Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4PqG69s-GGuOVZF_TpnUC-DpTjw.roa
File: 4PqG69s-GGuOVZF_TpnUC-DpTjw.roa (raw, json)
Hash identifier: ht8NQNWnU7qmQewxQM5PwB0u9Q+NiGzCX7LZiYrRmLw=
Subject key identifier: E0:FA:86:EB:DB:3E:18:6B:8E:55:91:7F:4E:99:D4:0B:E0:E9:4E:3C
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9365B2370D5B37E4DE323F293152066C
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4PqG69s-GGuOVZF_TpnUC-DpTjw.roa
Signing time: Thu 14 Sep 2023 11:13:50 +0000
ROA not before: Thu 14 Sep 2023 11:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:65:b2:37:0d:5b:37:e4:de:32:3f:29:31:52:06:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 14 11:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0fa86ebdb3e186b8e55917f4e99d40be0e94e3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fb:bb:45:77:5d:2e:78:78:2d:5e:3f:08:a3:
5b:75:94:b8:22:de:64:c7:f2:e3:8c:13:8e:29:a5:
d6:4a:94:99:4a:a3:2b:2f:73:45:1c:9d:e9:55:7b:
8d:fc:c7:f8:aa:2e:9f:6d:79:5b:86:27:9d:08:ae:
c8:54:b8:d1:cc:4c:04:88:fe:92:e2:ec:fa:6a:5a:
46:91:1c:ea:4e:1a:bd:72:11:30:63:a2:6b:2d:80:
0b:05:a0:a3:5b:2f:95:08:a7:5d:1d:29:6a:bf:00:
7e:74:c2:fa:cd:23:dc:80:c5:de:64:25:17:fd:f2:
e0:96:fd:4f:fd:cb:ca:0a:a5:f7:1d:45:70:e8:9f:
7c:67:26:2a:30:b2:3e:e0:7e:f5:e0:c7:4d:ca:80:
8d:f3:a9:2f:9d:c2:51:7f:0f:79:c3:9e:2f:40:03:
bf:24:7d:41:e1:73:5e:21:71:0f:07:77:5b:b6:dd:
84:b4:ef:9e:e3:9e:5c:d2:80:c0:38:61:3e:7f:73:
6b:27:1d:96:c9:da:b6:52:9e:7a:69:81:31:e7:ad:
c6:39:17:48:83:2b:9a:31:9d:c9:04:94:f3:1d:af:
5e:50:b2:97:17:0b:ad:59:c3:02:55:5e:b5:1f:55:
b6:9e:ec:e4:66:20:8a:92:40:db:45:2a:2c:64:42:
4a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:FA:86:EB:DB:3E:18:6B:8E:55:91:7F:4E:99:D4:0B:E0:E9:4E:3C
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4PqG69s-GGuOVZF_TpnUC-DpTjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:f9:c7:d1:94:63:36:b4:f9:28:ea:89:4c:5d:87:7d:98:a3:
5d:8e:69:e0:06:6e:cc:2b:65:59:75:97:54:5b:43:4a:55:80:
a6:f3:5b:00:d6:69:db:3a:a2:5b:23:a4:d9:07:f5:86:71:c9:
0c:2c:ab:c8:c9:1b:1a:ac:b7:c5:8b:fe:0d:4d:f8:ac:d2:90:
70:5e:81:d6:1c:b1:a3:b6:c2:d2:44:e1:3c:5a:06:56:8f:1e:
38:36:09:3a:8c:a0:24:7d:29:22:dd:ca:bf:cf:22:15:0a:ba:
f6:9f:dc:11:2b:3b:20:6f:47:03:d5:e5:20:86:f3:ce:a4:36:
8a:0e:71:59:a1:c3:91:c3:9b:3d:57:05:ea:c1:18:45:12:12:
d3:74:a9:46:21:15:30:60:e9:93:79:47:7a:64:aa:f2:28:e7:
65:42:0d:cf:ac:a9:ce:24:b0:9c:2f:5e:ad:35:15:71:b8:56:
47:ae:c8:d8:48:7d:d2:71:39:e8:3c:87:85:da:c9:35:7f:cf:
d6:1a:4c:f4:f6:16:51:02:b0:99:de:41:24:f4:9e:66:87:c8:
86:a7:b9:01:be:44:8a:88:66:1d:dc:36:3a:e0:76:2f:28:2a:
ae:a3:53:ae:d1:34:d7:4d:60:6c:c7:18:b2:a3:6c:14:8f:c9:
29:ef:ab:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqTZbI3DVs35N4yPykxUgZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE0MTExMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGZhODZlYmRiM2UxODZiOGU1NTkxN2Y0ZTk5ZDQwYmUwZTk0ZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPu7RXddLnh4LV4/CKNbdZS4It5k
x/LjjBOOKaXWSpSZSqMrL3NFHJ3pVXuN/Mf4qi6fbXlbhiedCK7IVLjRzEwEiP6S
4uz6alpGkRzqThq9chEwY6JrLYALBaCjWy+VCKddHSlqvwB+dML6zSPcgMXeZCUX
/fLglv1P/cvKCqX3HUVw6J98ZyYqMLI+4H714MdNyoCN86kvncJRfw95w54vQAO/
JH1B4XNeIXEPB3dbtt2EtO+e455c0oDAOGE+f3NrJx2Wydq2Up56aYEx563GORdI
gyuaMZ3JBJTzHa9eULKXFwutWcMCVV61H1W2nuzkZiCKkkDbRSosZEJKQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOD6huvbPhhrjlWRf06Z1Avg6U48MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvNFBxRzY5cy1HR3VPVlpGX1RwblVDLURwVGp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHv5x9GUYza0+SjqiUxd
h32Yo12OaeAGbswrZVl1l1RbQ0pVgKbzWwDWads6olsjpNkH9YZxyQwsq8jJGxqs
t8WL/g1N+KzSkHBegdYcsaO2wtJE4TxaBlaPHjg2CTqMoCR9KSLdyr/PIhUKuvaf
3BErOyBvRwPV5SCG886kNooOcVmhw5HDmz1XBerBGEUSEtN0qUYhFTBg6ZN5R3pk
qvIo52VCDc+sqc4ksJwvXq01FXG4VkeuyNhIfdJxOeg8h4XayTV/z9YaTPT2FlEC
sJneQST0nmaHyIanuQG+RIqIZh3cNjrgdi8oKq6jU67RNNdNYGzHGLKjbBSPySnv
q4Q=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:54:57 2025 by rpki-client