Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0S78A0Ynl01AdQug-AIZju0YybI.roa
File: 0S78A0Ynl01AdQug-AIZju0YybI.roa (raw, json)
Hash identifier: +4OxaO3dRxi3VT12/IfnLvwMa+pKqDSKpGwe3L1z1WE=
Subject key identifier: D1:2E:FC:03:46:27:97:4D:40:75:0B:A0:F8:02:19:8E:ED:18:C9:B2
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9E590A6EF1576CEF467BF73148968862
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0S78A0Ynl01AdQug-AIZju0YybI.roa
Signing time: Sat 16 Sep 2023 14:15:50 +0000
ROA not before: Sat 16 Sep 2023 14:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9e:59:0a:6e:f1:57:6c:ef:46:7b:f7:31:48:96:88:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 16 14:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d12efc034627974d40750ba0f802198eed18c9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:de:19:0f:6b:e8:02:cd:19:cc:db:75:6c:54:
cb:df:77:d7:3c:cc:d1:80:60:da:33:24:7d:5e:a1:
a1:17:fe:87:ba:a0:d1:19:9b:2c:07:12:0a:3f:e0:
f6:0b:c1:fa:b7:59:25:aa:89:87:a5:59:3a:65:27:
d3:bc:19:f5:88:53:a7:9e:c3:98:75:4f:67:2c:1f:
97:8a:5a:d4:32:5e:9f:83:22:7d:71:e0:8d:06:1e:
b4:ee:ea:ba:16:22:31:a8:0e:4b:1d:23:04:af:5b:
19:d2:ee:fd:a6:cb:0e:7c:06:be:81:04:5e:61:0e:
4b:36:5c:0c:73:8f:32:ef:89:5b:1c:85:29:9e:86:
ea:77:b3:f2:fe:db:ea:4c:37:93:42:4b:93:a5:f8:
5e:64:58:2d:18:7a:72:eb:25:40:7d:2f:86:ba:33:
b6:70:48:e6:ae:39:8c:9d:04:c3:a9:db:c2:bb:49:
3b:3b:99:a9:a6:2b:eb:71:f4:08:2d:c7:60:b4:0e:
3c:ef:4e:3f:1a:57:1a:af:b4:a8:81:9c:ea:ce:ac:
ff:a7:26:fe:65:79:ba:4e:70:94:d8:03:da:e6:72:
c2:9f:7c:e8:74:e7:d5:bd:78:26:49:8e:62:4d:e6:
e7:42:85:8b:a2:ca:9c:f8:9b:32:07:39:4d:0b:67:
96:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2E:FC:03:46:27:97:4D:40:75:0B:A0:F8:02:19:8E:ED:18:C9:B2
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0S78A0Ynl01AdQug-AIZju0YybI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:e7:81:4f:21:88:8b:e4:f8:2a:1a:54:3c:05:93:52:03:01:
02:58:57:b1:4b:68:27:f1:14:1b:12:a0:cf:38:18:b0:ec:79:
6a:52:d1:cb:5c:39:2a:4e:0a:3f:f2:6a:91:16:2b:29:e2:35:
66:55:c1:92:38:fd:a7:27:9a:d2:7c:47:66:60:16:e7:8c:c2:
d6:d7:75:df:99:4b:b8:51:99:b2:1e:f3:53:6b:c9:2b:29:86:
60:d2:59:03:7a:10:83:bf:98:e5:e6:82:bb:9c:fd:7f:0c:11:
82:a2:40:75:58:17:b2:bf:80:3a:9d:0d:9f:da:b1:bd:5a:a5:
ad:6b:e5:10:e1:48:9c:fb:a3:aa:04:a0:d0:99:66:3c:b9:90:
7b:c1:66:44:9a:26:2d:e5:67:57:e7:a3:da:a3:12:24:db:31:
bf:e1:a4:24:68:8a:a6:06:07:de:f5:dc:d3:8d:e9:a0:6b:56:
3c:b9:30:35:11:79:f4:d5:35:f8:a5:73:db:59:3f:8a:3d:32:
9e:1a:20:d1:a1:5f:03:ac:a5:c7:43:31:65:6d:e7:6f:f7:e3:
50:2f:a4:af:82:36:d9:f6:78:31:3a:2f:fa:c8:4c:53:dd:52:
1a:d4:3b:26:ca:cd:34:f8:c0:fc:e7:a3:c6:42:7d:c2:ab:4c:
18:a9:19:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqeWQpu8Vds70Z79zFIlohiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE2MTQxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTJlZmMwMzQ2Mjc5NzRkNDA3NTBiYTBmODAyMTk4ZWVkMThjOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvd4ZD2voAs0ZzNt1bFTL33fXPMzR
gGDaMyR9XqGhF/6HuqDRGZssBxIKP+D2C8H6t1klqomHpVk6ZSfTvBn1iFOnnsOY
dU9nLB+XilrUMl6fgyJ9ceCNBh607uq6FiIxqA5LHSMEr1sZ0u79pssOfAa+gQRe
YQ5LNlwMc48y74lbHIUpnobqd7Py/tvqTDeTQkuTpfheZFgtGHpy6yVAfS+GujO2
cEjmrjmMnQTDqdvCu0k7O5mppivrcfQILcdgtA48704/Glcar7SogZzqzqz/pyb+
ZXm6TnCU2APa5nLCn3zodOfVvXgmSY5iTebnQoWLosqc+JsyBzlNC2eWTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNEu/ANGJ5dNQHULoPgCGY7tGMmyMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMFM3OEEwWW5sMDFBZFF1Zy1BSVpqdTBZeWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGbngU8hiIvk+CoaVDwF
k1IDAQJYV7FLaCfxFBsSoM84GLDseWpS0ctcOSpOCj/yapEWKyniNWZVwZI4/acn
mtJ8R2ZgFueMwtbXdd+ZS7hRmbIe81NrySsphmDSWQN6EIO/mOXmgruc/X8MEYKi
QHVYF7K/gDqdDZ/asb1apa1r5RDhSJz7o6oEoNCZZjy5kHvBZkSaJi3lZ1fno9qj
EiTbMb/hpCRoiqYGB9713NON6aBrVjy5MDURefTVNfilc9tZP4o9Mp4aINGhXwOs
pcdDMWVt52/341AvpK+CNtn2eDE6L/rITFPdUhrUOybKzTT4wPzno8ZCfcKrTBip
GX8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:31 2025 by rpki-client