Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0-l4E1gJ2Zg2Fj5aShvfi5u1iWE.roa
File: 0-l4E1gJ2Zg2Fj5aShvfi5u1iWE.roa (raw, json)
Hash identifier: OM1FlvHYC3N0xYTKaYnZr3tHnUl/fEjrdfASxXdMp1U=
Subject key identifier: D3:E9:78:13:58:09:D9:98:36:16:3E:5A:4A:1B:DF:8B:9B:B5:89:61
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A676C383AF287AF4656AFF6A0A575C359
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0-l4E1gJ2Zg2Fj5aShvfi5u1iWE.roa
Signing time: Tue 05 Sep 2023 22:17:40 +0000
ROA not before: Tue 05 Sep 2023 22:17:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:67:6c:38:3a:f2:87:af:46:56:af:f6:a0:a5:75:c3:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 22:17:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3e978135809d99836163e5a4a1bdf8b9bb58961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d2:c9:18:82:fe:7b:38:cf:fd:6a:3f:7a:a2:
25:cf:77:c2:02:f0:e7:c6:1c:bd:c3:89:52:76:a5:
a8:aa:ae:ae:22:41:19:55:bc:48:f3:43:61:07:67:
65:bf:df:3f:79:98:54:4d:80:ea:bd:3a:35:76:70:
dd:14:c8:2c:01:46:34:f4:a5:2f:6c:ab:23:cf:9e:
70:fc:78:6c:67:84:b2:78:27:63:e8:c8:aa:4b:f6:
05:2c:c6:f1:67:94:56:9e:76:13:2b:5b:88:99:2b:
53:f7:cb:52:dd:88:d5:f8:5b:72:d5:99:29:e5:74:
79:40:ac:b4:ef:5b:70:46:cc:03:b0:f2:a4:4e:08:
1e:27:88:7f:b7:4f:4b:6c:ff:e8:9c:62:28:89:2a:
7b:e5:df:d5:1c:e9:f9:8f:47:42:e9:bc:92:a6:3a:
0d:0b:8c:fd:1f:6d:6f:be:3d:64:6a:4a:68:ce:31:
32:c7:94:a5:6b:c0:f6:25:e5:db:13:4b:f0:be:01:
1e:9b:88:60:ec:90:2b:2c:cc:8d:13:97:e5:0d:68:
dd:ba:d1:d0:ca:e1:a3:a6:03:00:1d:97:e0:f7:e0:
41:8b:b1:5f:b4:ae:a2:ae:a4:ee:10:1f:d8:0d:bb:
54:43:3c:30:e5:00:dc:50:94:91:28:19:d5:aa:5a:
d6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E9:78:13:58:09:D9:98:36:16:3E:5A:4A:1B:DF:8B:9B:B5:89:61
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0-l4E1gJ2Zg2Fj5aShvfi5u1iWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:c7:6c:7b:38:cc:c2:78:71:f9:e1:82:3b:20:10:ed:11:a4:
6c:fa:81:f1:98:96:dd:7f:ef:e2:a1:9c:08:02:bb:13:d8:20:
ce:a1:fb:f6:0e:aa:d4:f3:1b:9d:23:be:61:9b:65:a2:3a:d7:
9c:8a:79:11:24:5c:e7:c9:24:a6:6a:f5:e0:03:d2:d0:01:a5:
c9:3f:de:9e:0e:ba:09:5d:64:d4:e7:8c:69:9b:3f:3b:bc:8b:
42:aa:57:8a:93:18:22:8b:dd:83:30:7e:8e:43:6f:ce:50:99:
0b:fd:ce:69:32:de:a0:e3:4d:bc:0a:f3:72:4f:d9:c5:b5:97:
ce:35:4f:35:0f:a7:76:eb:97:4f:24:c2:3e:5a:bd:88:f5:f7:
be:25:8e:61:0b:4f:4b:6b:49:02:6b:57:31:0e:46:41:73:0f:
b4:0e:92:79:fe:a7:a1:9a:dc:b7:55:ac:a5:cf:2c:1d:02:02:
4e:31:29:17:67:18:1b:15:6a:cd:81:4b:fb:7f:cc:c1:6b:be:
d4:18:33:73:45:1b:3b:e9:ad:8f:dd:6f:01:0f:f2:f2:c1:76:
ee:57:15:fe:3f:bc:85:9f:29:da:60:c3:aa:5d:fa:0c:cf:d2:
f1:bc:d8:e2:63:aa:0f:22:b1:49:b0:62:ce:3f:7e:09:23:ce:
c7:f5:a7:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpnbDg68oevRlav9qCldcNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MjIxNzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2U5NzgxMzU4MDlkOTk4MzYxNjNlNWE0YTFiZGY4YjliYjU4OTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNLJGIL+ezjP/Wo/eqIlz3fCAvDn
xhy9w4lSdqWoqq6uIkEZVbxI80NhB2dlv98/eZhUTYDqvTo1dnDdFMgsAUY09KUv
bKsjz55w/HhsZ4SyeCdj6MiqS/YFLMbxZ5RWnnYTK1uImStT98tS3YjV+Fty1Zkp
5XR5QKy071twRswDsPKkTggeJ4h/t09LbP/onGIoiSp75d/VHOn5j0dC6bySpjoN
C4z9H21vvj1kakpozjEyx5Sla8D2JeXbE0vwvgEem4hg7JArLMyNE5flDWjdutHQ
yuGjpgMAHZfg9+BBi7FftK6irqTuEB/YDbtUQzww5QDcUJSRKBnVqlrWQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNPpeBNYCdmYNhY+Wkob34ubtYlhMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMC1sNEUxZ0oyWmcyRmo1YVNodmZpNXUxaVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEfHbHs4zMJ4cfnhgjsg
EO0RpGz6gfGYlt1/7+KhnAgCuxPYIM6h+/YOqtTzG50jvmGbZaI615yKeREkXOfJ
JKZq9eAD0tABpck/3p4OugldZNTnjGmbPzu8i0KqV4qTGCKL3YMwfo5Db85QmQv9
zmky3qDjTbwK83JP2cW1l841TzUPp3brl08kwj5avYj1974ljmELT0trSQJrVzEO
RkFzD7QOknn+p6Ga3LdVrKXPLB0CAk4xKRdnGBsVas2BS/t/zMFrvtQYM3NFGzvp
rY/dbwEP8vLBdu5XFf4/vIWfKdpgw6pd+gzP0vG82OJjqg8isUmwYs4/fgkjzsf1
pzY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:00:03 2025 by rpki-client