Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/MnG_2GzorHPsXNp5Vum7-rUjReY.roa
File: MnG_2GzorHPsXNp5Vum7-rUjReY.roa (raw, json)
Hash identifier: D3z8cv+XlClqN6b2gc/ybPBfC33Ewbb6orbavaJ/jxk=
Subject key identifier: 32:71:BF:D8:6C:E8:AC:73:EC:5C:DA:79:56:E9:BB:FA:B5:23:45:E6
Certificate issuer: /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial: 01941F8C705479DDBF828CFD708C048B96E4
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/MnG_2GzorHPsXNp5Vum7-rUjReY.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212971
IP address blocks: 2a0e:e704:44::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:70:54:79:dd:bf:82:8c:fd:70:8c:04:8b:96:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3271bfd86ce8ac73ec5cda7956e9bbfab52345e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c2:40:f2:af:c4:b7:78:c8:cc:c4:36:63:e3:
9a:bc:dd:4c:ee:b9:59:72:60:8d:11:72:6e:6f:3d:
06:6a:fc:de:18:f1:a6:16:08:de:a3:9e:c2:95:97:
84:53:3b:b2:53:88:2a:3f:1e:5f:b4:11:9a:a0:93:
fc:33:90:12:56:a7:ee:75:d1:a5:3b:d1:9d:8f:28:
7d:84:f1:5e:d2:13:0b:ce:ea:4e:99:4f:01:b5:88:
f8:55:80:21:f4:bd:3b:73:6c:78:68:1d:f6:78:3f:
bb:b4:bf:8c:8f:e2:22:23:64:13:d0:1a:37:f2:0d:
dc:1d:de:d0:70:52:0e:15:7f:4a:c5:07:c7:2b:50:
1f:2c:b4:64:5c:04:04:ab:ae:d2:5e:65:6e:22:31:
8f:66:4a:ab:9a:05:fd:94:7e:26:a5:31:ea:45:02:
81:92:e4:a1:2e:16:a7:6f:2c:c6:f5:37:e8:f3:5c:
e3:62:23:4a:f8:dd:60:11:22:5e:0e:14:2e:20:fb:
c0:cf:9c:31:96:2c:6d:5b:d1:c2:cb:07:b7:4f:e1:
34:68:17:5d:eb:1b:20:c6:68:52:b8:bc:cf:d4:18:
2f:5f:16:84:d9:88:a4:73:08:65:98:ad:e4:d9:95:
37:29:17:18:17:46:b5:49:ae:e2:55:32:93:fe:fa:
a0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:71:BF:D8:6C:E8:AC:73:EC:5C:DA:79:56:E9:BB:FA:B5:23:45:E6
X509v3 Authority Key Identifier:
keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/MnG_2GzorHPsXNp5Vum7-rUjReY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e704:44::/48
Signature Algorithm: sha256WithRSAEncryption
9d:ec:4f:2f:48:35:85:61:10:df:d1:70:f2:51:a0:f8:d8:50:
21:39:c3:91:ef:15:a9:ef:5e:96:56:c1:ce:01:d7:27:aa:09:
b2:ec:e9:42:2a:90:50:d0:87:a1:da:c3:1f:5d:b2:4a:73:a3:
db:d5:e4:ff:30:4e:b8:79:ca:e5:0d:61:f4:b4:de:b7:0f:ea:
72:8a:79:45:d0:12:d0:40:86:36:49:39:07:a2:c4:78:5a:e7:
de:a0:98:66:a4:b8:01:d1:4e:bd:ba:17:8d:1f:bb:fc:5b:ed:
ad:cb:02:07:43:c7:db:7a:58:6d:84:83:dc:23:5f:24:e5:8d:
03:6b:fb:0f:bc:0c:e0:63:68:9f:9c:cc:56:2d:4e:c3:ba:55:
bf:ff:19:cf:78:f7:af:2b:da:d2:df:75:95:21:15:4f:1c:db:
fb:fd:bd:dc:4f:82:a4:05:dd:f4:d9:15:8a:cb:a6:09:97:9a:
cd:29:0a:53:74:9d:7f:6b:16:d2:ad:a0:95:96:a1:5e:73:d0:
96:a4:f7:c8:b4:d7:e8:93:ff:92:9d:c8:4a:b3:82:79:52:1e:
17:45:68:c2:73:da:6c:99:f9:ac:bb:63:72:99:ec:5e:ad:af:
7d:0a:c0:71:d1:18:7c:1e:92:59:91:eb:cd:75:61:14:18:29:
7a:84:38:4a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjHBUed2/goz9cIwEi5bkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGY0NWY3Y2M0YjY5MWZkNGEzMWMxZjFjMGI0ZjYwNWQ3
N2E2ZWYwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjcxYmZkODZjZThhYzczZWM1Y2RhNzk1NmU5YmJmYWI1MjM0NWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscJA8q/Et3jIzMQ2Y+OavN1M7rlZ
cmCNEXJubz0GavzeGPGmFgjeo57ClZeEUzuyU4gqPx5ftBGaoJP8M5ASVqfuddGl
O9Gdjyh9hPFe0hMLzupOmU8BtYj4VYAh9L07c2x4aB32eD+7tL+Mj+IiI2QT0Bo3
8g3cHd7QcFIOFX9KxQfHK1AfLLRkXAQEq67SXmVuIjGPZkqrmgX9lH4mpTHqRQKB
kuShLhanbyzG9Tfo81zjYiNK+N1gESJeDhQuIPvAz5wxlixtW9HCywe3T+E0aBdd
6xsgxmhSuLzP1BgvXxaE2YikcwhlmK3k2ZU3KRcYF0a1Sa7iVTKT/vqgxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDJxv9hs6Kxz7FzaeVbpu/q1I0XmMB8GA1UdIwQY
MBaAFNYPRffMS2kf1KMcHxwLT2Bdd6bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzkt
YTk1NGQwNTM5OTRhLzEvTW5HXzJHem9ySFBzWE5wNVZ1bTctclVqUmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzktYTk1NGQwNTM5OTRh
LzEvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg7nBABE
MA0GCSqGSIb3DQEBCwUAA4IBAQCd7E8vSDWFYRDf0XDyUaD42FAhOcOR7xWp716W
VsHOAdcnqgmy7OlCKpBQ0Ieh2sMfXbJKc6Pb1eT/ME64ecrlDWH0tN63D+pyinlF
0BLQQIY2STkHosR4WufeoJhmpLgB0U69uheNH7v8W+2tywIHQ8fbelhthIPcI18k
5Y0Da/sPvAzgY2ifnMxWLU7DulW//xnPePevK9rS33WVIRVPHNv7/b3cT4KkBd30
2RWKy6YJl5rNKQpTdJ1/axbSraCVlqFec9CWpPfItNfok/+SnchKs4J5Uh4XRWjC
c9psmfmsu2Nymexera99CsBx0Rh8HpJZkevNdWEUGCl6hDhK
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:55:36 2025 by rpki-client