Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/56aDXQExhUqrYG8RP_iXc0wa570.roa
File: 56aDXQExhUqrYG8RP_iXc0wa570.roa (raw, json)
Hash identifier: VTWTF11asJyxiJdeYZerxx0xfb69oUWUs/yDLjFmHUs=
Subject key identifier: E7:A6:83:5D:01:31:85:4A:AB:60:6F:11:3F:F8:97:73:4C:1A:E7:BD
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4C5AF78E2C09F91B85F6A68680CF781C
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/56aDXQExhUqrYG8RP_iXc0wa570.roa
Signing time: Thu 31 Aug 2023 16:09:04 +0000
ROA not before: Thu 31 Aug 2023 16:09:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:4c5a:60e0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4c:5a:f7:8e:2c:09:f9:1b:85:f6:a6:86:80:cf:78:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 16:09:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7a6835d0131854aab606f113ff897734c1ae7bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b8:9c:b5:a1:0f:ad:69:67:4c:f9:d4:76:f4:
64:a6:0e:a9:af:cf:46:7c:72:a0:ce:f8:c7:7c:8b:
97:c6:67:7f:bd:7c:af:db:40:32:20:af:90:71:30:
89:d2:7e:3c:cc:79:73:42:e7:33:c5:1f:31:a7:8a:
dd:6f:a8:93:28:24:f8:22:de:00:e2:ff:42:91:7f:
90:05:d2:5a:ec:f1:bb:65:c8:e9:16:fa:85:f4:05:
c2:10:9b:6d:8f:6f:3d:18:3f:56:f8:f4:63:8f:33:
6c:23:b2:03:f6:2a:aa:a5:77:0e:8e:2d:e7:21:59:
f2:53:db:46:45:53:57:fc:32:68:1a:d2:af:bb:05:
83:97:0d:2c:87:f5:c9:9f:78:4d:59:8e:e9:5d:91:
22:ae:8d:3a:45:f3:4f:a9:b4:3c:92:a7:c0:36:d8:
85:cc:a5:c9:43:ed:7f:43:39:b7:a1:c8:7a:8a:9a:
95:87:45:ea:05:19:e1:86:4a:1a:cc:7a:3c:4d:59:
79:13:f7:c1:7f:dd:21:c7:70:c6:c5:5f:6d:3f:db:
69:f2:ad:8e:51:01:13:c9:d9:42:3a:b7:39:d6:ac:
f6:c1:1a:30:8c:0b:b3:4f:95:e9:fb:f1:0c:3f:d7:
a4:cd:65:dd:b4:00:83:69:2a:86:42:78:dd:bc:c4:
6f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A6:83:5D:01:31:85:4A:AB:60:6F:11:3F:F8:97:73:4C:1A:E7:BD
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/56aDXQExhUqrYG8RP_iXc0wa570.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:43:25:cc:e8:62:d0:6a:17:6b:a9:93:99:f4:0c:33:66:06:
b1:e3:0f:ea:6c:7c:a9:af:b2:29:18:00:d2:95:90:03:7a:34:
c9:d6:1a:99:fe:5b:64:09:9e:35:aa:ae:e1:95:03:89:ca:0c:
7c:8f:32:49:53:90:06:c8:ea:08:16:5a:49:d1:22:9b:50:fc:
b8:db:73:24:8c:b9:9b:25:4e:3e:5f:25:a3:cc:df:5b:9a:0e:
e8:dc:9a:42:10:ec:ad:37:7f:10:28:58:58:30:0b:1c:2a:0d:
73:0a:e0:91:7b:80:e7:1d:d4:80:0d:5a:27:01:fc:ea:3a:76:
90:1b:dc:52:ab:99:79:90:2c:81:41:42:a7:49:fc:cb:a1:f0:
97:d4:24:84:49:c3:25:16:29:8a:46:1d:45:d2:13:26:e7:44:
33:9a:d4:98:32:06:89:c1:dc:6d:44:3b:1e:a1:b0:b0:e2:62:
46:1e:33:73:99:8c:3a:86:16:1e:ee:c3:9a:bf:87:46:1d:da:
07:a2:9e:59:91:4a:4d:0a:cd:83:60:61:69:6a:d0:94:e5:96:
a2:89:f4:7d:61:07:a0:5a:1f:6c:9c:0f:9c:38:03:13:11:1b:
d8:9c:27:55:44:c8:7e:e9:b5:f4:17:2b:96:53:73:e9:fc:87:
72:9b:ea:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpMWveOLAn5G4X2poaAz3gcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMTYwOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2E2ODM1ZDAxMzE4NTRhYWI2MDZmMTEzZmY4OTc3MzRjMWFlN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrictaEPrWlnTPnUdvRkpg6pr89G
fHKgzvjHfIuXxmd/vXyv20AyIK+QcTCJ0n48zHlzQuczxR8xp4rdb6iTKCT4It4A
4v9CkX+QBdJa7PG7ZcjpFvqF9AXCEJttj289GD9W+PRjjzNsI7ID9iqqpXcOji3n
IVnyU9tGRVNX/DJoGtKvuwWDlw0sh/XJn3hNWY7pXZEiro06RfNPqbQ8kqfANtiF
zKXJQ+1/Qzm3och6ipqVh0XqBRnhhkoazHo8TVl5E/fBf90hx3DGxV9tP9tp8q2O
UQETydlCOrc51qz2wRowjAuzT5Xp+/EMP9ekzWXdtACDaSqGQnjdvMRvEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOemg10BMYVKq2BvET/4l3NMGue9MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvNTZhRFhRRXhoVXFyWUc4UlBfaVhjMHdhNTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEZDJczoYtBqF2upk5n0
DDNmBrHjD+psfKmvsikYANKVkAN6NMnWGpn+W2QJnjWqruGVA4nKDHyPMklTkAbI
6ggWWknRIptQ/LjbcySMuZslTj5fJaPM31uaDujcmkIQ7K03fxAoWFgwCxwqDXMK
4JF7gOcd1IANWicB/Oo6dpAb3FKrmXmQLIFBQqdJ/Muh8JfUJIRJwyUWKYpGHUXS
EybnRDOa1JgyBonB3G1EOx6hsLDiYkYeM3OZjDqGFh7uw5q/h0Yd2geinlmRSk0K
zYNgYWlq0JTllqKJ9H1hB6BaH2ycD5w4AxMRG9icJ1VEyH7ptfQXK5ZTc+n8h3Kb
6qg=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:03:08 2025 by rpki-client