Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/Mlh1OUvdMvBOzqjOSbLyZKTH_2c.roa
File: Mlh1OUvdMvBOzqjOSbLyZKTH_2c.roa (raw, json)
Hash identifier: yCEdCTCJqqvCW5+LOgXVNkg5W1DuVkh3vuL3mSHNHSQ=
Subject key identifier: 32:58:75:39:4B:DD:32:F0:4E:CE:A8:CE:49:B2:F2:64:A4:C7:FF:67
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 0194228DCA827E7339B99081FDD3B6BFCE9D
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/Mlh1OUvdMvBOzqjOSbLyZKTH_2c.roa
Signing time: Wed 01 Jan 2025 15:48:25 +0000
ROA not before: Wed 01 Jan 2025 15:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208768
IP address blocks: 2a10:4741:22::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ca:82:7e:73:39:b9:90:81:fd:d3:b6:bf:ce:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Jan 1 15:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=325875394bdd32f04ecea8ce49b2f264a4c7ff67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:46:b0:04:89:09:d0:fb:59:1c:05:60:2c:f8:
b0:a3:8e:d7:f1:e8:41:65:8a:ab:c1:c3:a1:9b:3c:
22:c3:c8:4c:4a:3f:ab:44:b8:38:42:a4:3e:7d:23:
53:56:37:c7:78:79:cf:fd:3f:4f:70:0c:ad:4e:f3:
58:1b:2d:ec:36:0e:5a:29:5e:fc:c5:16:11:8f:c4:
b9:4b:46:5a:0f:f6:07:70:57:01:c6:97:19:0b:39:
06:9a:14:ad:de:52:30:00:3d:f1:34:16:e2:44:ae:
8d:2f:b7:d0:7c:36:71:0b:7e:35:45:35:63:67:91:
f3:6a:ab:77:35:62:d7:fc:0d:83:3b:1e:a4:83:f7:
19:46:d9:64:17:d5:de:a2:f2:ec:58:d2:92:21:1e:
54:75:43:af:34:80:b3:f3:35:94:b1:de:85:1d:2c:
c6:bf:a4:35:a9:78:37:0d:d0:31:50:01:cf:90:52:
c7:8a:51:d4:94:79:96:4d:26:9c:fe:0c:90:0b:a4:
37:ca:8a:01:94:4c:45:c7:aa:fd:ee:bd:b6:11:d4:
48:07:f3:d5:10:ed:d5:f4:80:ee:f6:29:8b:d9:f2:
7f:3b:fb:b9:29:6d:0f:bf:25:3f:75:c5:07:3e:2b:
8f:1f:db:37:fb:f2:26:0b:9a:9d:83:c0:a8:37:8b:
20:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:58:75:39:4B:DD:32:F0:4E:CE:A8:CE:49:B2:F2:64:A4:C7:FF:67
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/Mlh1OUvdMvBOzqjOSbLyZKTH_2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4741:22::/48
Signature Algorithm: sha256WithRSAEncryption
71:58:f9:57:5d:33:cb:12:25:80:85:a9:c6:a4:43:70:1c:7c:
54:d0:cb:5f:b9:86:96:59:58:2a:35:84:d0:0d:83:d5:6b:b5:
9d:1e:d9:cc:8c:e0:38:fb:ab:da:45:4f:1e:1f:b3:95:1d:39:
f6:d6:da:8e:7b:42:f7:a7:41:f8:d1:d1:16:28:68:e6:69:5e:
c5:1e:bf:ec:c9:b6:1d:c5:0d:39:a0:84:f3:bd:db:71:aa:0e:
37:2e:dd:e8:d1:04:31:61:79:70:5c:50:a5:5a:b5:3d:e1:5d:
8f:bf:1f:f7:59:a2:e7:93:91:ad:d3:d4:e0:4a:17:bf:82:e8:
01:3e:fc:d1:97:8e:ca:8c:a3:b9:7d:63:fd:97:41:af:e5:84:
97:50:08:20:26:3a:61:ae:f0:ba:05:28:ff:8f:51:fc:9c:a3:
85:1a:e9:64:77:03:c2:48:5e:50:d4:89:28:80:37:57:a6:ab:
a5:7b:a5:a0:d9:c5:50:f3:49:fe:18:cd:0b:70:f4:21:18:b1:
09:b4:74:95:1b:f9:7d:a7:81:a8:b5:3a:31:cc:54:d1:00:37:
b5:93:6b:47:35:1e:cc:2d:78:cb:37:cc:64:2c:62:b0:23:22:
54:e3:a7:22:2a:dc:36:ab:8e:f9:d4:45:02:8c:5a:ec:72:85:
80:d5:3f:ee
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQijcqCfnM5uZCB/dO2v86dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjUwMTAxMTU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjU4NzUzOTRiZGQzMmYwNGVjZWE4Y2U0OWIyZjI2NGE0YzdmZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0awBIkJ0PtZHAVgLPiwo47X8ehB
ZYqrwcOhmzwiw8hMSj+rRLg4QqQ+fSNTVjfHeHnP/T9PcAytTvNYGy3sNg5aKV78
xRYRj8S5S0ZaD/YHcFcBxpcZCzkGmhSt3lIwAD3xNBbiRK6NL7fQfDZxC341RTVj
Z5Hzaqt3NWLX/A2DOx6kg/cZRtlkF9XeovLsWNKSIR5UdUOvNICz8zWUsd6FHSzG
v6Q1qXg3DdAxUAHPkFLHilHUlHmWTSac/gyQC6Q3yooBlExFx6r97r22EdRIB/PV
EO3V9IDu9imL2fJ/O/u5KW0PvyU/dcUHPiuPH9s3+/ImC5qdg8CoN4sgWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDJYdTlL3TLwTs6ozkmy8mSkx/9nMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvTWxoMU9VdmRNdkJPenFqT1NiTHlaS1RIXzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhBHQQAi
MA0GCSqGSIb3DQEBCwUAA4IBAQBxWPlXXTPLEiWAhanGpENwHHxU0MtfuYaWWVgq
NYTQDYPVa7WdHtnMjOA4+6vaRU8eH7OVHTn21tqOe0L3p0H40dEWKGjmaV7FHr/s
ybYdxQ05oITzvdtxqg43Lt3o0QQxYXlwXFClWrU94V2Pvx/3WaLnk5Gt09TgShe/
gugBPvzRl47KjKO5fWP9l0Gv5YSXUAggJjphrvC6BSj/j1H8nKOFGulkdwPCSF5Q
1IkogDdXpqule6Wg2cVQ80n+GM0LcPQhGLEJtHSVG/l9p4GotToxzFTRADe1k2tH
NR7MLXjLN8xkLGKwIyJU46ciKtw2q4751EUCjFrscoWA1T/u
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:14 2025 by rpki-client on console.sobornost.net