Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/IKXrcUKwMlPG0eAi0Yyy4f8rN_E.roa
File: IKXrcUKwMlPG0eAi0Yyy4f8rN_E.roa (raw, json)
Hash identifier: k1m1X5cjV+X+s8K2eluUA+PEvYRc1/2CONci6dgq2xY=
Subject key identifier: 20:A5:EB:71:42:B0:32:53:C6:D1:E0:22:D1:8C:B2:E1:FF:2B:37:F1
Certificate issuer: /CN=2347aaab2206c08128f543730064a145a3effa14
Certificate serial: 0196147B0984905D2F02DF09550269B35346
Authority key identifier: 23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/IKXrcUKwMlPG0eAi0Yyy4f8rN_E.roa
Signing time: Tue 08 Apr 2025 08:18:49 +0000
ROA not before: Tue 08 Apr 2025 08:18:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8434
IP address blocks: 195.66.32.0/19 maxlen: 19
2a02:1400::/26 maxlen: 26
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:7b:09:84:90:5d:2f:02:df:09:55:02:69:b3:53:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2347aaab2206c08128f543730064a145a3effa14
Validity
Not Before: Apr 8 08:18:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20a5eb7142b03253c6d1e022d18cb2e1ff2b37f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ef:93:59:21:35:79:12:10:e0:b2:f9:a0:6f:
48:47:27:14:f2:44:d6:56:6f:b1:a7:86:04:b2:b7:
a7:ff:f5:27:0d:06:be:25:0e:ac:5e:68:77:0c:e2:
ab:e4:76:52:6c:f6:d6:4d:46:b9:f0:e2:40:ef:da:
16:25:72:89:86:c7:f9:ee:da:93:79:79:f5:40:1b:
38:16:f0:b9:0d:d9:0c:43:0e:81:91:c2:34:f3:ba:
20:b0:fe:6c:f1:91:01:0b:82:d4:4a:38:72:29:96:
1e:e5:05:32:d7:13:b7:31:4c:e1:6b:05:e5:fb:94:
41:ed:eb:9c:e5:0e:50:96:fb:56:70:6d:e5:10:60:
6d:e6:39:f7:19:7c:c6:16:d6:a3:99:aa:2d:0e:03:
e8:2b:c0:17:77:fa:59:9e:30:20:f8:e4:4c:ae:5b:
2d:bc:7c:dd:9d:c1:2d:8e:3b:47:cf:7d:92:d4:9f:
42:b0:c4:9e:3b:1f:43:84:5d:cb:e6:8e:15:81:a4:
72:54:ce:8f:f4:81:e8:08:4f:63:ba:7f:9d:7a:51:
8e:c5:59:af:33:40:5b:b8:6f:f1:71:4f:eb:91:76:
99:69:97:35:4e:30:01:06:0c:80:75:3f:62:60:20:
54:55:82:43:3c:3b:b0:b7:c4:da:0f:08:af:65:ea:
91:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A5:EB:71:42:B0:32:53:C6:D1:E0:22:D1:8C:B2:E1:FF:2B:37:F1
X509v3 Authority Key Identifier:
keyid:23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/IKXrcUKwMlPG0eAi0Yyy4f8rN_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.32.0/19
IPv6:
2a02:1400::/26
Signature Algorithm: sha256WithRSAEncryption
0f:23:c4:c5:91:7e:a3:9e:d7:71:12:94:3d:72:06:38:5e:b9:
ca:7d:28:8d:67:19:79:21:8c:f0:04:dd:9b:61:9c:d4:43:97:
57:4e:1f:59:78:62:e0:7c:61:d2:bb:fb:e8:40:0e:53:ab:04:
7b:ef:c2:3e:ca:93:61:79:12:5c:9c:d7:8e:2b:44:f1:5b:44:
c8:3f:85:19:a7:b7:d3:24:f0:69:9b:a0:69:aa:61:17:cb:e2:
ba:bd:03:6d:77:8f:40:26:8d:db:60:ad:a8:0b:0d:d1:96:ce:
63:e8:6e:65:83:69:ad:0e:ed:a2:7b:fa:a8:73:c4:95:a0:95:
18:70:93:3f:3b:77:dc:77:ac:d6:45:95:72:da:d2:04:83:e7:
b4:fc:99:39:b8:dc:9a:c3:e0:47:7a:0b:7a:18:71:41:dd:71:
9e:c5:56:2d:da:3e:93:ef:d4:e6:55:b8:8a:a0:dc:fc:72:85:
f2:fc:90:24:b7:bf:da:22:12:da:31:a1:1c:12:cf:08:2f:6d:
44:d1:13:51:0a:42:f3:87:06:ab:4b:39:ca:91:42:03:f6:4f:
f5:14:4c:a6:59:e5:31:33:86:d0:b8:06:15:f6:70:60:86:c1:
8b:a4:12:f5:0d:3e:cf:ee:5c:84:07:7d:b7:a0:a7:a1:28:7b:
85:d2:22:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZYUewmEkF0vAt8JVQJps1NGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDdhYWFiMjIwNmMwODEyOGY1NDM3MzAwNjRhMTQ1YTNl
ZmZhMTQwHhcNMjUwNDA4MDgxODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGE1ZWI3MTQyYjAzMjUzYzZkMWUwMjJkMThjYjJlMWZmMmIzN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnu+TWSE1eRIQ4LL5oG9IRycU8kTW
Vm+xp4YEsren//UnDQa+JQ6sXmh3DOKr5HZSbPbWTUa58OJA79oWJXKJhsf57tqT
eXn1QBs4FvC5DdkMQw6BkcI087ogsP5s8ZEBC4LUSjhyKZYe5QUy1xO3MUzhawXl
+5RB7euc5Q5QlvtWcG3lEGBt5jn3GXzGFtajmaotDgPoK8AXd/pZnjAg+ORMrlst
vHzdncEtjjtHz32S1J9CsMSeOx9DhF3L5o4VgaRyVM6P9IHoCE9jun+delGOxVmv
M0BbuG/xcU/rkXaZaZc1TjABBgyAdT9iYCBUVYJDPDuwt8TaDwivZeqRkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCCl63FCsDJTxtHgItGMsuH/KzfxMB8GA1UdIwQY
MBaAFCNHqqsiBsCBKPVDcwBkoUWj7/oUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQt
NzU4NDA2NjFlYWY1LzEvSUtYcmNVS3dNbFBHMGVBaTBZeXk0ZjhyTl9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQtNzU4NDA2NjFlYWY1
LzEvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFw0IgMA0E
AgACMAcDBQYqAhQAMA0GCSqGSIb3DQEBCwUAA4IBAQAPI8TFkX6jntdxEpQ9cgY4
XrnKfSiNZxl5IYzwBN2bYZzUQ5dXTh9ZeGLgfGHSu/voQA5TqwR778I+ypNheRJc
nNeOK0TxW0TIP4UZp7fTJPBpm6BpqmEXy+K6vQNtd49AJo3bYK2oCw3Rls5j6G5l
g2mtDu2ie/qoc8SVoJUYcJM/O3fcd6zWRZVy2tIEg+e0/Jk5uNyaw+BHegt6GHFB
3XGexVYt2j6T79TmVbiKoNz8coXy/JAkt7/aIhLaMaEcEs8IL21E0RNRCkLzhwar
SznKkUID9k/1FEymWeUxM4bQuAYV9nBghsGLpBL1DT7P7lyEB323oKehKHuF0iI+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:25 2025 by rpki-client on console.sobornost.net