Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d704f2-6ed4-44c1-8e4f-4d7a84babbde/1/Eklv5iMrpdIb57nofb-2LDtZiMo.roa
File: Eklv5iMrpdIb57nofb-2LDtZiMo.roa (raw, json)
Hash identifier: yKALUmc+NQQTzWDEWN3x1mf1BWmjZYZaxlqX1YAmy08=
Subject key identifier: 12:49:6F:E6:23:2B:A5:D2:1B:E7:B9:E8:7D:BF:B6:2C:3B:59:88:CA
Certificate issuer: /CN=8aa698f83e3429c89e34c8f2efb5b1201a18fcf7
Certificate serial: 019420D64717F4C98025D8034B848EA77663
Authority key identifier: 8A:A6:98:F8:3E:34:29:C8:9E:34:C8:F2:EF:B5:B1:20:1A:18:FC:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqaY-D40KcieNMjy77WxIBoY_Pc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d704f2-6ed4-44c1-8e4f-4d7a84babbde/1/Eklv5iMrpdIb57nofb-2LDtZiMo.roa
Signing time: Wed 01 Jan 2025 07:48:21 +0000
ROA not before: Wed 01 Jan 2025 07:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2119
IP address blocks: 195.8.32.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:47:17:f4:c9:80:25:d8:03:4b:84:8e:a7:76:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aa698f83e3429c89e34c8f2efb5b1201a18fcf7
Validity
Not Before: Jan 1 07:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12496fe6232ba5d21be7b9e87dbfb62c3b5988ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6f:a8:1e:d1:d2:d8:d2:d7:dc:38:97:5e:3a:
bf:a1:6a:47:9a:5c:bc:ed:e9:63:a6:d5:8c:39:30:
2d:4a:0d:6b:80:2f:1a:df:ef:bb:10:46:e7:94:18:
c0:fa:27:51:e6:a7:61:f7:74:9b:94:b1:37:77:84:
dc:e5:82:cf:81:cb:55:6c:cd:2a:8d:22:b7:18:29:
71:69:47:34:86:83:97:5d:d4:e7:a0:13:ba:ee:c8:
39:c9:86:d8:6d:1d:b1:4a:e7:61:cb:a5:fc:fb:40:
3b:01:d8:04:0f:54:74:21:9e:11:76:5a:6c:21:20:
81:22:ab:44:0d:87:a9:8a:1b:a4:6a:73:db:73:e7:
e5:9e:66:09:13:d3:24:d5:7a:5b:a6:a9:f6:51:08:
4b:c5:22:79:25:6e:7c:3a:e9:7a:e1:b8:3a:b2:d3:
96:e1:88:25:0b:e7:a9:79:e0:26:30:6f:3c:a0:64:
a1:64:f3:23:38:43:e6:12:bc:a6:1e:a9:63:d8:cc:
59:b6:e3:2b:21:d4:b0:57:39:bb:4d:d2:8b:28:c4:
03:c1:a0:22:cc:87:bc:ab:3c:bc:a1:5a:02:eb:29:
46:48:32:47:cf:8c:87:0a:70:88:fc:e5:46:d5:4c:
5d:bc:61:c7:76:af:42:62:48:49:06:55:6c:d9:6d:
be:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:49:6F:E6:23:2B:A5:D2:1B:E7:B9:E8:7D:BF:B6:2C:3B:59:88:CA
X509v3 Authority Key Identifier:
keyid:8A:A6:98:F8:3E:34:29:C8:9E:34:C8:F2:EF:B5:B1:20:1A:18:FC:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqaY-D40KcieNMjy77WxIBoY_Pc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d704f2-6ed4-44c1-8e4f-4d7a84babbde/1/Eklv5iMrpdIb57nofb-2LDtZiMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d704f2-6ed4-44c1-8e4f-4d7a84babbde/1/iqaY-D40KcieNMjy77WxIBoY_Pc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.32.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:3d:f9:69:09:3e:c1:c2:fa:87:a1:2b:6b:1c:72:fe:43:1c:
