Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1-sDZ1KdjSRI8Ha1LHO3W6OLEx0A.roa
File: 1-sDZ1KdjSRI8Ha1LHO3W6OLEx0A.roa (raw, json)
Hash identifier: g9HXZsjrrkWlaH7pW5I8pdCK4gI38xQ8eBWiav/0ajs=
Subject key identifier: FA:C0:D9:D4:A7:63:49:12:3C:1D:AD:4B:1C:ED:D6:E8:E2:C4:C7:40
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A601D6BB3D6BE17B5DCDF58E3B6848026
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1-sDZ1KdjSRI8Ha1LHO3W6OLEx0A.roa
Signing time: Mon 04 Sep 2023 12:14:15 +0000
ROA not before: Mon 04 Sep 2023 12:14:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:1d:6b:b3:d6:be:17:b5:dc:df:58:e3:b6:84:80:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 12:14:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fac0d9d4a76349123c1dad4b1cedd6e8e2c4c740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:db:8b:6d:e0:d4:74:ff:7f:b4:c1:b4:07:07:
0a:dc:d2:86:80:d3:27:ea:d1:ed:8c:d8:f6:64:53:
d5:50:8e:49:36:f8:f4:4b:d7:2b:de:d8:b3:48:99:
cb:51:06:72:11:d9:a5:e8:6c:4a:0e:de:f9:84:0f:
38:08:00:63:72:54:72:01:df:66:17:ac:fa:68:cc:
2f:29:99:96:de:b9:ab:b2:02:34:b3:48:ab:a7:88:
bd:74:45:8f:e8:9b:ed:3d:79:52:eb:73:14:f1:d5:
e9:af:5b:a2:46:71:fa:27:2c:57:17:b1:fa:c2:c9:
71:c0:ce:4b:e6:94:bb:2c:15:99:52:76:da:be:30:
cd:c2:42:89:d4:88:c0:2e:07:ea:a6:b4:20:70:aa:
c8:c1:b6:ea:6c:fd:2d:a5:f2:20:93:da:53:71:b9:
ba:61:f3:e7:e2:4e:15:af:ed:89:a2:66:0c:cd:6e:
d8:87:cc:48:4b:5d:8f:63:97:99:2d:31:ee:4c:f2:
d6:18:fd:b5:e8:36:c0:c3:3f:e8:6a:0e:9b:fb:ac:
ac:bd:ed:0c:44:38:36:87:8d:12:51:56:fa:59:2f:
60:15:41:a8:1c:9b:d5:5b:1f:1c:20:6d:cf:0a:d4:
d5:b4:bc:08:f4:a1:2c:48:16:cc:36:f0:26:85:82:
4d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C0:D9:D4:A7:63:49:12:3C:1D:AD:4B:1C:ED:D6:E8:E2:C4:C7:40
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1-sDZ1KdjSRI8Ha1LHO3W6OLEx0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:9a:0b:ba:40:70:1a:fe:15:28:45:38:62:c8:49:24:05:a2:
11:07:54:a0:98:61:1b:95:86:4e:74:4e:35:4f:d5:e0:9b:9d:
a5:b6:26:89:87:bf:76:d3:51:37:d5:c0:50:90:45:5a:ec:b6:
67:42:65:e9:c1:a7:05:0d:12:fc:69:bc:72:2d:51:98:14:0a:
1a:78:47:2f:a9:27:03:03:2e:1e:8a:bd:39:6d:7d:b2:d9:e6:
42:5e:c0:f1:06:cb:87:6e:24:ff:55:9a:9c:dd:60:e9:85:ed:
15:23:c5:73:80:6c:01:b2:93:23:06:95:40:41:73:de:8b:9b:
fe:8f:bf:34:20:63:ad:9c:9d:55:b2:09:ca:e6:73:9f:a2:f1:
e8:92:18:6d:09:9b:62:0a:26:0b:93:33:f1:56:84:27:79:0f:
cf:9c:2d:ea:94:de:38:66:db:c4:48:a0:86:2b:47:4c:16:72:
15:dc:ac:c4:c1:13:5a:1b:f0:1d:8f:59:9e:43:d8:9e:37:9d:
ac:5f:d4:bd:bf:e6:4a:2d:54:1c:f8:32:21:b9:58:b8:a5:89:
30:82:ad:ff:36:66:39:c1:2d:62:23:73:fb:5e:a0:ea:67:9b:
a3:7a:1c:0e:86:42:8e:0e:58:56:2e:28:53:40:bb:c6:a8:ef:
7c:f7:c7:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpgHWuz1r4XtdzfWOO2hIAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MTIxNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWMwZDlkNGE3NjM0OTEyM2MxZGFkNGIxY2VkZDZlOGUyYzRjNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtuLbeDUdP9/tMG0BwcK3NKGgNMn
6tHtjNj2ZFPVUI5JNvj0S9cr3tizSJnLUQZyEdml6GxKDt75hA84CABjclRyAd9m
F6z6aMwvKZmW3rmrsgI0s0irp4i9dEWP6JvtPXlS63MU8dXpr1uiRnH6JyxXF7H6
wslxwM5L5pS7LBWZUnbavjDNwkKJ1IjALgfqprQgcKrIwbbqbP0tpfIgk9pTcbm6
YfPn4k4Vr+2JomYMzW7Yh8xIS12PY5eZLTHuTPLWGP216DbAwz/oag6b+6ysve0M
RDg2h40SUVb6WS9gFUGoHJvVWx8cIG3PCtTVtLwI9KEsSBbMNvAmhYJN3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPrA2dSnY0kSPB2tSxzt1ujixMdAMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMS1zRFoxS2RqU1JJOEhhMUxITzNXNk9MRXgwQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvOGJmOWM1LTFkMjItNDM5ZS1iMGJkLTgzZmNkMjI1NDgy
YS8xL3FoOFV5RkIwV253eExxTHJDLUF3VXVTV2NuVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQAhmgu6QHAa/hUoRThi
yEkkBaIRB1SgmGEblYZOdE41T9Xgm52ltiaJh79201E31cBQkEVa7LZnQmXpwacF
DRL8abxyLVGYFAoaeEcvqScDAy4eir05bX2y2eZCXsDxBsuHbiT/VZqc3WDphe0V
I8VzgGwBspMjBpVAQXPei5v+j780IGOtnJ1VsgnK5nOfovHokhhtCZtiCiYLkzPx
VoQneQ/PnC3qlN44ZtvESKCGK0dMFnIV3KzEwRNaG/Adj1meQ9ieN52sX9S9v+ZK
LVQc+DIhuVi4pYkwgq3/NmY5wS1iI3P7XqDqZ5ujehwOhkKODlhWLihTQLvGqO98
98fz
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:38:33 2025 by rpki-client