Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/45a9c8-a257-47c3-be6f-677f51ebbd85/1/MI7COiU67b3DimT3qfKJwEQYCMg.roa
File: MI7COiU67b3DimT3qfKJwEQYCMg.roa (raw, json)
Hash identifier: NuZcKBXuxsrwNsk5imZ/LFDKoaeZvXMx3+mtlwDtumc=
Subject key identifier: 30:8E:C2:3A:25:3A:ED:BD:C3:8A:64:F7:A9:F2:89:C0:44:18:08:C8
Certificate issuer: /CN=459478e9f1f30b24fd17198d1cac835bc1e4dfaf
Certificate serial: 019425220C868AB7961066AAB4AE45EAE673
Authority key identifier: 45:94:78:E9:F1:F3:0B:24:FD:17:19:8D:1C:AC:83:5B:C1:E4:DF:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RZR46fHzCyT9FxmNHKyDW8Hk368.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/45a9c8-a257-47c3-be6f-677f51ebbd85/1/MI7COiU67b3DimT3qfKJwEQYCMg.roa
Signing time: Thu 02 Jan 2025 03:49:35 +0000
ROA not before: Thu 02 Jan 2025 03:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20677
IP address blocks: 2a13:fbc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:0c:86:8a:b7:96:10:66:aa:b4:ae:45:ea:e6:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=459478e9f1f30b24fd17198d1cac835bc1e4dfaf
Validity
Not Before: Jan 2 03:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=308ec23a253aedbdc38a64f7a9f289c0441808c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:16:45:c2:1f:a7:39:ae:a3:0e:e3:f8:98:f5:
58:c0:c2:39:9e:da:59:6e:a6:32:93:bc:4d:b4:7b:
e1:b5:c8:74:e2:21:13:3d:1c:76:5a:e3:17:01:ce:
e3:e1:5a:4b:73:63:95:9d:1c:f6:b8:c8:02:46:dc:
24:e8:5d:bc:d5:cb:7e:fc:fa:8b:59:fc:6b:da:91:
bb:26:80:ff:2c:e4:b1:88:e8:a2:62:a1:82:75:a6:
27:2c:3a:7e:db:85:2d:26:1e:a8:d5:56:1f:e3:53:
70:27:ec:ea:bb:7c:2f:35:7a:dc:fc:7d:18:f3:89:
b2:75:3d:cf:80:4e:55:d3:2c:a1:77:64:6e:a7:59:
25:1c:53:d3:0d:a1:f1:be:f6:bc:35:00:e2:05:e4:
5a:71:db:83:96:9b:86:5b:d1:6c:49:4c:81:68:1a:
52:76:9a:1e:2f:4e:d1:f6:bb:e2:da:36:6c:46:bc:
a2:d0:25:67:46:29:ed:3e:50:cd:86:74:e6:8b:a4:
18:9d:d5:88:53:a7:38:66:29:2e:da:af:f1:61:27:
43:7e:93:56:c9:9f:fb:04:c7:df:c7:bc:67:7e:81:
a5:56:c8:f5:1c:fb:aa:b1:d9:52:43:15:56:be:4b:
b6:83:d3:a1:f8:4e:17:a2:de:c5:11:3c:2d:95:17:
55:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:8E:C2:3A:25:3A:ED:BD:C3:8A:64:F7:A9:F2:89:C0:44:18:08:C8
X509v3 Authority Key Identifier:
keyid:45:94:78:E9:F1:F3:0B:24:FD:17:19:8D:1C:AC:83:5B:C1:E4:DF:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZR46fHzCyT9FxmNHKyDW8Hk368.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/45a9c8-a257-47c3-be6f-677f51ebbd85/1/MI7COiU67b3DimT3qfKJwEQYCMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/45a9c8-a257-47c3-be6f-677f51ebbd85/1/RZR46fHzCyT9FxmNHKyDW8Hk368.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:fbc0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:27:4a:46:fe:76:fb:94:ef:b5:b4:1a:d9:c0:3f:d3:d3:fc:
