Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1-aRTiyrhlDBBhjldoO5Ihb2l8qw.roa
File: 1-aRTiyrhlDBBhjldoO5Ihb2l8qw.roa (raw, json)
Hash identifier: tp+O/qckyIi6NfegaA68Spebg3a8W2aYA/BhSchVKhw=
Subject key identifier: F9:A4:53:8B:2A:E1:94:30:41:86:39:5D:A0:EE:48:85:BD:A5:F2:AC
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A924ACCC1A6EC140DB2FBEAF1CC074215
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1-aRTiyrhlDBBhjldoO5Ihb2l8qw.roa
Signing time: Thu 14 Sep 2023 06:04:50 +0000
ROA not before: Thu 14 Sep 2023 06:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:924a:51c7/128 maxlen: 128
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:92:4a:cc:c1:a6:ec:14:0d:b2:fb:ea:f1:cc:07:42:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 14 06:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9a4538b2ae194304186395da0ee4885bda5f2ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3a:a4:bb:df:92:13:6a:0c:0b:b0:3b:27:08:
27:f2:56:43:2f:7e:c8:4f:72:b0:8c:80:f3:15:ce:
f5:ae:d2:a0:78:d9:25:06:14:d2:ce:09:e7:f1:57:
4a:e4:bb:d0:09:9b:1c:a6:e7:b7:a9:08:90:96:36:
78:18:c4:4b:bb:ef:1b:16:e2:68:65:b9:76:75:79:
51:66:3d:23:6a:f7:e6:40:cf:33:c6:c8:31:48:b3:
78:8e:35:15:fd:44:92:bd:21:a2:7d:7b:a7:48:5c:
4a:e1:1c:97:1c:fc:7c:e8:71:e3:43:15:86:6a:1c:
d7:36:fb:cf:a5:c0:e3:a1:1e:de:69:4e:26:b7:7a:
b2:3a:6e:22:7b:ba:dd:25:9f:1c:6a:ea:09:6b:f0:
08:36:52:5d:aa:e6:48:6e:c4:dc:c4:c1:a0:7c:99:
ab:bb:99:17:ef:f3:b3:81:74:66:65:a9:35:d6:5f:
6a:ba:cc:c3:b0:26:7d:89:89:90:34:34:a7:63:b1:
59:04:9d:06:54:59:3e:35:17:6a:80:81:72:14:0e:
f0:a3:50:63:a6:ef:f9:c7:86:df:f7:fe:cc:25:1c:
48:a4:90:5e:b7:b4:97:c6:2c:eb:af:7f:42:86:91:
7b:3c:97:a8:1b:a4:60:41:76:c0:07:1c:1c:e3:46:
80:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A4:53:8B:2A:E1:94:30:41:86:39:5D:A0:EE:48:85:BD:A5:F2:AC
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1-aRTiyrhlDBBhjldoO5Ihb2l8qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:ce:a7:bc:d9:96:a6:2f:32:8b:ab:aa:c7:32:2c:ed:e1:aa:
8f:38:84:9a:b3:b0:5b:15:2b:73:78:f3:df:b0:3b:9b:eb:ac:
45:f4:c8:0d:05:da:49:a4:ed:47:9e:49:d1:ea:ff:29:c6:8b:
f8:c2:3f:3b:e4:4e:38:12:e8:5f:22:43:89:80:73:ce:2b:4d:
1d:a2:e7:6a:76:30:84:05:88:b8:2d:79:fa:15:07:c3:b3:b6:
f5:14:cf:31:51:21:76:41:e3:0c:66:5a:f6:63:8b:67:d3:67:
7b:8b:3d:71:24:e8:72:6c:74:4c:1e:77:d4:79:19:9e:97:0f:
5a:4c:9e:f1:03:9a:e9:41:d0:51:30:41:41:27:8f:24:d2:7b:
e6:87:47:b1:04:5b:4a:b6:a2:75:0e:27:db:17:f5:13:44:6d:
dc:49:49:72:be:dd:6d:9a:35:c7:bb:0e:c6:db:aa:bf:cf:f4:
f2:2f:a3:d1:b3:b2:a3:dd:e8:e6:e2:bf:fc:30:d2:cb:0a:5b:
24:b8:7e:fd:11:93:43:f6:80:6c:f9:67:41:40:42:af:b7:a9:
ad:60:7b:65:3c:e4:86:11:53:73:1f:a1:7a:87:9c:1a:7c:80:
fe:0d:10:2b:52:58:71:3c:ef:94:2e:b9:ba:9e:1e:7a:0f:d6:
88:64:64:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqSSszBpuwUDbL76vHMB0IVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE0MDYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWE0NTM4YjJhZTE5NDMwNDE4NjM5NWRhMGVlNDg4NWJkYTVmMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTqku9+SE2oMC7A7Jwgn8lZDL37I
T3KwjIDzFc71rtKgeNklBhTSzgnn8VdK5LvQCZscpue3qQiQljZ4GMRLu+8bFuJo
Zbl2dXlRZj0javfmQM8zxsgxSLN4jjUV/USSvSGifXunSFxK4RyXHPx86HHjQxWG
ahzXNvvPpcDjoR7eaU4mt3qyOm4ie7rdJZ8cauoJa/AINlJdquZIbsTcxMGgfJmr
u5kX7/OzgXRmZak11l9quszDsCZ9iYmQNDSnY7FZBJ0GVFk+NRdqgIFyFA7wo1Bj
pu/5x4bf9/7MJRxIpJBet7SXxizrr39ChpF7PJeoG6RgQXbABxwc40aAZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPmkU4sq4ZQwQYY5XaDuSIW9pfKsMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMS1hUlRpeXJobERCQmhqbGRvTzVJaGIybDhxdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvOGJmOWM1LTFkMjItNDM5ZS1iMGJkLTgzZmNkMjI1NDgy
YS8xL3FoOFV5RkIwV253eExxTHJDLUF3VXVTV2NuVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQArzqe82ZamLzKLq6rH
Mizt4aqPOISas7BbFStzePPfsDub66xF9MgNBdpJpO1HnknR6v8pxov4wj875E44
EuhfIkOJgHPOK00doudqdjCEBYi4LXn6FQfDs7b1FM8xUSF2QeMMZlr2Y4tn02d7
iz1xJOhybHRMHnfUeRmelw9aTJ7xA5rpQdBRMEFBJ48k0nvmh0exBFtKtqJ1Difb
F/UTRG3cSUlyvt1tmjXHuw7G26q/z/TyL6PRs7Kj3ejm4r/8MNLLClskuH79EZND
9oBs+WdBQEKvt6mtYHtlPOSGEVNzH6F6h5wafID+DRArUlhxPO+ULrm6nh56D9aI
ZGTz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:59 2025 by rpki-client