Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e670a7-ad78-457e-ad80-007978bdb052/1/eIuvCKiUKqnjxChjtjEAvL7JvnI.roa
File: eIuvCKiUKqnjxChjtjEAvL7JvnI.roa (raw, json)
Hash identifier: wyV3lMaUUP7vVQqM6FlcaWTPKvU8kW+p1xMsgVv6OJA=
Subject key identifier: 78:8B:AF:08:A8:94:2A:A9:E3:C4:28:63:B6:31:00:BC:BE:C9:BE:72
Certificate issuer: /CN=aa53cd2c584a3dc16208ba93b0db74773b3f23be
Certificate serial: 019425214278BBBBFCE3D219DE866AE56BAB
Authority key identifier: AA:53:CD:2C:58:4A:3D:C1:62:08:BA:93:B0:DB:74:77:3B:3F:23:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlPNLFhKPcFiCLqTsNt0dzs_I74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/e670a7-ad78-457e-ad80-007978bdb052/1/eIuvCKiUKqnjxChjtjEAvL7JvnI.roa
Signing time: Thu 02 Jan 2025 03:48:44 +0000
ROA not before: Thu 02 Jan 2025 03:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20625
IP address blocks: 2a02:ae8::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:42:78:bb:bb:fc:e3:d2:19:de:86:6a:e5:6b:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa53cd2c584a3dc16208ba93b0db74773b3f23be
Validity
Not Before: Jan 2 03:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=788baf08a8942aa9e3c42863b63100bcbec9be72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:81:fe:2d:12:88:84:42:1e:b8:8c:8c:d6:ff:
81:7d:24:b8:5a:cb:7a:b9:e7:a7:82:7d:39:dd:ca:
ac:8f:6c:f9:7b:d7:bd:52:1a:d4:eb:50:83:49:d2:
39:ea:69:05:49:19:22:34:45:50:d4:f3:84:dc:f4:
1e:99:af:13:40:cf:02:3b:76:dd:32:db:f0:da:15:
8f:ec:82:2d:2b:56:33:c4:15:94:32:8e:5c:cf:03:
83:1a:3d:06:9e:2d:3b:6f:4c:1f:f0:4c:65:5a:4e:
e3:52:95:7d:e6:a5:84:df:75:3e:8e:a7:28:30:a1:
6f:d0:06:5b:b7:50:58:81:c7:b3:6b:0b:f0:d9:50:
e1:ab:e5:38:84:13:86:aa:14:c6:9b:4d:20:85:bd:
75:33:7c:2a:a5:3d:b4:8c:6d:f2:a4:68:02:89:3d:
3d:4a:b5:87:69:39:b2:ba:b1:a0:83:5a:24:8a:42:
6b:1e:6a:16:67:34:02:42:9f:4c:f3:09:9d:c3:8f:
a1:48:2c:48:c5:bd:16:b2:63:db:22:3c:4e:d9:7a:
5d:90:25:b6:6a:74:c8:44:c8:ce:87:38:c4:95:99:
f4:36:ee:0b:e0:31:07:6c:19:33:e6:aa:33:f1:e5:
1c:52:d0:2a:9f:71:13:17:86:e8:0c:51:2d:f8:b4:
1d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:8B:AF:08:A8:94:2A:A9:E3:C4:28:63:B6:31:00:BC:BE:C9:BE:72
X509v3 Authority Key Identifier:
keyid:AA:53:CD:2C:58:4A:3D:C1:62:08:BA:93:B0:DB:74:77:3B:3F:23:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlPNLFhKPcFiCLqTsNt0dzs_I74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e670a7-ad78-457e-ad80-007978bdb052/1/eIuvCKiUKqnjxChjtjEAvL7JvnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e670a7-ad78-457e-ad80-007978bdb052/1/qlPNLFhKPcFiCLqTsNt0dzs_I74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:ae8::/29
