Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0xsCbN-KW7t96xbTUN5jfmt_RZA.roa
File: 0xsCbN-KW7t96xbTUN5jfmt_RZA.roa (raw, json)
Hash identifier: mLDoch2zuC4jJEOq4hklyVK0iBtoCx/PvgigFvojQGg=
Subject key identifier: D3:1B:02:6C:DF:8A:5B:BB:7D:EB:16:D3:50:DE:63:7E:6B:7F:45:90
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8272215DA52217F42DBF8FDB6EDC00C3
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0xsCbN-KW7t96xbTUN5jfmt_RZA.roa
Signing time: Mon 11 Sep 2023 04:13:52 +0000
ROA not before: Mon 11 Sep 2023 04:13:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:82:72:21:5d:a5:22:17:f4:2d:bf:8f:db:6e:dc:00:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 04:13:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d31b026cdf8a5bbb7deb16d350de637e6b7f4590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5c:4e:eb:30:b4:f4:d7:b1:4d:26:ea:9b:a3:
96:71:37:5c:49:e9:b2:ca:2f:6a:55:b5:99:e8:0e:
dd:68:b5:03:31:38:f4:20:19:08:5a:10:49:9a:f5:
9a:a8:ec:67:a7:b5:5b:df:8e:b2:cf:4b:f0:c0:a2:
5c:da:71:86:05:91:b9:1e:a0:8b:c2:b4:35:76:ca:
8e:7a:19:cb:8a:a2:d8:a0:3a:b1:59:59:21:82:97:
9b:63:4b:e3:98:a4:d2:0a:b9:90:2d:11:37:c4:4a:
83:ba:57:5e:2e:c2:53:86:1f:14:ff:e1:a3:de:4f:
88:d2:cd:55:dd:a4:47:55:f2:90:d8:6b:8b:d2:2e:
fc:c5:ac:a1:91:67:5d:05:b4:59:ab:0d:f4:de:8d:
0e:bf:9a:06:f7:ca:11:44:a0:e6:99:a1:9e:a2:5f:
23:1f:1c:55:c6:24:b7:ca:1c:34:a2:31:69:5e:9c:
41:1d:30:e2:0f:90:65:4b:96:9b:f5:93:a8:8d:a2:
79:5d:2e:ec:32:c5:f3:e4:31:16:09:a1:3b:bb:a2:
29:89:e1:d4:ae:ae:24:d5:d7:66:f4:4a:31:3a:5d:
e5:20:79:72:7b:b0:75:3e:bb:65:1a:d0:dc:a4:43:
aa:5c:b6:f6:c9:53:d9:b5:ab:04:75:ad:44:cc:e3:
5b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:1B:02:6C:DF:8A:5B:BB:7D:EB:16:D3:50:DE:63:7E:6B:7F:45:90
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0xsCbN-KW7t96xbTUN5jfmt_RZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:56:0e:64:d0:49:8f:e7:d2:9e:83:c4:67:66:0f:b1:4f:30:
5f:0c:cf:5e:ab:c6:56:43:bd:3d:77:ae:09:56:86:b2:5d:b5:
79:fa:5f:5a:f7:0a:e7:d1:e7:62:f4:cf:27:32:b6:45:8d:45:
11:a0:6f:62:30:d0:54:ff:13:9e:ae:98:84:ff:70:c5:9d:19:
51:7e:f4:0e:14:00:bf:c2:f5:2c:d5:c9:0b:6d:59:2d:e0:11:
d9:ff:86:1e:9b:85:ee:77:67:be:71:00:4f:d2:c9:a4:ac:a5:
6d:ff:93:45:53:f5:6e:5a:e2:6b:a8:9b:52:1b:80:3c:14:93:
9c:f5:35:09:1b:6f:91:7f:bf:db:31:96:5d:1a:0f:4c:56:4f:
84:f1:a4:0e:89:54:8b:62:3c:15:de:bc:e3:2e:76:9d:7d:a1:
20:ca:49:3b:90:ce:1c:bb:d6:83:d0:e6:3b:94:86:66:03:00:
93:93:cd:1f:4a:1f:5f:69:a8:41:24:0a:25:0a:b3:57:3c:e6:
cf:00:eb:52:fb:b9:c1:b1:75:a4:16:78:34:6f:62:77:5d:89:
e3:61:98:6d:88:6b:8e:7e:fa:69:f6:7a:05:fe:5c:79:af:19:
d0:96:58:06:f5:0a:86:1c:42:f3:15:79:4b:d6:cd:8e:98:00:
15:af:d8:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqCciFdpSIX9C2/j9tu3ADDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMDQxMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzFiMDI2Y2RmOGE1YmJiN2RlYjE2ZDM1MGRlNjM3ZTZiN2Y0NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVxO6zC09NexTSbqm6OWcTdcSemy
yi9qVbWZ6A7daLUDMTj0IBkIWhBJmvWaqOxnp7Vb346yz0vwwKJc2nGGBZG5HqCL
wrQ1dsqOehnLiqLYoDqxWVkhgpebY0vjmKTSCrmQLRE3xEqDuldeLsJThh8U/+Gj
3k+I0s1V3aRHVfKQ2GuL0i78xayhkWddBbRZqw303o0Ov5oG98oRRKDmmaGeol8j
HxxVxiS3yhw0ojFpXpxBHTDiD5BlS5ab9ZOojaJ5XS7sMsXz5DEWCaE7u6IpieHU
rq4k1ddm9EoxOl3lIHlye7B1PrtlGtDcpEOqXLb2yVPZtasEda1EzONb5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNMbAmzfilu7fesW01DeY35rf0WQMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMHhzQ2JOLUtXN3Q5NnhiVFVONWpmbXRfUlpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHhWDmTQSY/n0p6DxGdm
D7FPMF8Mz16rxlZDvT13rglWhrJdtXn6X1r3CufR52L0zycytkWNRRGgb2Iw0FT/
E56umIT/cMWdGVF+9A4UAL/C9SzVyQttWS3gEdn/hh6bhe53Z75xAE/SyaSspW3/
k0VT9W5a4muom1IbgDwUk5z1NQkbb5F/v9sxll0aD0xWT4TxpA6JVItiPBXevOMu
dp19oSDKSTuQzhy71oPQ5juUhmYDAJOTzR9KH19pqEEkCiUKs1c85s8A61L7ucGx
daQWeDRvYnddieNhmG2Ia45++mn2egX+XHmvGdCWWAb1CoYcQvMVeUvWzY6YABWv
2Cw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:17 2025 by rpki-client