Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1PcB9LWTBCWJwGC_6_x1odHZEHI.roa
File: 1PcB9LWTBCWJwGC_6_x1odHZEHI.roa (raw, json)
Hash identifier: SQo4j0cgESYSyoGPzQF8NbDJbyJV9isre7B/jmn10TA=
Subject key identifier: D4:F7:01:F4:B5:93:04:25:89:C0:60:BF:EB:FC:75:A1:D1:D9:10:72
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA2331047DD7C9BFFA68544858A05A625
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1PcB9LWTBCWJwGC_6_x1odHZEHI.roa
Signing time: Sun 17 Sep 2023 08:12:50 +0000
ROA not before: Sun 17 Sep 2023 08:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a2:33:10:47:dd:7c:9b:ff:a6:85:44:85:8a:05:a6:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 08:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4f701f4b593042589c060bfebfc75a1d1d91072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a8:7b:67:85:67:10:4f:c3:c6:4f:76:9f:cf:
02:7e:02:87:40:9e:f9:1f:d8:b8:2f:f2:85:b9:8a:
58:c4:fe:f0:ba:b0:e2:b5:d3:9a:86:ca:f7:c8:28:
bb:ea:ff:1a:6c:35:6b:3b:dc:95:dc:e2:d1:a8:d6:
d9:3c:d8:c0:8f:91:e1:d0:db:02:6f:1d:6b:df:ae:
02:57:83:ed:07:06:08:43:c0:0d:e9:6d:8b:df:29:
25:e0:45:c5:6b:99:ec:5c:72:77:38:01:c0:07:cf:
0f:23:e9:e6:11:d1:25:39:74:65:a1:8c:e0:32:df:
8f:68:25:c2:d7:39:48:4b:94:44:e1:3d:91:2e:26:
c2:a2:a2:11:cd:cb:f6:55:50:d9:e2:a2:ad:8d:db:
b8:aa:48:11:d1:3d:26:d8:b6:01:4c:45:b9:93:01:
ff:90:f4:ea:f7:da:ce:4f:09:ee:0a:7e:23:a3:09:
5b:73:16:b1:d5:5f:27:f6:73:b6:95:b5:4d:cc:d5:
c2:88:f7:ad:f0:92:0d:de:83:c3:9e:e1:6d:dd:d2:
52:52:6a:c8:8b:11:63:df:bc:c8:cf:25:10:cc:0c:
70:99:ba:36:5f:e8:96:9c:c4:ef:5c:ca:ee:07:f3:
a3:ce:89:73:3a:fd:da:72:c5:21:04:5d:0d:ee:d1:
cd:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F7:01:F4:B5:93:04:25:89:C0:60:BF:EB:FC:75:A1:D1:D9:10:72
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1PcB9LWTBCWJwGC_6_x1odHZEHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:4a:b0:33:a6:2d:5b:5f:27:14:80:ef:08:ad:90:5e:48:88:
97:9d:da:96:ec:e9:78:52:22:a2:7b:b7:1e:91:0b:d6:39:53:
eb:57:82:28:4e:8a:f3:ac:e8:d0:93:6a:b3:ce:1b:bd:cf:1b:
7f:68:09:0f:ba:b4:e7:d4:31:fe:ce:f3:ed:33:ff:56:c8:fc:
71:d4:6a:ac:14:7a:0d:02:1e:0e:67:3a:0b:c2:3a:68:23:99:
70:33:13:d5:6d:b3:16:d4:c5:94:7d:7b:57:b6:fa:cd:31:29:
ed:20:f0:fc:05:e7:fa:3a:37:90:de:22:1b:33:75:ce:ab:8f:
b7:34:8e:e4:90:1f:91:7c:c0:d7:5d:05:fe:d5:34:01:59:0f:
7e:cb:0e:2b:1f:e6:c3:2a:e0:b1:80:13:04:3c:3b:03:2a:30:
1f:72:04:f6:98:53:2c:41:a4:65:14:5c:0b:52:67:46:2b:21:
23:14:e5:5f:ed:22:65:73:d3:85:70:0d:50:4d:8d:b9:90:c4:
f3:fa:f3:16:20:4f:45:03:08:16:98:b5:3b:fe:89:a5:75:7d:
53:57:ab:05:a0:a2:8c:7e:a5:81:24:0c:3c:df:e7:f2:f9:d2:
7d:c2:51:dc:c8:93:a0:b3:d9:38:17:4e:55:00:54:f0:b1:84:
b5:17:35:f7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqiMxBH3Xyb/6aFRIWKBaYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MDgxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGY3MDFmNGI1OTMwNDI1ODljMDYwYmZlYmZjNzVhMWQxZDkxMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6h7Z4VnEE/Dxk92n88CfgKHQJ75
H9i4L/KFuYpYxP7wurDitdOahsr3yCi76v8abDVrO9yV3OLRqNbZPNjAj5Hh0NsC
bx1r364CV4PtBwYIQ8AN6W2L3ykl4EXFa5nsXHJ3OAHAB88PI+nmEdElOXRloYzg
Mt+PaCXC1zlIS5RE4T2RLibCoqIRzcv2VVDZ4qKtjdu4qkgR0T0m2LYBTEW5kwH/
kPTq99rOTwnuCn4jowlbcxax1V8n9nO2lbVNzNXCiPet8JIN3oPDnuFt3dJSUmrI
ixFj37zIzyUQzAxwmbo2X+iWnMTvXMruB/OjzolzOv3acsUhBF0N7tHNOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNT3AfS1kwQlicBgv+v8daHR2RByMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMVBjQjlMV1RCQ1dKd0dDXzZfeDFvZEhaRUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI5KsDOmLVtfJxSA7wit
kF5IiJed2pbs6XhSIqJ7tx6RC9Y5U+tXgihOivOs6NCTarPOG73PG39oCQ+6tOfU
Mf7O8+0z/1bI/HHUaqwUeg0CHg5nOgvCOmgjmXAzE9VtsxbUxZR9e1e2+s0xKe0g
8PwF5/o6N5DeIhszdc6rj7c0juSQH5F8wNddBf7VNAFZD37LDisf5sMq4LGAEwQ8
OwMqMB9yBPaYUyxBpGUUXAtSZ0YrISMU5V/tImVz04VwDVBNjbmQxPP68xYgT0UD
CBaYtTv+iaV1fVNXqwWgoox+pYEkDDzf5/L50n3CUdzIk6Cz2TgXTlUAVPCxhLUX
Nfc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:17 2025 by rpki-client