Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a36dbb-6027-43c4-8194-4a0cb255d73a/1/mcodiKTX1slSmfc3nZ7DZKGNYFk.roa
File: mcodiKTX1slSmfc3nZ7DZKGNYFk.roa (raw, json)
Hash identifier: 8YfkV+577aVFpH3FgiABnIRQh7w2LYtBhi55zdviFSU=
Subject key identifier: 99:CA:1D:88:A4:D7:D6:C9:52:99:F7:37:9D:9E:C3:64:A1:8D:60:59
Certificate issuer: /CN=9ef19871b1759f3237012e4b6dbb6c2fd2be8b4b
Certificate serial: 01942144452E38853BA548F82F1FDCFA4E31
Authority key identifier: 9E:F1:98:71:B1:75:9F:32:37:01:2E:4B:6D:BB:6C:2F:D2:BE:8B:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nvGYcbF1nzI3AS5LbbtsL9K-i0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a36dbb-6027-43c4-8194-4a0cb255d73a/1/mcodiKTX1slSmfc3nZ7DZKGNYFk.roa
Signing time: Wed 01 Jan 2025 09:48:29 +0000
ROA not before: Wed 01 Jan 2025 09:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213152
IP address blocks: 2a0f:b480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:45:2e:38:85:3b:a5:48:f8:2f:1f:dc:fa:4e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ef19871b1759f3237012e4b6dbb6c2fd2be8b4b
Validity
Not Before: Jan 1 09:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99ca1d88a4d7d6c95299f7379d9ec364a18d6059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ad:9e:47:dc:c7:d6:f7:6a:ee:89:c4:72:6f:
26:4a:55:6c:21:84:e7:61:17:d4:67:5e:f7:91:fa:
0a:90:e8:2b:af:eb:54:65:b9:3e:f2:a4:b6:3c:c0:
fa:0c:68:e4:10:71:df:2d:c2:7a:a6:d6:bd:1d:df:
83:86:5c:aa:31:0d:e6:15:a3:23:26:d6:e3:95:d2:
99:1c:f1:76:29:7e:a7:59:d3:c9:69:19:bd:87:d8:
80:13:e5:69:10:e8:44:e3:d1:d7:f6:88:6a:a9:e7:
c4:9e:22:0b:5b:a0:fb:a3:3f:b5:f4:2d:16:7b:b1:
fc:7f:cb:c7:86:de:bd:eb:eb:a2:90:93:1a:08:04:
38:1e:54:10:c8:ac:12:9d:d9:fc:db:76:90:13:f2:
b8:07:1f:7d:60:9c:31:64:60:77:45:08:58:dd:e4:
e7:49:1b:a0:54:e7:de:a5:b1:2d:2c:0b:74:7e:8e:
f3:fc:6b:2c:26:48:79:23:47:c5:8b:a2:89:b4:07:
d0:4e:ea:5d:66:03:42:3d:24:f5:34:f0:9b:52:00:
c2:1f:f8:58:25:92:71:6d:4c:08:9e:db:f0:a0:16:
21:41:57:be:7a:26:cc:32:5a:66:00:d1:d8:11:10:
e8:4e:48:44:c6:e2:f9:0d:92:84:58:32:48:05:78:
8c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:CA:1D:88:A4:D7:D6:C9:52:99:F7:37:9D:9E:C3:64:A1:8D:60:59
X509v3 Authority Key Identifier:
keyid:9E:F1:98:71:B1:75:9F:32:37:01:2E:4B:6D:BB:6C:2F:D2:BE:8B:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nvGYcbF1nzI3AS5LbbtsL9K-i0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a36dbb-6027-43c4-8194-4a0cb255d73a/1/mcodiKTX1slSmfc3nZ7DZKGNYFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a36dbb-6027-43c4-8194-4a0cb255d73a/1/nvGYcbF1nzI3AS5LbbtsL9K-i0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b480::/29
