Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4u7gKQ89azCSOWeDfKmzisObQ4o.roa
File: 4u7gKQ89azCSOWeDfKmzisObQ4o.roa (raw, json)
Hash identifier: tQo4iTNBedWKiL+QPlWXJ3wSq1HGXPwLZkyWxIKMpBQ=
Subject key identifier: E2:EE:E0:29:0F:3D:6B:30:92:39:67:83:7C:A9:B3:8A:C3:9B:43:8A
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8CC0A63F502A3062A98FD8A4EBAAEA48
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4u7gKQ89azCSOWeDfKmzisObQ4o.roa
Signing time: Wed 13 Sep 2023 04:15:50 +0000
ROA not before: Wed 13 Sep 2023 04:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8c:c0:a6:3f:50:2a:30:62:a9:8f:d8:a4:eb:aa:ea:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 04:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2eee0290f3d6b30923967837ca9b38ac39b438a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e9:44:c8:d9:55:51:95:7e:e2:b2:eb:49:b1:
94:00:74:61:df:1f:63:bf:61:4a:c0:5c:be:0e:e7:
a3:12:41:ac:9b:a6:4f:ce:70:0e:a1:d7:a6:bb:ce:
25:a7:10:c0:7c:4e:49:9d:59:c5:fd:c3:f3:ba:d5:
ad:cf:4d:46:df:c7:e9:97:15:c6:7f:c2:14:a9:b5:
a7:41:07:37:94:e4:34:3f:ac:55:c0:4d:c6:46:f0:
45:05:34:85:20:aa:86:54:8f:a5:e8:9f:fa:0c:29:
f3:59:8e:b9:59:a5:02:55:1e:6d:63:e3:cb:1d:e9:
b2:26:82:d9:50:a5:a1:6e:44:72:92:dd:6d:b7:f4:
d7:6f:c3:7b:6b:a2:19:c5:fb:8a:04:4d:df:68:89:
94:9b:57:69:39:2c:75:d6:b3:2e:93:68:02:41:4b:
58:1f:ca:de:bb:bb:ec:21:89:dc:a4:8e:ab:a0:c7:
cc:d6:2d:77:4d:d5:c4:1d:17:19:01:93:56:60:3e:
94:93:99:1f:70:9e:72:9a:82:9c:ef:56:43:58:6a:
0a:ca:24:47:a1:94:7b:91:b2:ff:77:42:92:13:bf:
1e:2b:2d:b3:10:dd:94:68:44:54:b0:76:3e:48:db:
ce:f7:8d:29:7a:11:e1:e7:b0:17:e8:53:a3:63:18:
8b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:EE:E0:29:0F:3D:6B:30:92:39:67:83:7C:A9:B3:8A:C3:9B:43:8A
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4u7gKQ89azCSOWeDfKmzisObQ4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:e7:30:9d:4c:c5:91:c1:8c:07:73:09:1c:7e:2d:33:d0:0b:
0c:41:68:0e:dc:ca:d3:84:c9:af:7a:ca:da:f5:53:d8:77:d3:
59:49:e0:67:9d:64:a3:f1:60:7e:d7:71:03:80:e9:d8:dc:8a:
d8:5c:99:c6:45:27:55:e5:61:eb:91:49:8e:80:d0:e9:90:16:
b4:d7:3e:c4:04:c0:82:75:d5:ea:9e:f5:fe:ec:a4:c5:64:cc:
76:00:d6:e2:e8:5c:9a:d6:1c:e6:b4:fc:c9:b3:e4:13:fa:2c:
8d:33:1c:d3:e0:2e:fb:25:5b:f9:4d:96:1d:25:27:30:1a:67:
8c:2f:23:1e:70:6a:63:39:f3:14:8e:6d:df:4e:68:56:24:80:
4e:5c:98:79:c9:30:88:1a:a6:da:a4:17:7b:3e:b3:89:ef:a2:
f6:ed:a4:19:aa:50:f6:4a:c2:0d:34:6a:f9:bd:5e:a3:93:a9:
7a:da:a7:d0:d7:37:eb:e5:f3:3c:4f:84:8a:d5:4f:8e:14:a2:
e5:f9:57:a0:d4:81:f2:79:be:cb:4f:3b:d0:f3:f3:25:14:59:
e6:69:cd:b5:c7:51:35:88:65:2a:76:6c:27:c1:96:3a:9b:e3:
89:fb:85:61:8e:9d:c0:15:59:b7:d2:8b:d5:d1:3d:a7:d4:f6:
cc:f9:2b:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqMwKY/UCowYqmP2KTrqupIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMDQxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmVlZTAyOTBmM2Q2YjMwOTIzOTY3ODM3Y2E5YjM4YWMzOWI0MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOlEyNlVUZV+4rLrSbGUAHRh3x9j
v2FKwFy+DuejEkGsm6ZPznAOodemu84lpxDAfE5JnVnF/cPzutWtz01G38fplxXG
f8IUqbWnQQc3lOQ0P6xVwE3GRvBFBTSFIKqGVI+l6J/6DCnzWY65WaUCVR5tY+PL
HemyJoLZUKWhbkRykt1tt/TXb8N7a6IZxfuKBE3faImUm1dpOSx11rMuk2gCQUtY
H8reu7vsIYncpI6roMfM1i13TdXEHRcZAZNWYD6Uk5kfcJ5ymoKc71ZDWGoKyiRH
oZR7kbL/d0KSE78eKy2zEN2UaERUsHY+SNvO940pehHh57AX6FOjYxiLBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOLu4CkPPWswkjlng3yps4rDm0OKMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvNHU3Z0tRODlhekNTT1dlRGZLbXppc09iUTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFnnMJ1MxZHBjAdzCRx+
LTPQCwxBaA7cytOEya96ytr1U9h301lJ4GedZKPxYH7XcQOA6djcithcmcZFJ1Xl
YeuRSY6A0OmQFrTXPsQEwIJ11eqe9f7spMVkzHYA1uLoXJrWHOa0/Mmz5BP6LI0z
HNPgLvslW/lNlh0lJzAaZ4wvIx5wamM58xSObd9OaFYkgE5cmHnJMIgaptqkF3s+
s4nvovbtpBmqUPZKwg00avm9XqOTqXrap9DXN+vl8zxPhIrVT44UouX5V6DUgfJ5
vstPO9Dz8yUUWeZpzbXHUTWIZSp2bCfBljqb44n7hWGOncAVWbfSi9XRPafU9sz5
Kzg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:57 2025 by rpki-client