Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7fT6RIPzSlg2crE9sI-gU4b4V_E.roa
File: 7fT6RIPzSlg2crE9sI-gU4b4V_E.roa (raw, json)
Hash identifier: olaqI2p1EzPzE143353YWJgGuovh2VUOgfxHfA2dNyY=
Subject key identifier: ED:F4:FA:44:83:F3:4A:58:36:72:B1:3D:B0:8F:A0:53:86:F8:57:F1
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A57C17C7D1E24DB06F77422C65756171B
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7fT6RIPzSlg2crE9sI-gU4b4V_E.roa
Signing time: Sat 02 Sep 2023 21:16:52 +0000
ROA not before: Sat 02 Sep 2023 21:16:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:57:c1:7c:7d:1e:24:db:06:f7:74:22:c6:57:56:17:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 21:16:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edf4fa4483f34a583672b13db08fa05386f857f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0f:a9:f7:2e:a3:4d:aa:fc:08:9a:09:28:d1:
eb:4b:31:2d:ee:ce:1c:71:84:15:a4:22:3a:98:79:
5e:ec:52:2b:7b:e0:68:2e:c4:a8:8e:2f:67:6c:54:
de:3b:1c:fa:a2:55:02:b9:fc:83:53:f4:49:a4:19:
87:f8:f1:01:ec:1d:3e:ae:2d:cb:65:b3:7d:74:2f:
8c:dc:6a:00:a3:b2:af:64:6b:c8:71:79:5f:a0:9b:
55:da:30:3c:d2:2e:fc:68:0c:31:a9:2a:ef:46:9d:
fa:79:aa:ee:af:4c:b9:65:5e:9f:5c:6c:c7:73:bb:
55:e2:50:ac:fb:8a:3f:1d:aa:f5:2e:85:21:a0:5c:
31:d7:a6:ec:43:cd:4a:f4:99:0b:6f:3f:8d:83:d2:
9a:01:af:8d:bc:7c:9e:6c:93:f2:57:1c:d9:e1:3a:
18:4f:70:17:66:d1:7d:ef:c6:ef:d7:8a:24:9a:19:
dd:5f:9c:2e:0f:43:b8:bb:c6:25:7c:a7:23:63:82:
b3:05:f5:1c:b7:7a:b1:64:95:34:c8:66:a7:ab:e7:
05:7e:40:61:b0:3e:53:2d:6d:7a:89:97:fb:37:40:
0b:13:84:1f:3a:53:68:81:4e:7b:67:9b:9c:43:c1:
20:86:d9:93:55:cd:69:1e:a9:35:76:59:de:1d:00:
3d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F4:FA:44:83:F3:4A:58:36:72:B1:3D:B0:8F:A0:53:86:F8:57:F1
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7fT6RIPzSlg2crE9sI-gU4b4V_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:71:28:ca:81:47:ad:fc:8e:aa:c8:b5:e0:c6:3b:fe:ac:ab:
a6:8e:1b:21:f5:98:41:8e:f7:d3:b4:f9:2f:e6:f6:06:f7:0e:
a0:f2:f1:72:95:20:0f:ec:95:94:fa:cf:0b:50:54:d0:86:55:
b0:c8:ec:b6:d6:0a:1c:50:8b:03:f0:99:fc:b0:6f:f2:1f:c9:
8b:09:56:e4:d1:ec:37:21:97:20:1e:20:f8:5c:fd:21:ec:8a:
91:5c:4b:f6:89:3e:d2:2c:ce:70:8d:ed:38:14:a1:e7:cf:9a:
fe:78:8e:52:2d:f0:a0:ee:24:36:7e:eb:97:af:cf:05:d3:d3:
e3:26:2f:22:5d:90:3d:a8:bc:04:58:96:2d:4f:88:d1:f6:5f:
59:1b:0f:d0:7a:21:e8:1e:4a:23:54:b0:61:af:b1:6c:3e:ff:
ef:b1:44:8f:68:d6:dc:8a:ee:21:53:46:49:e0:bd:b0:62:1e:
26:4a:55:76:24:67:d4:2e:2a:1b:c7:57:b9:37:8c:2f:31:d6:
f2:d4:8a:0d:de:d3:db:78:0f:90:5b:27:98:23:c4:55:61:59:
df:de:d3:55:dd:ee:10:b7:39:d3:aa:b8:2e:95:36:29:64:d4:
53:cc:ff:82:f7:11:b9:aa:0b:6b:49:50:5f:8d:8c:a1:96:45:
61:d5:0c:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpXwXx9HiTbBvd0IsZXVhcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMjExNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGY0ZmE0NDgzZjM0YTU4MzY3MmIxM2RiMDhmYTA1Mzg2Zjg1N2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw+p9y6jTar8CJoJKNHrSzEt7s4c
cYQVpCI6mHle7FIre+BoLsSoji9nbFTeOxz6olUCufyDU/RJpBmH+PEB7B0+ri3L
ZbN9dC+M3GoAo7KvZGvIcXlfoJtV2jA80i78aAwxqSrvRp36earur0y5ZV6fXGzH
c7tV4lCs+4o/Har1LoUhoFwx16bsQ81K9JkLbz+Ng9KaAa+NvHyebJPyVxzZ4ToY
T3AXZtF978bv14okmhndX5wuD0O4u8YlfKcjY4KzBfUct3qxZJU0yGanq+cFfkBh
sD5TLW16iZf7N0ALE4QfOlNogU57Z5ucQ8EghtmTVc1pHqk1dlneHQA9LwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO30+kSD80pYNnKxPbCPoFOG+FfxMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvN2ZUNlJJUHpTbGcyY3JFOXNJLWdVNGI0Vl9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHRxKMqBR638jqrIteDG
O/6sq6aOGyH1mEGO99O0+S/m9gb3DqDy8XKVIA/slZT6zwtQVNCGVbDI7LbWChxQ
iwPwmfywb/IfyYsJVuTR7DchlyAeIPhc/SHsipFcS/aJPtIsznCN7TgUoefPmv54
jlIt8KDuJDZ+65evzwXT0+MmLyJdkD2ovARYli1PiNH2X1kbD9B6IegeSiNUsGGv
sWw+/++xRI9o1tyK7iFTRkngvbBiHiZKVXYkZ9QuKhvHV7k3jC8x1vLUig3e09t4
D5BbJ5gjxFVhWd/e01Xd7hC3OdOquC6VNilk1FPM/4L3EbmqC2tJUF+NjKGWRWHV
DB4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:52 2025 by rpki-client