Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2j8npL-VjTly5Nm3uUFwiSM8AsQ.roa
File: 2j8npL-VjTly5Nm3uUFwiSM8AsQ.roa (raw, json)
Hash identifier: x9W/ZvNdtqLdpWOmL1md7BEJLOxByrL/isoxI6tGjOg=
Subject key identifier: DA:3F:27:A4:BF:95:8D:39:72:E4:D9:B7:B9:41:70:89:23:3C:02:C4
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6CC61227F376B1674B80EE934C28ECC3
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2j8npL-VjTly5Nm3uUFwiSM8AsQ.roa
Signing time: Wed 06 Sep 2023 23:13:54 +0000
ROA not before: Wed 06 Sep 2023 23:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6c:c6:12:27:f3:76:b1:67:4b:80:ee:93:4c:28:ec:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 23:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da3f27a4bf958d3972e4d9b7b9417089233c02c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5c:93:e3:3b:42:ee:6e:55:e2:77:0c:8c:38:
90:ff:da:e9:fa:a4:b2:03:95:1c:f3:1d:bf:df:50:
c0:1b:18:76:92:7a:3d:52:29:57:28:be:3d:bd:cd:
41:83:64:b8:92:7b:81:9c:f7:f5:9e:0f:fa:b3:c7:
60:6a:44:9c:68:7e:43:66:0e:80:0b:6a:d4:f3:57:
85:95:57:4b:36:c7:8e:91:a2:8f:5b:de:3d:67:c9:
bd:14:68:2b:d7:e2:67:06:ad:1e:e3:53:0a:14:d3:
f5:da:f9:22:d3:73:b4:7f:f4:41:da:75:70:4d:09:
16:0d:de:9d:9d:42:f9:93:b5:22:3e:ac:0a:7e:dd:
5e:81:31:92:38:71:16:33:4f:5c:c0:e9:93:b5:80:
a9:cd:c0:11:36:e4:98:d8:b5:2b:b0:10:a6:e9:e3:
01:85:58:91:36:56:bb:7c:0e:5c:72:51:bf:1f:9a:
d4:d4:7d:eb:11:03:b3:33:20:5a:7b:58:92:f2:c6:
81:cb:c9:50:85:2b:85:eb:9e:82:68:00:dd:76:c1:
14:9e:c8:ac:4c:59:d5:8b:cf:f1:75:ce:6b:bb:68:
57:3f:fc:10:c9:c4:b0:62:49:d6:c5:97:dc:d4:c7:
11:9d:8a:87:bf:5f:32:81:88:9e:7a:35:1d:42:97:
c6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:3F:27:A4:BF:95:8D:39:72:E4:D9:B7:B9:41:70:89:23:3C:02:C4
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2j8npL-VjTly5Nm3uUFwiSM8AsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:e6:13:2e:72:27:c9:60:ce:1a:37:ff:f0:70:2a:49:84:79:
78:18:1f:d7:21:da:b9:34:9f:9b:ea:99:11:5e:5e:02:dd:44:
05:f2:7f:ac:e1:e2:9d:6a:b4:16:af:7a:07:c7:78:ff:2d:64:
d1:93:e0:99:78:3b:7a:76:76:36:c8:f4:2f:69:71:22:0e:a7:
f0:ee:8f:6c:05:93:ad:0e:c5:e0:2a:45:6a:f7:1f:c0:57:4e:
43:00:86:f6:8d:39:77:4a:54:63:91:41:bf:80:9f:9b:30:c0:
2c:04:45:3d:b7:85:57:1c:6e:75:66:b3:93:7f:70:86:c6:91:
52:b1:31:2a:2c:ea:34:21:b2:d8:2d:0b:c4:3b:ec:07:45:da:
b8:55:ae:27:84:99:95:a6:dc:83:92:66:06:76:cb:d3:93:9f:
57:4e:fe:5a:ad:22:6b:7b:b2:de:6d:82:95:30:f7:0f:5f:fb:
35:72:e2:79:e9:c9:00:28:35:d5:62:71:4b:99:f5:a4:44:db:
8b:64:46:71:7b:50:65:0d:b2:fa:d7:c6:31:8e:24:04:f7:7d:
b2:9b:2e:ac:cb:96:73:41:b1:20:e8:0a:04:c9:21:1b:5f:d4:
1e:93:54:78:fc:c4:8d:42:c6:52:23:d6:a2:fb:97:8d:1e:3f:
37:4a:7c:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpsxhIn83axZ0uA7pNMKOzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MjMxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTNmMjdhNGJmOTU4ZDM5NzJlNGQ5YjdiOTQxNzA4OTIzM2MwMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1yT4ztC7m5V4ncMjDiQ/9rp+qSy
A5Uc8x2/31DAGxh2kno9UilXKL49vc1Bg2S4knuBnPf1ng/6s8dgakScaH5DZg6A
C2rU81eFlVdLNseOkaKPW949Z8m9FGgr1+JnBq0e41MKFNP12vki03O0f/RB2nVw
TQkWDd6dnUL5k7UiPqwKft1egTGSOHEWM09cwOmTtYCpzcARNuSY2LUrsBCm6eMB
hViRNla7fA5cclG/H5rU1H3rEQOzMyBae1iS8saBy8lQhSuF656CaADddsEUnsis
TFnVi8/xdc5ru2hXP/wQycSwYknWxZfc1McRnYqHv18ygYieejUdQpfGGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNo/J6S/lY05cuTZt7lBcIkjPALEMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMmo4bnBMLVZqVGx5NU5tM3VVRndpU004QXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABrmEy5yJ8lgzho3//Bw
KkmEeXgYH9ch2rk0n5vqmRFeXgLdRAXyf6zh4p1qtBavegfHeP8tZNGT4Jl4O3p2
djbI9C9pcSIOp/Duj2wFk60OxeAqRWr3H8BXTkMAhvaNOXdKVGORQb+An5swwCwE
RT23hVccbnVms5N/cIbGkVKxMSos6jQhstgtC8Q77AdF2rhVrieEmZWm3IOSZgZ2
y9OTn1dO/lqtImt7st5tgpUw9w9f+zVy4nnpyQAoNdVicUuZ9aRE24tkRnF7UGUN
svrXxjGOJAT3fbKbLqzLlnNBsSDoCgTJIRtf1B6TVHj8xI1CxlIj1qL7l40ePzdK
fD8=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:13:05 2025 by rpki-client