Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1RjA090DRz0v8aF9F7LzZ7OkF2M.roa
File: 1RjA090DRz0v8aF9F7LzZ7OkF2M.roa (raw, json)
Hash identifier: c3Mlz7b27+1EWc/Td3et4h+QG88UFe1CDa2lthBKCXA=
Subject key identifier: D5:18:C0:D3:DD:03:47:3D:2F:F1:A1:7D:17:B2:F3:67:B3:A4:17:63
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7CD5AB2308547223D5DD64A2E697399A
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1RjA090DRz0v8aF9F7LzZ7OkF2M.roa
Signing time: Sun 10 Sep 2023 02:04:52 +0000
ROA not before: Sun 10 Sep 2023 02:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:7cd5:2167/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7c:d5:ab:23:08:54:72:23:d5:dd:64:a2:e6:97:39:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 10 02:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d518c0d3dd03473d2ff1a17d17b2f367b3a41763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:08:eb:83:0f:8f:cf:3e:5e:8b:34:bd:9f:84:
11:59:1c:35:7d:56:75:3a:91:5e:63:21:d8:9e:ba:
0e:29:fd:1a:04:d2:19:15:4b:a1:96:73:73:22:0f:
5a:18:42:be:7d:90:37:b3:32:f4:e9:de:52:34:cd:
41:e6:bc:b7:67:02:a2:ef:24:a3:00:0d:7d:08:ad:
0b:78:3c:fa:60:4b:95:b0:04:b2:1d:bf:48:66:62:
cb:34:84:84:5b:19:c5:0b:c5:58:71:a2:a4:74:22:
2f:9c:c6:17:dc:83:ce:59:0b:07:2a:22:8a:7b:1d:
79:a3:c3:ed:14:56:a3:a6:25:15:ee:c0:cc:65:05:
94:88:a0:a6:34:0a:d3:19:fa:17:c8:4a:9a:b7:95:
75:f5:bf:f0:48:95:d0:a8:4c:8b:84:df:a9:ab:f7:
16:82:ad:c7:99:08:10:bc:09:d9:3e:63:0d:27:37:
49:05:01:4d:5e:d7:e9:b4:08:7c:a1:9b:87:77:4c:
26:b7:b7:91:ea:88:b3:39:88:c1:f8:5c:0e:ef:2b:
97:73:33:2d:c2:8a:d0:d4:48:90:22:d5:1f:2e:a0:
48:4a:9e:83:df:f2:8a:62:ab:b7:e8:85:ce:f2:8c:
a1:bd:86:82:98:1a:ac:fa:e4:3b:6b:04:ad:f5:4a:
71:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:18:C0:D3:DD:03:47:3D:2F:F1:A1:7D:17:B2:F3:67:B3:A4:17:63
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1RjA090DRz0v8aF9F7LzZ7OkF2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:19:76:ac:0c:09:5a:47:d5:7a:1b:2c:10:b7:0e:6a:fa:d7:
26:5f:33:71:f5:31:37:d9:0d:64:ca:72:9a:f7:00:26:44:b2:
d7:79:f8:5d:1c:98:0a:b1:7a:b2:f7:a3:2a:9d:e1:3f:9b:6d:
ef:f7:c0:96:f1:90:7c:5f:2f:fa:2c:15:50:48:29:28:0c:eb:
4a:35:15:99:ff:c7:1f:1d:d5:a2:ab:a9:2c:e9:c0:f5:8b:0d:
0f:60:7e:b1:d5:6c:fb:29:fa:4b:ff:8f:a9:23:71:5d:2b:3a:
74:84:7f:0f:a6:3f:8c:a7:d7:28:b9:5e:09:9c:60:ee:5e:91:
0c:80:1d:9c:50:af:aa:bc:d2:40:a7:66:02:63:a5:3e:af:69:
83:88:23:3c:9d:f7:8e:a6:e0:32:8c:5b:70:08:88:07:cc:f3:
12:80:93:1c:fa:e1:a1:00:f6:1d:31:89:67:5b:d4:08:b3:33:
53:33:d7:96:56:ad:1b:47:1f:e8:f6:5c:88:25:e5:4e:34:ab:
6b:68:98:0a:0f:05:29:57:cd:70:71:c1:f4:2f:0d:05:e8:52:
c1:36:c1:47:ad:9c:cd:e9:0c:f1:8e:91:50:69:b5:47:7e:5e:
a5:ec:33:f0:63:32:82:46:c1:c6:c0:9a:85:50:b2:70:a0:0b:
2a:79:3d:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp81asjCFRyI9XdZKLmlzmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEwMDIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTE4YzBkM2RkMDM0NzNkMmZmMWExN2QxN2IyZjM2N2IzYTQxNzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigjrgw+Pzz5eizS9n4QRWRw1fVZ1
OpFeYyHYnroOKf0aBNIZFUuhlnNzIg9aGEK+fZA3szL06d5SNM1B5ry3ZwKi7ySj
AA19CK0LeDz6YEuVsASyHb9IZmLLNISEWxnFC8VYcaKkdCIvnMYX3IPOWQsHKiKK
ex15o8PtFFajpiUV7sDMZQWUiKCmNArTGfoXyEqat5V19b/wSJXQqEyLhN+pq/cW
gq3HmQgQvAnZPmMNJzdJBQFNXtfptAh8oZuHd0wmt7eR6oizOYjB+FwO7yuXczMt
worQ1EiQItUfLqBISp6D3/KKYqu36IXO8oyhvYaCmBqs+uQ7awSt9UpxxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNUYwNPdA0c9L/GhfRey82ezpBdjMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMVJqQTA5MERSejB2OGFGOUY3THpaN09rRjJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGEZdqwMCVpH1XobLBC3
Dmr61yZfM3H1MTfZDWTKcpr3ACZEstd5+F0cmAqxerL3oyqd4T+bbe/3wJbxkHxf
L/osFVBIKSgM60o1FZn/xx8d1aKrqSzpwPWLDQ9gfrHVbPsp+kv/j6kjcV0rOnSE
fw+mP4yn1yi5XgmcYO5ekQyAHZxQr6q80kCnZgJjpT6vaYOIIzyd946m4DKMW3AI
iAfM8xKAkxz64aEA9h0xiWdb1AizM1Mz15ZWrRtHH+j2XIgl5U40q2tomAoPBSlX
zXBxwfQvDQXoUsE2wUetnM3pDPGOkVBptUd+XqXsM/BjMoJGwcbAmoVQsnCgCyp5
PeA=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:40:21 2025 by rpki-client