Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7DO-R3xQt-qJjm_TFByoM1_dNzc.roa
File: 7DO-R3xQt-qJjm_TFByoM1_dNzc.roa (raw, json)
Hash identifier: UuFtC70fRLgvk8eVrRSzMEUT75XP7ArmqJ5CjbKxwNM=
Subject key identifier: EC:33:BE:47:7C:50:B7:EA:89:8E:6F:D3:14:1C:A8:33:5F:DD:37:37
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA30ECA5ADE06C193EB54681843930E70
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7DO-R3xQt-qJjm_TFByoM1_dNzc.roa
Signing time: Sun 17 Sep 2023 12:12:50 +0000
ROA not before: Sun 17 Sep 2023 12:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a3:0e:ca:5a:de:06:c1:93:eb:54:68:18:43:93:0e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 12:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec33be477c50b7ea898e6fd3141ca8335fdd3737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:45:6a:ba:13:df:cb:4b:b9:ab:1b:15:da:fa:
bf:44:e1:fc:aa:7f:96:b6:d9:8e:fa:18:e6:d3:2f:
d6:6e:c2:4f:42:69:e0:b7:db:28:21:bc:f0:8f:00:
c9:66:ab:eb:74:de:82:0c:87:ae:69:de:a4:bf:d0:
31:5e:4d:bb:e5:88:33:34:b2:5d:47:b1:cb:04:a6:
24:20:e7:ab:23:39:5f:7c:24:c9:97:66:7c:58:70:
4a:5a:1c:fb:ce:f7:6f:bd:50:e9:95:91:25:7f:6e:
c1:bd:6e:c0:cd:5d:fc:75:f3:7b:58:9b:34:7b:71:
9e:8b:90:d2:4f:56:64:cf:b0:23:d4:2f:4e:e8:91:
b9:41:2a:20:52:33:cb:68:c3:6e:ab:47:ad:3e:c7:
4b:c9:84:63:33:f0:3e:19:56:51:60:38:18:1b:aa:
9c:09:8f:c4:3a:07:c6:55:45:b9:b0:5c:1c:0c:5c:
5a:6d:27:0f:84:88:db:d3:e8:73:90:2e:bd:67:ed:
8e:88:ee:76:be:ae:9e:9b:96:f7:16:a5:43:64:a2:
de:f8:fa:6f:a8:c7:3f:8f:ec:fe:e7:e8:e2:2c:3e:
39:87:75:59:ee:a3:30:f8:b9:1e:48:c0:51:5e:7d:
67:c6:e2:21:de:db:c0:d7:d1:bf:e3:44:ff:f2:e2:
a1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:33:BE:47:7C:50:B7:EA:89:8E:6F:D3:14:1C:A8:33:5F:DD:37:37
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7DO-R3xQt-qJjm_TFByoM1_dNzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:a1:04:41:65:fe:21:a6:69:61:53:8c:60:c7:6c:69:fd:22:
a8:9f:1c:59:0e:c7:de:5d:ce:74:c6:a3:40:26:51:67:eb:c8:
1b:d2:ab:4f:98:d2:cd:eb:45:31:47:22:f2:5d:14:14:a5:68:
c6:ad:fe:ef:10:f6:5e:eb:67:aa:60:ff:bf:ca:88:a1:cf:85:
52:87:d8:f3:b4:ad:e4:78:58:da:80:d9:df:79:d3:47:9d:7e:
7d:0a:86:a2:ca:b2:3a:ce:e6:87:92:9a:ef:29:2b:37:18:f4:
09:15:b0:1e:fa:ad:a5:30:73:5a:c5:78:40:07:ee:0e:68:2d:
a4:98:51:c1:37:38:1c:20:fe:05:82:03:04:12:22:a0:0d:ea:
f0:10:24:72:23:76:8e:e9:b4:98:dc:db:dd:a0:5b:ba:d9:6f:
05:78:2d:a2:fe:22:a2:d2:a0:4c:bd:4d:0c:8d:d0:12:ec:5c:
fa:bd:0a:96:3a:6f:a3:d5:aa:09:f0:5b:86:f8:d3:0a:dc:ce:
e9:f9:61:63:8e:e2:a6:3d:06:2e:1b:f0:f2:9a:73:9a:e0:2e:
95:a2:61:85:30:c9:87:a7:e6:bb:12:9e:44:73:f3:ec:f6:5b:
77:ff:45:da:c5:14:12:c5:2e:7b:ce:f1:01:3e:18:74:cf:f3:
8b:dc:f0:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqjDspa3gbBk+tUaBhDkw5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MTIxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzMzYmU0NzdjNTBiN2VhODk4ZTZmZDMxNDFjYTgzMzVmZGQzNzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEVquhPfy0u5qxsV2vq/ROH8qn+W
ttmO+hjm0y/WbsJPQmngt9soIbzwjwDJZqvrdN6CDIeuad6kv9AxXk275YgzNLJd
R7HLBKYkIOerIzlffCTJl2Z8WHBKWhz7zvdvvVDplZElf27BvW7AzV38dfN7WJs0
e3Gei5DST1Zkz7Aj1C9O6JG5QSogUjPLaMNuq0etPsdLyYRjM/A+GVZRYDgYG6qc
CY/EOgfGVUW5sFwcDFxabScPhIjb0+hzkC69Z+2OiO52vq6em5b3FqVDZKLe+Ppv
qMc/j+z+5+jiLD45h3VZ7qMw+LkeSMBRXn1nxuIh3tvA19G/40T/8uKhxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOwzvkd8ULfqiY5v0xQcqDNf3Tc3MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvN0RPLVIzeFF0LXFKam1fVEZCeW9NMV9kTnpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC2hBEFl/iGmaWFTjGDH
bGn9IqifHFkOx95dznTGo0AmUWfryBvSq0+Y0s3rRTFHIvJdFBSlaMat/u8Q9l7r
Z6pg/7/KiKHPhVKH2PO0reR4WNqA2d9500edfn0KhqLKsjrO5oeSmu8pKzcY9AkV
sB76raUwc1rFeEAH7g5oLaSYUcE3OBwg/gWCAwQSIqAN6vAQJHIjdo7ptJjc292g
W7rZbwV4LaL+IqLSoEy9TQyN0BLsXPq9CpY6b6PVqgnwW4b40wrczun5YWOO4qY9
Bi4b8PKac5rgLpWiYYUwyYen5rsSnkRz8+z2W3f/RdrFFBLFLnvO8QE+GHTP84vc
8NE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:14:05 2025 by rpki-client