Signature Algorithm: sha256WithRSAEncryption
44:7e:85:85:14:9a:7c:2f:63:36:e6:60:17:9d:23:ff:74:89:
d1:a0:d4:4c:ed:ef:38:3b:4a:07:6b:b1:99:11:a7:6f:3a:e2:
74:8f:37:45:90:21:c7:0b:b6:75:5f:9a:4b:b2:dd:58:1c:bb:
ea:f5:26:91:c8:e5:7e:be:23:43:a1:a7:8a:bb:db:29:bf:f4:
39:0b:ff:db:12:89:d0:3a:13:ed:3c:b4:c3:3b:81:3a:c7:00:
75:51:5a:43:7f:fa:93:5a:36:61:ea:0b:99:98:49:69:98:f4:
9b:e1:ac:f7:ab:9c:ea:4f:05:77:67:c8:9f:9b:57:4d:49:f4:
24:eb:6d:44:19:b2:9a:8f:14:34:a8:4d:00:f1:52:18:7d:22:
8b:67:d1:6c:79:a3:e8:25:9a:d1:05:92:cb:d7:d2:9f:72:14:
6d:d2:dd:5e:8c:5d:2d:cf:1a:0f:01:04:fd:9d:cb:7d:52:1a:
c1:aa:b6:3a:bd:a4:6e:c0:2a:ee:c9:57:16:67:1a:77:ad:32:
da:4b:84:7d:db:f4:46:ea:7c:2e:37:97:82:07:42:1b:7c:f3:
84:a0:a3:37:ba:88:61:74:4c:96:b3:39:53:db:e2:b3:66:1f:
e6:b7:16:d1:0a:7c:32:78:0e:b0:1d:8f:53:72:67:84:4c:81:
f5:77:c4:46
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhREUuOIU7pUj4Lx/c+k4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZjE5ODcxYjE3NTlmMzIzNzAxMmU0YjZkYmI2YzJmZDJi
ZThiNGIwHhcNMjUwMTAxMDk0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWNhMWQ4OGE0ZDdkNmM5NTI5OWY3Mzc5ZDllYzM2NGExOGQ2MDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr62eR9zH1vdq7onEcm8mSlVsIYTn
YRfUZ173kfoKkOgrr+tUZbk+8qS2PMD6DGjkEHHfLcJ6pta9Hd+DhlyqMQ3mFaMj
JtbjldKZHPF2KX6nWdPJaRm9h9iAE+VpEOhE49HX9ohqqefEniILW6D7oz+19C0W
e7H8f8vHht696+uikJMaCAQ4HlQQyKwSndn823aQE/K4Bx99YJwxZGB3RQhY3eTn
SRugVOfepbEtLAt0fo7z/GssJkh5I0fFi6KJtAfQTupdZgNCPST1NPCbUgDCH/hY
JZJxbUwIntvwoBYhQVe+eibMMlpmANHYERDoTkhExuL5DZKEWDJIBXiMdwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJnKHYik19bJUpn3N52ew2ShjWBZMB8GA1UdIwQY
MBaAFJ7xmHGxdZ8yNwEuS227bC/SvotLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnZHWWNiRjFuekkzQVM1TGJidHNMOUstaTBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMzZkYmItNjAyNy00M2M0LTgxOTQt
NGEwY2IyNTVkNzNhLzEvbWNvZGlLVFgxc2xTbWZjM25aN0RaS0dOWUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMzZkYmItNjAyNy00M2M0LTgxOTQtNGEwY2IyNTVkNzNh
LzEvbnZHWWNiRjFuekkzQVM1TGJidHNMOUstaTBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg+0gDAN
BgkqhkiG9w0BAQsFAAOCAQEARH6FhRSafC9jNuZgF50j/3SJ0aDUTO3vODtKB2ux
mRGnbzridI83RZAhxwu2dV+aS7LdWBy76vUmkcjlfr4jQ6GnirvbKb/0OQv/2xKJ
0DoT7Ty0wzuBOscAdVFaQ3/6k1o2YeoLmZhJaZj0m+Gs96uc6k8Fd2fIn5tXTUn0
JOttRBmymo8UNKhNAPFSGH0ii2fRbHmj6CWa0QWSy9fSn3IUbdLdXoxdLc8aDwEE
/Z3LfVIawaq2Or2kbsAq7slXFmcad60y2kuEfdv0Rup8LjeXggdCG3zzhKCjN7qI
YXRMlrM5U9vis2Yf5rcW0Qp8MngOsB2PU3JnhEyB9XfERg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:19:19 2025 by rpki-client