78:52:ca:30:34:99:7b:20:c0:9f:aa:a8:57:52:9e:d7:24:1d:
79:31:3b:0e:b1:22:f2:4e:83:bc:02:94:50:7f:6f:d7:e2:14:
27:95:85:c5:44:6c:c6:99:12:27:cd:77:78:4a:66:a2:1d:ba:
73:58:24:31:88:46:35:2a:8d:c2:ed:de:6f:7b:1d:a6:c1:7d:
2a:2d:19:7c:b5:e5:79:75:bc:6c:aa:01:36:66:29:d5:f9:91:
58:77:68:1a:da:e3:5e:8c:71:ca:17:d8:db:bf:05:58:14:47:
71:1c:03:4f:9a:fd:7b:41:0e:75:09:8e:a3:8a:68:e1:80:56:
9e:61:37:04:a1:f9:9d:36:1b:8e:eb:81:61:f0:6d:7b:3b:6f:
21:87:20:f8:b3:cd:76:f0:58:f7:0d:5d:78:26:22:1f:f7:b0:
46:1c:e8:a5:da:48:81:4c:7a:4c:c4:d4:e4:c9:59:45:da:a9:
a7:7a:d9:c4:16:5f:e1:72:26:47:68:e2:92:97:ee:3a:c1:2a:
aa:22:0f:cc:e1:3a:55:ca:9c:ef:c2:ea:d1:1c:72:fb:ef:49:
7f:77:1e:b2:72:47:29:f7:02:25:fd:e6:e9:31:e2:ee:b6:de:
99:6f:c6:3a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIgyGireWEGaqtK5F6uZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OTQ3OGU5ZjFmMzBiMjRmZDE3MTk4ZDFjYWM4MzViYzFl
NGRmYWYwHhcNMjUwMTAyMDM0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDhlYzIzYTI1M2FlZGJkYzM4YTY0ZjdhOWYyODljMDQ0MTgwOGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxZFwh+nOa6jDuP4mPVYwMI5ntpZ
bqYyk7xNtHvhtch04iETPRx2WuMXAc7j4VpLc2OVnRz2uMgCRtwk6F281ct+/PqL
Wfxr2pG7JoD/LOSxiOiiYqGCdaYnLDp+24UtJh6o1VYf41NwJ+zqu3wvNXrc/H0Y
84mydT3PgE5V0yyhd2Rup1klHFPTDaHxvva8NQDiBeRacduDlpuGW9FsSUyBaBpS
dpoeL07R9rvi2jZsRryi0CVnRintPlDNhnTmi6QYndWIU6c4Ziku2q/xYSdDfpNW
yZ/7BMffx7xnfoGlVsj1HPuqsdlSQxVWvku2g9Oh+E4Xot7FETwtlRdVzwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDCOwjolOu29w4pk96nyicBEGAjIMB8GA1UdIwQY
MBaAFEWUeOnx8wsk/RcZjRysg1vB5N+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlpSNDZmSHpDeVQ5RnhtTkhLeURXOEhrMzY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC80NWE5YzgtYTI1Ny00N2MzLWJlNmYt
Njc3ZjUxZWJiZDg1LzEvTUk3Q09pVTY3YjNEaW1UM3FmS0p3RVFZQ01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC80NWE5YzgtYTI1Ny00N2MzLWJlNmYtNjc3ZjUxZWJiZDg1
LzEvUlpSNDZmSHpDeVQ5RnhtTkhLeURXOEhrMzY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhP7wAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQA/J0pG/nb7lO+1tBrZwD/T0/x4UsowNJl7IMCf
qqhXUp7XJB15MTsOsSLyToO8ApRQf2/X4hQnlYXFRGzGmRInzXd4SmaiHbpzWCQx
iEY1Ko3C7d5vex2mwX0qLRl8teV5dbxsqgE2ZinV+ZFYd2ga2uNejHHKF9jbvwVY
FEdxHANPmv17QQ51CY6jimjhgFaeYTcEofmdNhuO64Fh8G17O28hhyD4s8128Fj3
DV14JiIf97BGHOil2kiBTHpMxNTkyVlF2qmnetnEFl/hciZHaOKSl+46wSqqIg/M
4TpVypzvwurRHHL770l/dx6yckcp9wIl/ebpMeLutt6Zb8Y6
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:40:43 2025 by rpki-client