Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4BKOKeVhBFPNzgz7R-tJtz7tYlk.roa
File: 4BKOKeVhBFPNzgz7R-tJtz7tYlk.roa (raw, json)
Hash identifier: PCNgWHC9blGj/++0zd9O48g2ijXF+9M+fW3GDKjGV+s=
Subject key identifier: E0:12:8E:29:E5:61:04:53:CD:CE:0C:FB:47:EB:49:B7:3E:ED:62:59
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A72235AD451AF24F6B22E2F1D8C85B395
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4BKOKeVhBFPNzgz7R-tJtz7tYlk.roa
Signing time: Fri 08 Sep 2023 00:13:54 +0000
ROA not before: Fri 08 Sep 2023 00:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:72:23:5a:d4:51:af:24:f6:b2:2e:2f:1d:8c:85:b3:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 8 00:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0128e29e5610453cdce0cfb47eb49b73eed6259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8e:0e:e5:5e:44:ba:95:72:38:7a:15:f7:97:
d1:dc:86:bc:e9:f6:78:9b:5e:72:52:28:1c:5c:78:
28:70:1f:6d:26:c6:65:a5:0f:60:ac:fc:21:a3:c9:
21:8f:fe:f3:d8:e0:c7:aa:9a:ec:08:69:3b:41:59:
78:22:c3:e6:07:f7:0b:c1:08:71:ed:8e:10:f3:16:
9a:af:70:d9:7e:78:aa:14:2b:ff:4b:63:33:7b:17:
1d:16:df:9b:e6:e5:f0:8e:88:2e:d8:4c:49:2d:eb:
bf:57:6a:5c:82:da:19:00:f3:87:68:d7:41:89:6f:
45:ec:bd:b3:59:96:f4:8f:3e:db:7e:5b:fa:32:7c:
f4:97:6a:dc:df:9e:9d:14:da:03:2e:4f:79:0f:29:
fa:0d:48:7c:d4:57:f5:41:92:96:00:67:c3:b7:09:
8d:f2:12:95:da:91:71:4c:cc:a2:5b:66:57:02:a3:
15:65:13:06:a9:9f:6e:bd:ed:8e:d3:dc:e7:c5:52:
2f:77:2f:2b:7c:bf:19:3e:db:1f:71:dd:eb:77:97:
f7:4e:7d:2c:bd:9c:e8:b3:7d:ec:1f:df:7a:56:0f:
7a:b9:ba:6a:d2:41:fd:9d:e9:0a:71:ff:05:e3:ed:
01:be:b5:2f:70:f0:52:23:a7:91:e3:05:23:dd:68:
1d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:12:8E:29:E5:61:04:53:CD:CE:0C:FB:47:EB:49:B7:3E:ED:62:59
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4BKOKeVhBFPNzgz7R-tJtz7tYlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:1a:38:e1:53:f4:5a:8b:75:2f:23:fe:fd:5c:e0:b4:b6:c9:
46:10:b9:4e:d2:85:88:20:92:2f:5e:49:74:f8:b3:70:c7:05:
0e:8b:5d:11:1d:73:c4:82:2f:9e:63:24:39:43:30:b4:a4:a7:
1b:a8:20:44:92:00:99:26:11:09:4f:7d:8c:42:5e:8e:e6:47:
0a:37:2e:b4:f4:11:7c:bb:39:aa:7b:c1:2e:4a:17:1c:17:c2:
58:4a:4c:67:77:f9:5a:7c:90:86:2f:8b:0e:f1:1e:ea:0c:c4:
9f:fc:c7:70:e9:60:11:19:57:60:8a:cd:72:72:77:42:f4:4e:
e8:6b:f5:09:47:1e:6c:bb:08:3f:46:5f:18:41:63:c4:dc:41:
38:ca:48:d4:3c:4b:94:e4:42:cc:48:43:ba:08:00:1d:f1:06:
8e:65:4d:e2:0c:20:af:c8:da:1a:92:94:5a:ad:46:70:dc:13:
34:05:49:4e:38:de:33:09:66:d7:85:7b:4d:05:08:66:3d:dd:
3a:25:d0:1c:d3:4f:5a:69:3b:e8:b0:b5:29:e0:68:6f:1a:8b:
60:74:7c:99:9a:ae:bb:86:f9:98:be:48:3a:22:cb:69:90:a5:
74:c7:d6:ab:2b:9e:38:c0:9f:de:16:5b:ed:ac:d0:36:b7:5c:
44:ee:b5:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpyI1rUUa8k9rIuLx2MhbOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA4MDAxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDEyOGUyOWU1NjEwNDUzY2RjZTBjZmI0N2ViNDliNzNlZWQ2MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjY4O5V5EupVyOHoV95fR3Ia86fZ4
m15yUigcXHgocB9tJsZlpQ9grPwho8khj/7z2ODHqprsCGk7QVl4IsPmB/cLwQhx
7Y4Q8xaar3DZfniqFCv/S2MzexcdFt+b5uXwjogu2ExJLeu/V2pcgtoZAPOHaNdB
iW9F7L2zWZb0jz7bflv6Mnz0l2rc356dFNoDLk95Dyn6DUh81Ff1QZKWAGfDtwmN
8hKV2pFxTMyiW2ZXAqMVZRMGqZ9uve2O09znxVIvdy8rfL8ZPtsfcd3rd5f3Tn0s
vZzos33sH996Vg96ubpq0kH9nekKcf8F4+0BvrUvcPBSI6eR4wUj3Wgd1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOASjinlYQRTzc4M+0frSbc+7WJZMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvNEJLT0tlVmhCRlBOemd6N1ItdEp0ejd0WWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIwaOOFT9FqLdS8j/v1c
4LS2yUYQuU7ShYggki9eSXT4s3DHBQ6LXREdc8SCL55jJDlDMLSkpxuoIESSAJkm
EQlPfYxCXo7mRwo3LrT0EXy7Oap7wS5KFxwXwlhKTGd3+Vp8kIYviw7xHuoMxJ/8
x3DpYBEZV2CKzXJyd0L0Tuhr9QlHHmy7CD9GXxhBY8TcQTjKSNQ8S5TkQsxIQ7oI
AB3xBo5lTeIMIK/I2hqSlFqtRnDcEzQFSU443jMJZteFe00FCGY93Tol0BzTT1pp
O+iwtSngaG8ai2B0fJmarruG+Zi+SDoiy2mQpXTH1qsrnjjAn94WW+2s0Da3XETu
tVw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:34 2025 by rpki-client