Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/5XsWw61lm1eSg2yYXot_gG4JmiM.roa
File: 5XsWw61lm1eSg2yYXot_gG4JmiM.roa (raw, json)
Hash identifier: UhZ0ScCPAnU16B1iFy2yp0W6hphlbDBpg+649qpJOvE=
Subject key identifier: E5:7B:16:C3:AD:65:9B:57:92:83:6C:98:5E:8B:7F:80:6E:09:9A:23
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A736EC6EBB944D8B25DD5AE4A2CBDAAA3
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/5XsWw61lm1eSg2yYXot_gG4JmiM.roa
Signing time: Fri 08 Sep 2023 06:15:54 +0000
ROA not before: Fri 08 Sep 2023 06:15:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:73:6e:c6:eb:b9:44:d8:b2:5d:d5:ae:4a:2c:bd:aa:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 8 06:15:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e57b16c3ad659b5792836c985e8b7f806e099a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8b:74:02:c6:31:21:46:9f:05:d2:d8:a1:cf:
ee:23:11:46:c0:7d:0a:5e:6c:15:6c:2c:da:8a:56:
1e:dd:cd:71:44:34:c4:e5:60:bf:cc:b5:a0:f8:5b:
e8:eb:f8:a3:fe:81:b9:2b:24:ce:93:2b:b1:c9:8a:
bd:75:00:de:2a:fd:ff:80:0e:00:65:fa:3e:70:d3:
7e:66:24:27:de:d4:d0:d8:2f:20:28:49:54:1c:99:
84:e1:1e:4c:70:55:f8:69:1a:bd:41:af:73:0b:74:
01:e0:9e:1e:09:dd:48:d0:bd:8c:2f:47:64:09:d4:
d7:60:75:0d:cf:eb:3a:05:34:f2:e6:37:23:0a:d3:
12:23:6e:34:2f:e3:64:5b:59:f3:c2:92:44:fb:b0:
69:19:8c:85:28:40:bc:01:ff:46:fc:56:6b:2d:0b:
64:51:cb:a8:d2:11:5d:b6:27:97:86:60:f3:62:4b:
a0:62:c2:51:fd:fc:72:4a:40:9e:fe:e2:76:de:2e:
96:b2:56:4a:b0:3d:4f:2c:3f:ea:a0:6a:da:ca:b3:
f2:11:95:00:3e:da:e8:8e:20:c2:5d:b7:3d:4f:d6:
4e:2f:8b:c3:b4:4b:4f:7d:5f:67:66:90:8e:5f:5f:
fc:59:46:a5:79:dc:38:47:ad:aa:85:1e:18:42:8a:
09:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:7B:16:C3:AD:65:9B:57:92:83:6C:98:5E:8B:7F:80:6E:09:9A:23
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/5XsWw61lm1eSg2yYXot_gG4JmiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:e5:1b:a0:55:48:84:af:ca:fa:32:25:12:98:39:8f:4b:be:
d6:92:81:1f:98:82:65:73:8d:3d:43:e1:8a:fc:cc:f4:84:db:
38:e2:99:24:96:bc:25:ab:a4:86:30:18:ce:a0:4c:42:c7:84:
e8:e3:73:f5:97:89:37:fd:9b:15:fe:c1:9e:8e:f9:23:d4:44:
45:25:08:7e:c2:c6:8d:5c:e3:8d:bc:13:b9:e2:1d:6d:df:42:
f7:85:0d:fa:ae:cb:a5:e0:43:6a:57:9f:b1:be:33:ee:a0:89:
54:0c:ef:1f:09:66:39:79:b8:91:66:c6:5e:06:a8:52:e4:31:
36:8e:93:70:16:65:8b:58:77:9f:0e:52:b8:1f:3f:e3:a7:5c:
44:b1:52:65:0f:cc:1d:82:3a:ae:93:99:94:1b:0a:2a:a7:19:
12:b4:20:68:d0:4b:24:3d:dc:fb:7a:3e:54:02:e8:3e:75:7f:
aa:60:04:75:43:55:34:15:b9:8e:19:31:06:5a:2c:8a:28:d6:
9b:49:01:b3:39:7e:af:a9:64:85:73:e5:14:a7:75:09:94:22:
2e:f7:69:75:8b:3f:3e:26:88:fb:aa:d9:4d:95:6e:0f:13:5d:
7b:b9:9a:8b:86:5d:f4:87:32:54:64:72:6e:e0:fd:00:be:ea:
0b:8e:68:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpzbsbruUTYsl3VrkosvaqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA4MDYxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTdiMTZjM2FkNjU5YjU3OTI4MzZjOTg1ZThiN2Y4MDZlMDk5YTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnot0AsYxIUafBdLYoc/uIxFGwH0K
XmwVbCzailYe3c1xRDTE5WC/zLWg+Fvo6/ij/oG5KyTOkyuxyYq9dQDeKv3/gA4A
Zfo+cNN+ZiQn3tTQ2C8gKElUHJmE4R5McFX4aRq9Qa9zC3QB4J4eCd1I0L2ML0dk
CdTXYHUNz+s6BTTy5jcjCtMSI240L+NkW1nzwpJE+7BpGYyFKEC8Af9G/FZrLQtk
Ucuo0hFdtieXhmDzYkugYsJR/fxySkCe/uJ23i6WslZKsD1PLD/qoGrayrPyEZUA
PtrojiDCXbc9T9ZOL4vDtEtPfV9nZpCOX1/8WUaledw4R62qhR4YQooJPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOV7FsOtZZtXkoNsmF6Lf4BuCZojMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvNVhzV3c2MWxtMWVTZzJ5WVhvdF9nRzRKbWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAzlG6BVSISvyvoyJRKY
OY9LvtaSgR+YgmVzjT1D4Yr8zPSE2zjimSSWvCWrpIYwGM6gTELHhOjjc/WXiTf9
mxX+wZ6O+SPUREUlCH7Cxo1c4428E7niHW3fQveFDfquy6XgQ2pXn7G+M+6giVQM
7x8JZjl5uJFmxl4GqFLkMTaOk3AWZYtYd58OUrgfP+OnXESxUmUPzB2COq6TmZQb
CiqnGRK0IGjQSyQ93Pt6PlQC6D51f6pgBHVDVTQVuY4ZMQZaLIoo1ptJAbM5fq+p
ZIVz5RSndQmUIi73aXWLPz4miPuq2U2Vbg8TXXu5mouGXfSHMlRkcm7g/QC+6guO
aE4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:03 2025 by rpki-client