Signature Algorithm: sha256WithRSAEncryption
6f:65:0e:1f:f0:ef:65:ac:13:cb:53:7a:6e:c8:a8:3e:57:04:
ba:d4:0d:a7:f0:c7:fb:dc:3b:45:66:f0:66:64:de:31:02:5b:
9a:83:59:05:28:07:9b:f6:18:a0:de:fd:dc:f3:68:81:f6:d9:
c3:55:0a:73:0f:9a:89:ef:1d:81:ac:af:dc:d2:82:06:32:11:
82:23:73:f7:f9:73:c8:28:51:63:79:1f:8e:61:26:21:2f:86:
f7:2f:20:7e:b0:72:c5:6b:76:a3:f2:2c:dc:dd:64:a1:3e:0d:
31:d0:97:22:a1:b8:79:4a:09:34:84:40:ff:f7:e1:3f:eb:66:
5b:91:1c:82:7d:3e:53:c8:ad:64:41:cc:ad:91:0c:56:1a:17:
50:40:03:86:24:e8:41:46:4c:44:a3:6d:45:3f:a6:d9:7e:60:
af:51:f4:e1:18:e0:0b:c0:24:62:99:70:33:c1:aa:ab:a8:0d:
98:f7:81:8b:75:51:95:04:0d:c1:fc:33:b0:ed:fc:3c:49:03:
ec:e1:0b:c7:78:c7:74:81:19:d0:2b:c7:98:9d:eb:86:aa:79:
36:92:b9:3a:1f:a2:a5:b4:c9:0d:e6:5e:69:e7:3e:6b:86:5a:
b9:4c:e3:31:1b:2b:d3:15:31:c4:06:a5:17:b9:8b:95:e3:ea:
24:6e:3c:96
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlIUJ4u7v849IZ3oZq5WurMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNTNjZDJjNTg0YTNkYzE2MjA4YmE5M2IwZGI3NDc3M2Iz
ZjIzYmUwHhcNMjUwMTAyMDM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODhiYWYwOGE4OTQyYWE5ZTNjNDI4NjNiNjMxMDBiY2JlYzliZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYH+LRKIhEIeuIyM1v+BfSS4Wst6
ueengn053cqsj2z5e9e9UhrU61CDSdI56mkFSRkiNEVQ1POE3PQema8TQM8CO3bd
Mtvw2hWP7IItK1YzxBWUMo5czwODGj0Gni07b0wf8ExlWk7jUpV95qWE33U+jqco
MKFv0AZbt1BYgcezawvw2VDhq+U4hBOGqhTGm00ghb11M3wqpT20jG3ypGgCiT09
SrWHaTmyurGgg1okikJrHmoWZzQCQp9M8wmdw4+hSCxIxb0WsmPbIjxO2XpdkCW2
anTIRMjOhzjElZn0Nu4L4DEHbBkz5qoz8eUcUtAqn3ETF4boDFEt+LQdxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHiLrwiolCqp48QoY7YxALy+yb5yMB8GA1UdIwQY
MBaAFKpTzSxYSj3BYgi6k7DbdHc7PyO+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWxQTkxGaEtQY0ZpQ0xxVHNOdDBkenNfSTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9lNjcwYTctYWQ3OC00NTdlLWFkODAt
MDA3OTc4YmRiMDUyLzEvZUl1dkNLaVVLcW5qeENoanRqRUF2TDdKdm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9lNjcwYTctYWQ3OC00NTdlLWFkODAtMDA3OTc4YmRiMDUy
LzEvcWxQTkxGaEtQY0ZpQ0xxVHNOdDBkenNfSTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgIK6DAN
BgkqhkiG9w0BAQsFAAOCAQEAb2UOH/DvZawTy1N6bsioPlcEutQNp/DH+9w7RWbw
ZmTeMQJbmoNZBSgHm/YYoN793PNogfbZw1UKcw+aie8dgayv3NKCBjIRgiNz9/lz
yChRY3kfjmEmIS+G9y8gfrByxWt2o/Is3N1koT4NMdCXIqG4eUoJNIRA//fhP+tm
W5Ecgn0+U8itZEHMrZEMVhoXUEADhiToQUZMRKNtRT+m2X5gr1H04RjgC8AkYplw
M8Gqq6gNmPeBi3VRlQQNwfwzsO38PEkD7OELx3jHdIEZ0CvHmJ3rhqp5NpK5Oh+i
pbTJDeZeaec+a4ZauUzjMRsr0xUxxAalF7mLlePqJG48lg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 18:15:34 2025 by rpki-client