Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2Nzo1XtsCu98OGn6veKoPcwfMA8.roa
File: 2Nzo1XtsCu98OGn6veKoPcwfMA8.roa (raw, json)
Hash identifier: 1587gmjPUTGKKfi+SlpsGw8WXZ97h8rr3HayMnuwNhE=
Subject key identifier: D8:DC:E8:D5:7B:6C:0A:EF:7C:38:69:FA:BD:E2:A8:3D:CC:1F:30:0F
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA375552E230565EBBF1D1DAFC6424FBC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2Nzo1XtsCu98OGn6veKoPcwfMA8.roa
Signing time: Sun 17 Sep 2023 14:04:50 +0000
ROA not before: Sun 17 Sep 2023 14:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:a374:e25a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a3:75:55:2e:23:05:65:eb:bf:1d:1d:af:c6:42:4f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 14:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8dce8d57b6c0aef7c3869fabde2a83dcc1f300f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:11:02:fa:b1:4b:98:a5:6c:92:59:eb:11:52:
e5:23:d6:a4:b1:24:5b:1a:54:fc:40:90:5c:f2:7f:
72:bc:d6:8b:60:e3:5d:03:b9:1e:54:c6:74:d8:3d:
f1:f4:d7:7c:df:ec:f7:34:48:f1:d6:73:09:7b:49:
10:ad:9a:b9:8e:1f:4a:09:80:fc:97:ba:78:ba:f0:
79:8d:05:3e:ee:10:43:92:62:44:f8:0e:05:d9:e1:
b3:84:58:03:15:19:15:e4:c0:7f:27:57:3e:36:72:
3b:2f:63:b4:0a:9e:44:c5:7e:91:93:a3:ec:42:40:
59:bd:4e:eb:a2:f7:63:0c:42:09:01:08:9d:8e:06:
c6:1e:5d:ee:69:f0:80:dd:d1:8a:59:98:20:83:b1:
05:0d:72:21:65:bf:f0:4a:c7:b7:1a:fd:84:0a:85:
07:ba:a9:a8:7b:a2:bf:93:62:22:6d:c5:4e:f7:04:
08:4d:8f:75:a0:22:89:34:0c:fe:d0:ab:3d:a2:86:
c4:9c:4b:17:2d:90:1d:16:d6:62:5a:76:fc:bf:c6:
33:af:8a:08:d8:f8:73:cf:af:6b:ac:1a:ad:61:0c:
87:3f:22:3a:7c:1d:c7:a2:b7:0f:5e:bf:10:da:7b:
69:f0:be:48:25:02:1b:4f:c8:8e:6f:90:79:16:5d:
6c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DC:E8:D5:7B:6C:0A:EF:7C:38:69:FA:BD:E2:A8:3D:CC:1F:30:0F
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2Nzo1XtsCu98OGn6veKoPcwfMA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:15:cc:80:91:91:4f:51:32:47:fa:bc:85:4c:c7:af:ba:e9:
5e:3c:c9:92:a9:4f:98:6f:fa:43:f1:d9:d1:55:49:86:6b:d8:
58:20:62:b3:0f:3b:07:55:d2:f9:57:32:e4:ce:3f:fb:f3:ab:
c3:9f:77:7e:6d:f4:d4:88:03:b9:c4:2d:d1:6d:de:0d:3f:b1:
ce:6c:37:24:c9:89:d5:07:5c:3c:31:06:75:27:ee:21:42:fb:
78:b2:00:29:8f:1f:58:97:8e:eb:84:ec:e1:79:c2:b0:2b:1b:
40:51:9c:21:01:fe:5a:5b:ac:55:88:f3:3a:01:12:1f:4d:c1:
a2:e1:b7:4c:6e:a1:b8:1f:23:42:a2:ad:1c:e0:52:db:bb:68:
83:48:53:2a:b6:4d:df:d7:25:bf:f6:4b:aa:07:b6:e5:95:b6:
81:fc:80:2b:a0:4f:1d:39:03:08:f1:71:b9:5c:5d:4e:ca:76:
d9:63:3c:26:b4:76:94:e7:ed:e9:5f:fb:f2:bb:19:84:f6:a4:
6e:7e:40:d1:03:a3:49:4c:4b:1f:97:43:5c:9c:9f:56:b0:bf:
6f:7b:e9:7b:1c:f6:e2:b0:5d:60:75:f4:1b:03:6f:fa:2e:78:
82:f5:1f:b2:08:37:e3:9b:b9:65:06:94:9b:eb:20:13:06:6c:
4f:31:25:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqjdVUuIwVl678dHa/GQk+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MTQwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRjZThkNTdiNmMwYWVmN2MzODY5ZmFiZGUyYTgzZGNjMWYzMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApREC+rFLmKVsklnrEVLlI9aksSRb
GlT8QJBc8n9yvNaLYONdA7keVMZ02D3x9Nd83+z3NEjx1nMJe0kQrZq5jh9KCYD8
l7p4uvB5jQU+7hBDkmJE+A4F2eGzhFgDFRkV5MB/J1c+NnI7L2O0Cp5ExX6Rk6Ps
QkBZvU7rovdjDEIJAQidjgbGHl3uafCA3dGKWZggg7EFDXIhZb/wSse3Gv2ECoUH
uqmoe6K/k2IibcVO9wQITY91oCKJNAz+0Ks9oobEnEsXLZAdFtZiWnb8v8Yzr4oI
2Phzz69rrBqtYQyHPyI6fB3HorcPXr8Q2ntp8L5IJQIbT8iOb5B5Fl1sBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNjc6NV7bArvfDhp+r3iqD3MHzAPMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMk56bzFYdHNDdTk4T0duNnZlS29QY3dmTUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAEVzICRkU9RMkf6vIVM
x6+66V48yZKpT5hv+kPx2dFVSYZr2FggYrMPOwdV0vlXMuTOP/vzq8Ofd35t9NSI
A7nELdFt3g0/sc5sNyTJidUHXDwxBnUn7iFC+3iyACmPH1iXjuuE7OF5wrArG0BR
nCEB/lpbrFWI8zoBEh9NwaLht0xuobgfI0KirRzgUtu7aINIUyq2Td/XJb/2S6oH
tuWVtoH8gCugTx05AwjxcblcXU7KdtljPCa0dpTn7elf+/K7GYT2pG5+QNEDo0lM
Sx+XQ1ycn1awv2976Xsc9uKwXWB19BsDb/oueIL1H7IIN+ObuWUGlJvrIBMGbE8x
JYA=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:56:06 2025 by rpki-client