:
f0:13:44:f3:06:b9:3c:05:7b:3f:c6:10:bf:f7:67:5b:43:69:
76:cc:14:a4:96:2f:35:23:0f:af:08:01:e4:67:17:4d:c4:42:
32:05:95:12:aa:0c:47:14:65:f1:0b:17:96:9a:2f:99:d2:15:
be:2f:34:5e:cc:ed:f6:7d:37:6d:55:46:9b:68:2f:4b:67:90:
d8:a1:bd:27:24:3e:d4:41:97:c4:0c:b2:cd:c7:57:6a:a0:16:
b1:57:53:58
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZUUnr8IWeJ3x20cMub5JgM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMjE3MTU1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTc5ZjY4NTkyMGU3OWIxZGFhNzJiNzVhYWNmOTU5ZTM0ZTM0Mzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCUTkW/dndswqn2ozgRRP18/Kuzf
U4ec2hdG33+NHowbPH7w+28fPsinukRtxuCpXksDP4RxmmX59NFluSTMKRwvU66I
s59uYjxW0vdBKiTTMLrv9mE3XVGBBcpTpk8K1NNDKefHEmkAwW1FMLBIm/7BgtUh
27OYuqDTZEOuKxW9O888KsJQcsA99FtFgJFen5kO2fq3dHRcIr8xqtf3qtdrXxaz
oCZa4yD2Zjd1h4ZESH2wk9ea3GdLiH52r7Y1FJK8nE78qcC6KNBqvPnHTfpBpbab
FaiE9CnGJOu0rLGqBrif805i3FiShhjul3mCC0hhrfFPw0Yak8M+d0RF4wIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFDF59oWSDnmx2qcrdarPlZ4040OUMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvTVhuMmhaSU9lYkhhcHl0MXFzLVZualRqUTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwYEKg+yQmAD
BQAqD7JFMA0GCSqGSIb3DQEBCwUAA4IBAQCNQBjq9GDmoZH3RQLLc70obMj+Ciu8
wbP1bP69mW8YBItslPOo/l7/Zcheb1VFV4IbdCPHFUA588Czp/IziHOC5iDOpQRV
Hlrx9Qpyy9WF6h4wcKQSesaT4BhwxxVQuo9XkJqg5PlVpCUuSOwf4nTx/KDU9nn9
eoHWR5fP6Wv+qQivOZZs3sfTxmovnCAGHmJ1ZBTCikcXFRqEzy5iqvQ8UyXwE0Tz
Brk8BXs/xhC/92dbQ2l2zBSkli81Iw+vCAHkZxdNxEIyBZUSqgxHFGXxCxeWmi+Z
0hW+LzRezO32fTdtVUabaC9LZ5DYob0nJD7UQZfEDLLNx1dqoBaxV1NY
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:27:29 2025 by rpki-client