Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1NUmhNRxmKgFrvOC7ZARF2uWuc0.roa
File: 1NUmhNRxmKgFrvOC7ZARF2uWuc0.roa (raw, json)
Hash identifier: d6OaARAFM+gTr4ymOoAp31FeIJg55BJdePbWdbFNK+4=
Subject key identifier: D4:D5:26:84:D4:71:98:A8:05:AE:F3:82:ED:90:11:17:6B:96:B9:CD
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6D9FF5F37BF71EDC1B5F14CB11CA9990
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1NUmhNRxmKgFrvOC7ZARF2uWuc0.roa
Signing time: Thu 07 Sep 2023 03:11:54 +0000
ROA not before: Thu 07 Sep 2023 03:11:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6d:9f:f5:f3:7b:f7:1e:dc:1b:5f:14:cb:11:ca:99:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 7 03:11:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4d52684d47198a805aef382ed9011176b96b9cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:69:6e:7f:7f:e6:df:60:79:d6:66:0f:e8:d2:
cf:e2:08:6d:44:9e:1f:e2:87:7f:bd:2a:ba:24:96:
15:ba:90:f6:0d:ea:7e:74:00:70:d8:70:7b:75:f4:
d6:00:0b:7a:85:5f:4e:c2:5a:59:c5:68:e1:50:b0:
bd:4d:ff:95:ec:57:b7:93:72:ea:a3:09:0c:37:fe:
30:ce:1a:26:44:56:53:9b:18:31:0e:77:09:22:40:
9a:df:34:53:43:0c:06:86:bf:ac:ef:4c:bd:52:72:
af:3a:0e:f8:b4:2b:a0:54:44:1b:ba:a9:95:d9:8a:
49:cc:28:de:48:1b:7c:1f:df:c4:c3:e8:e6:fd:3d:
e7:ee:ba:a7:c0:91:21:f4:f9:ea:e3:56:83:49:b7:
12:e9:9b:2c:5f:ad:d0:01:2c:2e:55:98:ad:64:1c:
03:fb:9c:7b:22:f5:d9:33:5d:8b:bc:f2:9e:cb:80:
bf:b7:ea:98:e0:4d:e1:f4:b6:7a:12:c8:8a:d8:89:
05:48:f5:bc:9c:53:58:48:45:78:27:ce:29:8b:2f:
2f:27:f0:9c:1d:c6:52:8f:67:18:2f:08:4d:0b:4d:
bd:76:1a:22:d3:0c:e4:e2:9f:f6:b0:ac:6c:69:6f:
b4:d6:7c:53:ac:38:b2:4d:9e:f2:53:d3:48:10:94:
21:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D5:26:84:D4:71:98:A8:05:AE:F3:82:ED:90:11:17:6B:96:B9:CD
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1NUmhNRxmKgFrvOC7ZARF2uWuc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:51:05:26:f1:a0:ca:eb:c6:45:0f:dc:c2:91:b1:3d:23:60:
ca:54:af:17:47:0f:23:dc:2b:5c:9d:f1:c1:8a:b7:d8:0a:03:
c9:2f:04:59:b9:40:3d:e4:89:d2:f0:72:ea:5c:55:a9:cc:a7:
08:67:03:d6:0f:f9:1d:04:f2:77:f9:83:59:2e:7f:da:7d:9d:
07:ba:e9:e8:99:ad:da:99:00:4e:10:34:09:ab:b2:93:09:75:
09:1f:2a:17:6f:b2:0c:c8:9a:6b:5c:1d:cd:e0:9a:e2:51:74:
c7:b8:9f:e4:d7:f2:09:68:77:6d:3a:1f:0e:cd:da:81:27:3f:
94:27:a1:d4:ae:3b:46:25:fd:8b:82:d1:37:43:6e:44:ef:f3:
b3:36:6a:e7:5e:18:bc:01:64:a5:ba:69:1f:47:ad:28:4c:71:
ed:45:39:04:69:48:b3:47:9a:5a:3b:d2:b5:35:3e:e1:6d:fd:
f7:c1:21:b6:4f:b4:5c:88:03:6c:51:c3:d4:29:cc:c2:2f:e2:
cc:5d:7b:ef:0e:3e:0b:a4:0d:6e:58:31:fe:55:e6:fe:61:ec:
fe:89:3d:94:d0:d3:ab:5a:d1:8f:2d:9b:f7:d7:b6:bc:2d:17:
b0:4e:67:c5:92:d9:11:2c:72:37:4a:87:b7:7a:2a:f4:67:da:
7c:42:ab:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYptn/Xze/ce3BtfFMsRypmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA3MDMxMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQ1MjY4NGQ0NzE5OGE4MDVhZWYzODJlZDkwMTExNzZiOTZiOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGluf3/m32B51mYP6NLP4ghtRJ4f
4od/vSq6JJYVupD2Dep+dABw2HB7dfTWAAt6hV9OwlpZxWjhULC9Tf+V7Fe3k3Lq
owkMN/4wzhomRFZTmxgxDncJIkCa3zRTQwwGhr+s70y9UnKvOg74tCugVEQbuqmV
2YpJzCjeSBt8H9/Ew+jm/T3n7rqnwJEh9Pnq41aDSbcS6ZssX63QASwuVZitZBwD
+5x7IvXZM12LvPKey4C/t+qY4E3h9LZ6EsiK2IkFSPW8nFNYSEV4J84piy8vJ/Cc
HcZSj2cYLwhNC029dhoi0wzk4p/2sKxsaW+01nxTrDiyTZ7yU9NIEJQhfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNTVJoTUcZioBa7zgu2QERdrlrnNMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMU5VbWhOUnhtS2dGcnZPQzdaQVJGMnVXdWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGhRBSbxoMrrxkUP3MKR
sT0jYMpUrxdHDyPcK1yd8cGKt9gKA8kvBFm5QD3kidLwcupcVanMpwhnA9YP+R0E
8nf5g1kuf9p9nQe66eiZrdqZAE4QNAmrspMJdQkfKhdvsgzImmtcHc3gmuJRdMe4
n+TX8glod206Hw7N2oEnP5QnodSuO0Yl/YuC0TdDbkTv87M2audeGLwBZKW6aR9H
rShMce1FOQRpSLNHmlo70rU1PuFt/ffBIbZPtFyIA2xRw9QpzMIv4sxde+8OPguk
DW5YMf5V5v5h7P6JPZTQ06ta0Y8tm/fXtrwtF7BOZ8WS2REscjdKh7d6KvRn2nxC
qws=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:43 2025 by rpki-client