e9:a7:1f:39:e8:1c:c7:cf:24:1c:9f:40:28:e5:70:a3:98:ef:
7e:b8:2c:18:5c:ee:34:c9:ee:1c:10:ef:fc:86:41:88:2d:bf:
bc:f4:84:bf:05:fa:5d:6e:be:87:2f:6b:1d:08:ed:82:d6:d6:
e3:e7:e2:40:4a:24:60:0b:ea:17:07:82:1b:fc:45:92:67:00:
c4:5b:c9:1a:a1:ec:85:2f:24:40:a0:6f:ef:05:8d:48:19:86:
32:66:44:69:09:75:3c:c1:5f:2e:82:5c:5f:ea:0a:ec:29:ac:
73:31:48:3f:a9:bb:8b:12:fc:b8:1c:be:0e:d3:b7:05:73:91:
a2:8f:82:c5:dc:dc:b9:22:93:72:9c:13:8d:eb:16:61:be:4a:
00:9c:a0:39:a5:44:7e:37:9f:51:a2:f8:31:40:20:57:e5:1f:
7f:8d:ea:10:3d:86:14:87:2b:06:c0:8e:cc:8b:c9:c9:5d:14:
fe:c0:f7:93:25:6d:ca:d5:d0:3e:6a:0f:9a:8f:37:37:00:8f:
fb:5d:b1:8c:72:e9:d4:7f:ac:dc:37:31:a2:96:87:3a:0d:2f:
e4:ae:e1:85:ff:68:a0:8f:4b:d0:35:2b:93:38:44:10:73:4b:
f6:a3:93:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1kcX9MmAJdgDS4SOp3ZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTY5OGY4M2UzNDI5Yzg5ZTM0YzhmMmVmYjViMTIwMWEx
OGZjZjcwHhcNMjUwMTAxMDc0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjQ5NmZlNjIzMmJhNWQyMWJlN2I5ZTg3ZGJmYjYyYzNiNTk4OGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG+oHtHS2NLX3DiXXjq/oWpHmly8
7eljptWMOTAtSg1rgC8a3++7EEbnlBjA+idR5qdh93SblLE3d4Tc5YLPgctVbM0q
jSK3GClxaUc0hoOXXdTnoBO67sg5yYbYbR2xSudhy6X8+0A7AdgED1R0IZ4Rdlps
ISCBIqtEDYepihukanPbc+flnmYJE9Mk1Xpbpqn2UQhLxSJ5JW58Oul64bg6stOW
4YglC+epeeAmMG88oGShZPMjOEPmErymHqlj2MxZtuMrIdSwVzm7TdKLKMQDwaAi
zIe8qzy8oVoC6ylGSDJHz4yHCnCI/OVG1UxdvGHHdq9CYkhJBlVs2W2+dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBJJb+YjK6XSG+e56H2/tiw7WYjKMB8GA1UdIwQY
MBaAFIqmmPg+NCnInjTI8u+1sSAaGPz3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFhWS1ENDBLY2llTk1qeTc3V3hJQm9ZX1BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kNzA0ZjItNmVkNC00NGMxLThlNGYt
NGQ3YTg0YmFiYmRlLzEvRWtsdjVpTXJwZEliNTdub2ZiLTJMRHRaaU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kNzA0ZjItNmVkNC00NGMxLThlNGYtNGQ3YTg0YmFiYmRl
LzEvaXFhWS1ENDBLY2llTk1qeTc3V3hJQm9ZX1BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwwggMA0G
CSqGSIb3DQEBCwUAA4IBAQCNPflpCT7BwvqHoStrHHL+Qxzppx856BzHzyQcn0Ao
5XCjmO9+uCwYXO40ye4cEO/8hkGILb+89IS/Bfpdbr6HL2sdCO2C1tbj5+JASiRg
C+oXB4Ib/EWSZwDEW8kaoeyFLyRAoG/vBY1IGYYyZkRpCXU8wV8uglxf6grsKaxz
MUg/qbuLEvy4HL4O07cFc5Gij4LF3Ny5IpNynBON6xZhvkoAnKA5pUR+N59Rovgx
QCBX5R9/jeoQPYYUhysGwI7Mi8nJXRT+wPeTJW3K1dA+ag+ajzc3AI/7XbGMcunU
f6zcNzGiloc6DS/kruGF/2igj0vQNSuTOEQQc0v2o5OC
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:10:07 2025 by rpki-client