Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7OBEJd-Dq8c1NbdNCHngu9bPrkQ.roa
File: 7OBEJd-Dq8c1NbdNCHngu9bPrkQ.roa (raw, json)
Hash identifier: 6uJYL11rIbLIgyoNWO+22SGFzwB8W3MQb62nTbuwBvM=
Subject key identifier: EC:E0:44:25:DF:83:AB:C7:35:35:B7:4D:08:79:E0:BB:D6:CF:AE:44
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9064A73ADCA5B4268F7FB2990E4BF6FE
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7OBEJd-Dq8c1NbdNCHngu9bPrkQ.roa
Signing time: Wed 13 Sep 2023 21:13:50 +0000
ROA not before: Wed 13 Sep 2023 21:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:90:64:a7:3a:dc:a5:b4:26:8f:7f:b2:99:0e:4b:f6:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 21:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ece04425df83abc73535b74d0879e0bbd6cfae44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6f:81:c7:ef:9c:4d:1e:23:ad:0c:9a:14:10:
70:c2:5a:74:43:c8:6d:c4:4e:1d:7c:49:4e:15:ac:
a7:00:01:c9:ef:7b:b5:88:52:84:f4:7c:e6:42:0e:
78:af:65:b9:f2:43:4f:34:c5:0d:c8:eb:5c:e0:82:
4c:f7:43:e7:9f:56:f2:ee:67:e5:23:32:60:a3:fa:
59:01:2a:07:07:97:c6:05:72:00:4b:d2:f9:ab:57:
d0:ce:2d:fa:cf:ed:30:75:87:fc:bc:9c:b7:c4:ad:
1b:70:7e:a0:15:b7:6b:6b:45:ac:d3:49:69:b5:7a:
b8:3c:19:b0:c6:11:8d:3e:c4:2f:40:66:0a:ae:1e:
6b:bd:08:2e:d2:1c:6b:ac:0f:4b:56:3c:e9:27:0f:
34:9d:5d:56:f6:a4:36:e2:3f:5c:8b:97:ea:b3:57:
79:f8:7e:84:37:12:20:27:62:2e:df:72:ff:30:84:
ef:4c:0b:c7:20:22:93:75:49:ef:d0:c3:9b:6e:78:
85:87:9b:85:d9:9e:67:79:d7:93:88:77:c1:46:73:
27:03:6c:96:e6:6d:31:81:57:5b:b8:9b:10:49:80:
c3:eb:e4:81:fe:90:7e:47:2c:b6:4d:63:75:6c:28:
c3:42:e3:cc:bc:54:36:45:cd:99:40:ec:27:a5:57:
bf:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E0:44:25:DF:83:AB:C7:35:35:B7:4D:08:79:E0:BB:D6:CF:AE:44
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7OBEJd-Dq8c1NbdNCHngu9bPrkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:9b:69:35:1e:9f:dc:a1:d7:3b:a3:61:00:d1:75:16:69:2b:
9f:ef:59:96:c1:16:df:61:7a:79:34:d2:c4:ef:43:cb:1c:fd:
4f:c0:c1:e8:5c:99:4d:9a:b4:af:10:6b:19:f0:d8:9f:78:d5:
6e:fb:51:36:74:22:7f:c0:d3:08:17:ba:4a:9b:f1:d3:91:5e:
5e:e7:b0:41:b3:ff:02:9b:31:bf:b1:b1:a9:19:fd:b3:c6:61:
be:d2:75:a6:de:91:80:ed:5f:6c:85:eb:b7:25:01:80:31:4c:
7b:28:84:82:22:78:e6:38:aa:9b:0d:4a:a7:41:1d:dc:10:ed:
23:ba:1a:5a:ca:57:34:ac:60:29:ea:dd:38:54:1f:8e:c1:aa:
ca:95:99:e7:9d:f3:a6:56:75:f5:0d:76:e0:91:f7:b8:98:51:
c8:0c:74:0a:7e:06:d2:c6:c0:63:49:6f:41:c6:26:09:f3:44:
6d:28:fc:8c:bc:b7:8c:86:6e:81:7a:56:ab:fa:bc:da:04:63:
57:e8:89:99:bb:68:8b:02:eb:4c:bf:30:64:92:5e:2e:77:bd:
d7:b8:95:4e:b7:62:43:e2:0d:4a:1b:9c:23:6d:33:49:19:29:
e1:13:8f:cd:f2:bc:b0:52:5b:f0:19:92:75:97:cc:3f:be:9c:
80:4a:1a:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqQZKc63KW0Jo9/spkOS/b+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMjExMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2UwNDQyNWRmODNhYmM3MzUzNWI3NGQwODc5ZTBiYmQ2Y2ZhZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG+Bx++cTR4jrQyaFBBwwlp0Q8ht
xE4dfElOFaynAAHJ73u1iFKE9HzmQg54r2W58kNPNMUNyOtc4IJM90Pnn1by7mfl
IzJgo/pZASoHB5fGBXIAS9L5q1fQzi36z+0wdYf8vJy3xK0bcH6gFbdra0Ws00lp
tXq4PBmwxhGNPsQvQGYKrh5rvQgu0hxrrA9LVjzpJw80nV1W9qQ24j9ci5fqs1d5
+H6ENxIgJ2Iu33L/MITvTAvHICKTdUnv0MObbniFh5uF2Z5nedeTiHfBRnMnA2yW
5m0xgVdbuJsQSYDD6+SB/pB+Ryy2TWN1bCjDQuPMvFQ2Rc2ZQOwnpVe/oQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOzgRCXfg6vHNTW3TQh54LvWz65EMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvN09CRUpkLURxOGMxTmJkTkNIbmd1OWJQcmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKObaTUen9yh1zujYQDR
dRZpK5/vWZbBFt9henk00sTvQ8sc/U/AwehcmU2atK8Qaxnw2J941W77UTZ0In/A
0wgXukqb8dORXl7nsEGz/wKbMb+xsakZ/bPGYb7SdabekYDtX2yF67clAYAxTHso
hIIieOY4qpsNSqdBHdwQ7SO6GlrKVzSsYCnq3ThUH47BqsqVmeed86ZWdfUNduCR
97iYUcgMdAp+BtLGwGNJb0HGJgnzRG0o/Iy8t4yGboF6Vqv6vNoEY1foiZm7aIsC
60y/MGSSXi53vde4lU63YkPiDUobnCNtM0kZKeETj83yvLBSW/AZknWXzD++nIBK
GsY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:44:41 2025 by rpki-client