Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4Pg9IGkdELyw_jhXxCUnWUAo16I.roa
File: 4Pg9IGkdELyw_jhXxCUnWUAo16I.roa (raw, json)
Hash identifier: RBvCYxNt3sInutkiSXFRFnKfmeKNi2zfwAp3f+3zxxU=
Subject key identifier: E0:F8:3D:20:69:1D:10:BC:B0:FE:38:57:C4:25:27:59:40:28:D7:A2
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A479ECEA9E2AB79E24064B71F471DACB1
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4Pg9IGkdELyw_jhXxCUnWUAo16I.roa
Signing time: Wed 30 Aug 2023 18:05:04 +0000
ROA not before: Wed 30 Aug 2023 18:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:479e:34ad/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:47:9e:ce:a9:e2:ab:79:e2:40:64:b7:1f:47:1d:ac:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 18:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0f83d20691d10bcb0fe3857c42527594028d7a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8b:25:9a:ba:d9:45:03:30:e1:07:dd:c9:bc:
11:df:3b:06:7e:06:7f:dc:57:ca:83:c1:6e:b4:c7:
a0:95:fd:ac:78:45:12:08:9f:c2:20:91:78:92:5e:
79:d0:57:07:20:00:66:e7:dd:85:81:e4:3c:66:50:
75:c2:f6:d9:9f:a5:ca:ab:31:a0:1b:85:24:d1:08:
97:24:0a:7b:8f:9d:70:aa:aa:1e:1c:7b:c0:e8:ea:
a4:b3:4d:15:db:55:21:a0:0b:66:f5:b4:b0:eb:3c:
71:e1:df:8d:39:41:ad:6f:74:b5:63:96:78:2e:cb:
b0:51:04:86:ab:f9:a6:3c:25:f6:e3:c8:b7:79:2d:
bc:a5:fd:2e:02:8e:06:7c:c0:cc:5c:ce:45:94:fe:
67:24:76:7b:3e:40:8e:5a:7a:45:86:fa:60:b2:7d:
08:26:d4:0f:b5:10:e3:2e:52:51:df:59:8c:88:01:
b7:5b:ba:f9:1f:f1:18:88:d2:64:ca:ed:a3:29:16:
be:be:e2:c7:94:cc:20:43:22:1c:73:54:85:84:bc:
e7:46:03:bd:86:c5:9a:2c:8f:1f:2f:13:84:1e:4a:
9e:a8:fe:7c:f9:c3:68:f1:86:51:4b:ad:62:4b:3f:
12:56:13:8d:7a:a9:ea:ec:9a:0e:56:a7:a6:ff:38:
11:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F8:3D:20:69:1D:10:BC:B0:FE:38:57:C4:25:27:59:40:28:D7:A2
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4Pg9IGkdELyw_jhXxCUnWUAo16I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:99:2d:cd:d1:af:a6:c5:f7:77:6b:e8:45:3c:47:c4:f2:49:
62:24:d0:62:7b:df:9a:a1:d1:8e:04:4e:57:03:9c:25:f4:1e:
7a:f0:37:39:bf:3f:24:63:50:23:c8:35:e9:19:bb:40:62:62:
68:0d:3e:b2:49:a7:63:44:70:01:64:26:0d:1d:11:68:c4:67:
ef:a1:d7:3f:dd:9b:c4:e8:1a:5b:48:cd:3e:34:88:5d:35:c4:
1e:e5:18:55:71:fb:fe:51:ab:42:80:ae:de:57:98:9a:cd:cc:
10:d4:3c:ce:41:0c:d2:c3:90:2c:6c:b5:af:6b:9e:94:60:78:
42:85:5f:03:ce:c8:07:67:63:2b:83:b9:95:80:db:c2:a4:7d:
f5:30:be:90:65:88:8b:17:e5:74:a4:40:82:09:ee:99:e2:5d:
47:4a:91:40:b9:33:d5:65:08:67:1f:96:b1:b1:b4:dd:a5:50:
24:dd:a1:17:6d:d8:db:68:c2:d4:08:05:74:71:ed:6e:96:ab:
6a:62:cf:b0:2e:41:94:ee:8a:12:e4:9d:22:2a:32:95:37:bb:
56:ca:1f:c0:9d:73:19:10:7c:0f:d2:f3:a4:b2:dc:97:28:f4:
87:0e:50:9e:c4:cb:84:d5:1f:b5:19:85:c5:5a:df:70:31:fe:
ed:ae:1b:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpHns6p4qt54kBktx9HHayxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMTgwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGY4M2QyMDY5MWQxMGJjYjBmZTM4NTdjNDI1Mjc1OTQwMjhkN2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4slmrrZRQMw4QfdybwR3zsGfgZ/
3FfKg8FutMeglf2seEUSCJ/CIJF4kl550FcHIABm592FgeQ8ZlB1wvbZn6XKqzGg
G4Uk0QiXJAp7j51wqqoeHHvA6Oqks00V21UhoAtm9bSw6zxx4d+NOUGtb3S1Y5Z4
LsuwUQSGq/mmPCX248i3eS28pf0uAo4GfMDMXM5FlP5nJHZ7PkCOWnpFhvpgsn0I
JtQPtRDjLlJR31mMiAG3W7r5H/EYiNJkyu2jKRa+vuLHlMwgQyIcc1SFhLznRgO9
hsWaLI8fLxOEHkqeqP58+cNo8YZRS61iSz8SVhONeqnq7JoOVqem/zgRTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOD4PSBpHRC8sP44V8QlJ1lAKNeiMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvNFBnOUlHa2RFTHl3X2poWHhDVW5XVUFvMTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGmZLc3Rr6bF93dr6EU8
R8TySWIk0GJ735qh0Y4ETlcDnCX0HnrwNzm/PyRjUCPINekZu0BiYmgNPrJJp2NE
cAFkJg0dEWjEZ++h1z/dm8ToGltIzT40iF01xB7lGFVx+/5Rq0KArt5XmJrNzBDU
PM5BDNLDkCxsta9rnpRgeEKFXwPOyAdnYyuDuZWA28KkffUwvpBliIsX5XSkQIIJ
7pniXUdKkUC5M9VlCGcflrGxtN2lUCTdoRdt2NtowtQIBXRx7W6Wq2piz7AuQZTu
ihLknSIqMpU3u1bKH8CdcxkQfA/S86Sy3Jco9IcOUJ7Ey4TVH7UZhcVa33Ax/u2u
G1s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:20 2025 by rpki-client