Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MSTAZDN1Z4hT89g9ctW6RcPeLd0.roa
File: MSTAZDN1Z4hT89g9ctW6RcPeLd0.roa (raw, json)
Hash identifier: +HrkrmxsXO4z33gG4N3pwaiETcyc6AokeBIUEEaPS7A=
Subject key identifier: 31:24:C0:64:33:75:67:88:53:F3:D8:3D:72:D5:BA:45:C3:DE:2D:DD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01948A7F4E5B9DACA4F814DC4F16754836A6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MSTAZDN1Z4hT89g9ctW6RcPeLd0.roa
Signing time: Tue 21 Jan 2025 20:13:06 +0000
ROA not before: Tue 21 Jan 2025 20:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8a:7f:4e:5b:9d:ac:a4:f8:14:dc:4f:16:75:48:36:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 21 20:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3124c0643375678853f3d83d72d5ba45c3de2ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f6:35:d5:ef:6d:19:fd:78:5d:a2:72:e0:01:
68:bd:02:17:1e:05:a2:6c:f0:32:2c:07:fa:4f:46:
03:60:70:f1:8b:d0:7e:65:a5:c9:7e:e2:26:83:81:
4a:77:08:22:cc:91:65:98:e8:6f:b5:7c:89:5e:43:
5b:6f:3a:b6:bd:5d:32:50:69:15:83:0c:a2:38:82:
a6:0a:be:f0:fb:d5:84:57:27:29:af:48:61:e3:42:
3d:72:be:99:a1:28:02:b7:4d:8e:35:c6:f4:14:4d:
d2:3a:ce:e9:7d:14:92:67:cf:21:d2:36:16:a9:16:
17:f8:c7:41:36:ac:c7:af:cb:8f:d7:87:cb:b1:9b:
74:7f:f8:e8:8b:ca:5b:0c:b9:f0:65:27:5c:cf:f7:
cd:81:be:75:bf:7c:01:18:4e:59:96:b5:4f:67:29:
c0:b0:20:f3:81:86:5e:2c:54:a4:66:82:f2:78:d1:
52:59:6f:3a:a4:fa:45:ec:5d:ec:70:6c:04:54:0c:
a0:25:5b:26:5e:42:1b:55:fd:38:90:28:a9:76:f7:
b9:41:82:31:83:e7:ce:35:b3:9c:75:31:70:03:78:
47:bd:24:31:ba:e0:ba:df:20:46:b0:67:8f:d6:50:
15:13:aa:d4:ce:97:46:e0:31:71:6d:54:80:1c:13:
ef:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:24:C0:64:33:75:67:88:53:F3:D8:3D:72:D5:BA:45:C3:DE:2D:DD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MSTAZDN1Z4hT89g9ctW6RcPeLd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
2d:a6:3d:fc:18:e6:ba:c8:3a:c9:d4:4a:9b:9e:8a:76:d6:77:
0d:e6:09:10:84:8a:b3:f6:7a:c7:a6:cd:ea:39:a3:29:78:6b:
36:9a:c4:03:9e:73:6b:ab:74:fd:06:2b:75:3a:33:49:d8:32:
71:2a:cb:56:65:88:04:62:96:b8:2b:f2:30:6b:b5:e5:72:78:
95:fb:a1:fd:7a:39:53:ca:e9:f3:d9:31:2c:c2:17:d4:f7:5d:
16:44:6a:c8:c0:64:74:e9:a2:34:7d:d4:af:c6:a8:58:8e:85:
ce:63:1e:4a:47:03:d5:7a:26:25:36:13:2d:48:8d:7b:57:02:
3c:5b:d1:bf:62:b8:22:32:23:99:9a:09:04:8c:75:a4:39:18:
22:a7:2f:09:71:64:d6:4c:f1:fc:ac:ea:bf:3b:c1:07:09:4d:
f9:d1:b7:18:c7:80:8c:82:44:81:87:ce:7a:4a:df:3e:2f:54:
9e:ca:8c:b2:60:2c:c6:0c:fe:cd:ad:4e:bf:e6:26:87:1c:8c:
4d:28:c6:ec:3b:1a:36:fe:19:fd:a6:4b:48:b6:a9:80:47:53:
18:c3:65:8f:20:59:5d:b3:ec:38:b6:c1:aa:d3:05:f8:6e:9b:
0c:dd:95:3f:10:0d:f4:3e:ba:43:9c:e8:f2:3d:0c:9e:21:d2:
ee:b8:1a:8c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZSKf05bnayk+BTcTxZ1SDamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTIxMjAxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTI0YzA2NDMzNzU2Nzg4NTNmM2Q4M2Q3MmQ1YmE0NWMzZGUyZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4PY11e9tGf14XaJy4AFovQIXHgWi
bPAyLAf6T0YDYHDxi9B+ZaXJfuImg4FKdwgizJFlmOhvtXyJXkNbbzq2vV0yUGkV
gwyiOIKmCr7w+9WEVycpr0hh40I9cr6ZoSgCt02ONcb0FE3SOs7pfRSSZ88h0jYW
qRYX+MdBNqzHr8uP14fLsZt0f/joi8pbDLnwZSdcz/fNgb51v3wBGE5ZlrVPZynA
sCDzgYZeLFSkZoLyeNFSWW86pPpF7F3scGwEVAygJVsmXkIbVf04kCipdve5QYIx
g+fONbOcdTFwA3hHvSQxuuC63yBGsGeP1lAVE6rUzpdG4DFxbVSAHBPvIQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDEkwGQzdWeIU/PYPXLVukXD3i3dMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTVNUQVpETjFaNGhUODlnOWN0VzZSY1BlTGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEALaY9/Bjmusg6ydRKm56KdtZ3
DeYJEISKs/Z6x6bN6jmjKXhrNprEA55za6t0/QYrdTozSdgycSrLVmWIBGKWuCvy
MGu15XJ4lfuh/Xo5U8rp89kxLMIX1PddFkRqyMBkdOmiNH3Ur8aoWI6FzmMeSkcD
1XomJTYTLUiNe1cCPFvRv2K4IjIjmZoJBIx1pDkYIqcvCXFk1kzx/KzqvzvBBwlN
+dG3GMeAjIJEgYfOekrfPi9UnsqMsmAsxgz+za1Ov+YmhxyMTSjG7DsaNv4Z/aZL
SLapgEdTGMNljyBZXbPsOLbBqtMF+G6bDN2VPxAN9D66Q5zo8j0MniHS7rgajA==
-----END CERTIFICATE-----
Generated at Wed Jan 22 17:23:07 2025 by rpki-client on console.sobornost.net