Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7Rs2jDBwiN4wHeRbkcrJ52Krh0Q.roa
File: 7Rs2jDBwiN4wHeRbkcrJ52Krh0Q.roa (raw, json)
Hash identifier: hvYMeUZ7uWJC0d8inNsaQUTPzf/OUgXpex5CX6mq0kg=
Subject key identifier: ED:1B:36:8C:30:70:88:DE:30:1D:E4:5B:91:CA:C9:E7:62:AB:87:44
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8F49C1F59D085A35F454FEF1148487B1
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7Rs2jDBwiN4wHeRbkcrJ52Krh0Q.roa
Signing time: Wed 13 Sep 2023 16:04:50 +0000
ROA not before: Wed 13 Sep 2023 16:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:8f49:4506/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8f:49:c1:f5:9d:08:5a:35:f4:54:fe:f1:14:84:87:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 16:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed1b368c307088de301de45b91cac9e762ab8744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:dd:f6:a4:1e:90:92:f5:aa:9d:73:f6:32:27:
3c:54:1a:77:90:24:e1:a0:23:72:d0:5e:46:1c:d4:
5f:3f:1a:24:44:d5:2f:36:47:3b:bb:7d:09:fc:ba:
ee:3b:80:29:99:f1:3b:33:86:dc:c0:ea:1d:97:3c:
46:32:41:48:30:33:5f:d4:cf:f2:1a:79:b1:d3:1e:
d2:8e:c4:6c:b0:92:82:e9:13:dd:6f:a9:c4:52:8e:
69:41:14:f8:e6:a1:71:e4:85:15:a8:46:fc:20:99:
87:5e:f4:03:30:01:68:d5:e8:4c:2a:ab:b8:e9:ae:
ba:a6:09:aa:1d:cb:4c:94:36:44:7e:21:22:aa:5f:
ad:9c:12:88:84:bc:18:97:6c:0c:a0:6e:9d:b8:ec:
b1:1c:6d:de:d1:a7:df:32:07:19:03:8e:d7:6f:28:
f9:ba:95:82:fb:86:83:f5:5b:7f:e4:2d:94:7a:24:
e5:d1:29:60:c3:81:bc:05:41:16:0d:31:e7:11:42:
ac:c8:f4:cd:2e:ef:70:16:d9:fb:2b:27:17:9f:1a:
68:a4:87:fd:dd:02:b7:36:12:fc:aa:70:f2:00:41:
a9:2a:90:74:90:0c:5d:25:0d:6c:82:21:61:81:d6:
24:15:d4:0e:73:1d:ae:2b:69:0c:90:06:c9:9a:d2:
33:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:1B:36:8C:30:70:88:DE:30:1D:E4:5B:91:CA:C9:E7:62:AB:87:44
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7Rs2jDBwiN4wHeRbkcrJ52Krh0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:d4:5a:62:a5:48:72:44:bf:f8:7f:7d:5d:aa:3d:a6:ac:d2:
bf:d8:10:f6:bd:2a:ec:2f:d2:2e:ac:be:89:0d:2a:dc:10:ec:
61:08:c3:e6:d2:32:ff:d8:1e:c9:bc:ec:a3:a5:7c:a8:b4:32:
9d:54:e4:f4:df:87:29:0e:1b:77:0b:ee:20:a8:e0:71:56:3d:
4a:b4:4c:3a:68:d0:aa:7a:f1:db:ed:bb:70:6a:3d:00:c1:42:
b3:fb:d7:93:c8:d8:cd:4c:4f:1e:19:b7:fa:3c:f4:6d:a7:38:
9b:f3:1b:a1:98:83:ff:87:52:12:b6:4d:5b:a8:0e:b5:b5:2b:
ee:2e:1e:1f:78:5f:92:48:64:f2:ec:c9:13:ca:16:6b:a1:0e:
49:05:40:fd:98:1c:2f:4c:5b:1a:0d:d5:5d:c1:03:ee:ca:70:
be:7c:d6:b2:92:a9:f7:27:bf:34:4e:74:48:4c:ba:e4:27:2f:
0a:f9:0f:04:c3:5d:2d:58:d2:01:9c:ef:17:3b:5a:9a:20:fe:
bd:db:6e:a3:a6:76:5f:e0:69:dc:b4:7e:65:f7:4d:40:96:ec:
4f:5c:c1:60:cb:01:90:ec:a3:fe:06:76:1d:be:53:ae:9b:f2:
f7:38:58:6f:c6:83:1c:c3:b6:09:25:13:00:92:6b:39:64:fb:
fd:53:10:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqPScH1nQhaNfRU/vEUhIexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMTYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDFiMzY4YzMwNzA4OGRlMzAxZGU0NWI5MWNhYzllNzYyYWI4NzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN32pB6QkvWqnXP2Mic8VBp3kCTh
oCNy0F5GHNRfPxokRNUvNkc7u30J/LruO4ApmfE7M4bcwOodlzxGMkFIMDNf1M/y
Gnmx0x7SjsRssJKC6RPdb6nEUo5pQRT45qFx5IUVqEb8IJmHXvQDMAFo1ehMKqu4
6a66pgmqHctMlDZEfiEiql+tnBKIhLwYl2wMoG6duOyxHG3e0affMgcZA47Xbyj5
upWC+4aD9Vt/5C2UeiTl0Slgw4G8BUEWDTHnEUKsyPTNLu9wFtn7KycXnxpopIf9
3QK3NhL8qnDyAEGpKpB0kAxdJQ1sgiFhgdYkFdQOcx2uK2kMkAbJmtIzpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO0bNowwcIjeMB3kW5HKyediq4dEMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvN1JzMmpEQndpTjR3SGVSYmtjcko1MktyaDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKfUWmKlSHJEv/h/fV2q
Paas0r/YEPa9Kuwv0i6svokNKtwQ7GEIw+bSMv/YHsm87KOlfKi0Mp1U5PTfhykO
G3cL7iCo4HFWPUq0TDpo0Kp68dvtu3BqPQDBQrP715PI2M1MTx4Zt/o89G2nOJvz
G6GYg/+HUhK2TVuoDrW1K+4uHh94X5JIZPLsyRPKFmuhDkkFQP2YHC9MWxoN1V3B
A+7KcL581rKSqfcnvzROdEhMuuQnLwr5DwTDXS1Y0gGc7xc7Wpog/r3bbqOmdl/g
ady0fmX3TUCW7E9cwWDLAZDso/4Gdh2+U66b8vc4WG/GgxzDtgklEwCSazlk+/1T
ENA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:23:07 2025 by rpki-client