Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0oL4pbZm39GAO6RBiT0sHroYHjE.roa
File: 0oL4pbZm39GAO6RBiT0sHroYHjE.roa (raw, json)
Hash identifier: P0hbFCFOsmU+V4PDJVBCEzPUwALxurIsvfBkg/dyMFc=
Subject key identifier: D2:82:F8:A5:B6:66:DF:D1:80:3B:A4:41:89:3D:2C:1E:BA:18:1E:31
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A46CEFC19B4225C29DB29173CA3705049
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0oL4pbZm39GAO6RBiT0sHroYHjE.roa
Signing time: Wed 30 Aug 2023 14:18:04 +0000
ROA not before: Wed 30 Aug 2023 14:18:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:ce:fc:19:b4:22:5c:29:db:29:17:3c:a3:70:50:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 14:18:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d282f8a5b666dfd1803ba441893d2c1eba181e31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cd:58:22:ea:48:c3:cb:53:b3:d4:bd:20:14:
77:ef:93:2d:35:03:b8:56:64:3a:7e:01:a6:9b:3a:
2e:9a:aa:71:f4:39:fd:3f:b2:c0:00:79:cb:71:6d:
69:b5:21:16:02:eb:a3:d1:79:13:2b:c9:d5:4c:c3:
87:b5:b2:ab:f1:1e:ea:c4:03:e2:e2:46:2e:5e:60:
41:d2:5b:c4:95:57:a4:98:b3:7f:f2:de:f8:8b:15:
b4:33:ab:1a:eb:1d:77:9c:a9:82:0a:7a:23:52:00:
0a:26:88:b9:69:5c:d9:5d:a9:02:c1:3e:d1:ce:a0:
79:60:32:99:03:47:b5:73:e4:c0:aa:b8:58:53:0f:
f1:9c:15:1b:a9:c0:c1:c9:4e:37:eb:77:5d:78:eb:
bd:05:ac:0f:cd:7a:0b:4d:f3:f3:c3:7e:05:32:12:
39:14:7f:ae:4f:46:32:a0:91:fa:95:a9:f8:92:f4:
14:8c:d5:78:88:97:0e:1d:9e:08:9e:b3:f7:6e:11:
8f:d9:82:2a:69:01:a6:91:48:fb:b2:84:83:dc:91:
71:50:d7:18:f0:c1:54:c9:55:24:6d:2b:73:51:74:
10:27:97:74:09:0a:c4:df:f7:44:15:1b:2e:cf:c4:
00:7c:f0:58:10:13:f0:60:60:67:4b:79:cc:5c:d8:
c3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:82:F8:A5:B6:66:DF:D1:80:3B:A4:41:89:3D:2C:1E:BA:18:1E:31
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0oL4pbZm39GAO6RBiT0sHroYHjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:d6:37:04:5d:1e:d5:3a:c4:60:1f:50:b3:61:7d:a2:ea:70:
0e:22:b8:93:cd:d1:87:ea:4e:5a:ea:a7:bf:fe:13:0d:86:58:
21:5f:b8:f4:4b:7e:6e:2a:64:15:2a:7a:69:75:2b:66:81:48:
68:b2:e8:a7:e7:6d:f9:1e:84:1b:4d:ab:1d:89:b5:c6:d4:8c:
6f:94:f5:bb:4b:99:06:12:1c:21:bd:b4:84:0f:2b:5a:09:88:
93:67:80:b6:ba:98:d5:c8:40:af:36:ad:dd:55:20:28:92:32:
f7:60:46:67:a7:7b:be:33:f6:8b:f1:61:3c:77:8c:f8:80:fd:
48:75:17:dd:96:da:11:f8:41:19:38:41:38:1c:0d:71:49:41:
dd:3a:b9:33:88:cd:c2:d8:02:21:98:70:63:b8:a4:18:19:94:
23:6b:3c:cb:ee:82:25:ef:4d:c6:c7:03:4e:28:01:64:97:3f:
d3:3a:f8:84:a9:1d:2d:c1:bb:29:82:99:41:29:25:92:99:21:
06:f5:c8:b1:97:6b:43:38:1f:6a:b0:b5:79:35:ab:af:a4:2a:
04:f3:50:c6:02:03:c2:74:ae:36:64:ac:2c:da:b5:7d:d8:9e:
0c:df:25:f4:f7:4a:92:90:e4:a7:5c:90:0f:05:02:44:60:4d:
dc:de:d0:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpGzvwZtCJcKdspFzyjcFBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMTQxODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjgyZjhhNWI2NjZkZmQxODAzYmE0NDE4OTNkMmMxZWJhMTgxZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjM1YIupIw8tTs9S9IBR375MtNQO4
VmQ6fgGmmzoumqpx9Dn9P7LAAHnLcW1ptSEWAuuj0XkTK8nVTMOHtbKr8R7qxAPi
4kYuXmBB0lvElVekmLN/8t74ixW0M6sa6x13nKmCCnojUgAKJoi5aVzZXakCwT7R
zqB5YDKZA0e1c+TAqrhYUw/xnBUbqcDByU4363ddeOu9BawPzXoLTfPzw34FMhI5
FH+uT0YyoJH6lan4kvQUjNV4iJcOHZ4InrP3bhGP2YIqaQGmkUj7soSD3JFxUNcY
8MFUyVUkbStzUXQQJ5d0CQrE3/dEFRsuz8QAfPBYEBPwYGBnS3nMXNjDdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNKC+KW2Zt/RgDukQYk9LB66GB4xMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMG9MNHBiWm0zOUdBTzZSQmlUMHNIcm9ZSGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADfWNwRdHtU6xGAfULNh
faLqcA4iuJPN0YfqTlrqp7/+Ew2GWCFfuPRLfm4qZBUqeml1K2aBSGiy6Kfnbfke
hBtNqx2JtcbUjG+U9btLmQYSHCG9tIQPK1oJiJNngLa6mNXIQK82rd1VICiSMvdg
Rmene74z9ovxYTx3jPiA/Uh1F92W2hH4QRk4QTgcDXFJQd06uTOIzcLYAiGYcGO4
pBgZlCNrPMvugiXvTcbHA04oAWSXP9M6+ISpHS3BuymCmUEpJZKZIQb1yLGXa0M4
H2qwtXk1q6+kKgTzUMYCA8J0rjZkrCzatX3YngzfJfT3SpKQ5KdckA8FAkRgTdze
0NA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:48 2025 by rpki-client