Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7r1UDhGh8R63W5G4Bo3B5Zs_UyI.roa
File: 7r1UDhGh8R63W5G4Bo3B5Zs_UyI.roa (raw, json)
Hash identifier: ZJEQyiCxT1WMRim/x7ppIsw/NQPWLCruoPJbcOZadUE=
Subject key identifier: EE:BD:54:0E:11:A1:F1:1E:B7:5B:91:B8:06:8D:C1:E5:9B:3F:53:22
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5A80CAA9D2B23B110620D8DCADDACC7F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7r1UDhGh8R63W5G4Bo3B5Zs_UyI.roa
Signing time: Sun 03 Sep 2023 10:05:04 +0000
ROA not before: Sun 03 Sep 2023 10:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:5a7f:fd4f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5a:80:ca:a9:d2:b2:3b:11:06:20:d8:dc:ad:da:cc:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 10:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eebd540e11a1f11eb75b91b8068dc1e59b3f5322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:11:7c:ab:b3:c0:b3:e9:50:33:d1:a8:af:8c:
e1:aa:2d:ab:a0:b6:3d:91:22:dd:2e:2b:7b:37:15:
13:58:fa:57:11:97:4f:7f:f8:54:24:41:be:a6:49:
df:44:9e:d6:3d:22:bd:73:a2:9b:98:63:df:9c:a7:
1d:41:6a:1b:6d:c4:75:86:57:a4:c2:27:fd:eb:67:
55:34:62:15:2c:31:6d:ed:54:cb:57:3e:a7:97:2b:
87:7b:03:ce:66:bd:f1:a8:33:df:ef:e2:c2:b7:50:
fa:59:c3:c2:ac:43:11:8b:b8:b8:0c:dc:18:12:42:
9e:81:d1:c7:1c:4c:c9:98:dc:3b:0b:6b:74:50:50:
c9:84:e5:1e:ac:4d:5d:06:bd:ea:fb:bf:ef:f2:cb:
a3:03:0d:b2:65:f1:0c:51:87:f9:21:c6:71:bc:2c:
96:57:65:8c:ac:6e:de:0c:fd:58:83:63:aa:db:57:
e0:f7:f1:cb:eb:da:ea:a9:90:c8:cc:ed:87:f1:f7:
fd:67:be:97:32:f1:07:de:d6:c5:d7:f1:b2:ac:06:
30:aa:43:5f:79:c0:f2:33:67:eb:de:7b:c7:ed:2b:
a0:e8:32:02:c7:cc:54:c4:5b:d1:8f:ae:ca:22:6b:
3a:05:07:3a:13:43:16:d6:70:35:07:3e:9f:65:55:
97:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:BD:54:0E:11:A1:F1:1E:B7:5B:91:B8:06:8D:C1:E5:9B:3F:53:22
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7r1UDhGh8R63W5G4Bo3B5Zs_UyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:09:8a:99:bf:79:4d:4e:e6:5b:a7:13:f6:1f:b1:54:f3:d3:
38:1f:ef:e4:5d:2a:0d:d0:b9:32:cb:e9:af:86:aa:e8:72:d0:
67:cb:4b:81:af:d2:90:0f:2d:dc:92:4c:ff:44:9e:66:4e:5f:
03:ad:a2:71:90:c9:1a:66:5c:fa:d6:c5:6e:3d:19:e6:15:a1:
54:3b:3a:ac:6c:a6:28:15:56:6f:86:69:2f:ca:b3:f5:51:ef:
b6:46:cc:b5:b2:2b:4b:31:e8:c5:15:19:22:ad:f9:7b:fe:f9:
7a:e0:03:4b:34:b2:0a:09:73:91:32:d6:58:77:1b:db:5a:9c:
4a:1d:ab:3b:b0:18:fc:ba:d8:00:93:fa:8a:6b:df:62:94:87:
17:f9:45:e0:70:60:47:df:f1:e8:57:95:8e:fd:95:e1:84:53:
c9:d7:99:46:72:90:52:26:bb:f1:54:4b:06:59:30:ed:6f:c4:
90:f6:d6:1c:38:6b:cf:35:c0:70:3f:d8:f3:45:98:a7:af:36:
dd:9c:44:d8:62:b9:d0:a7:08:db:ec:c5:a2:1f:45:7e:db:06:
54:0f:3c:f5:46:7d:77:a1:d9:d2:ce:fa:ae:30:51:bd:8f:74:
77:2c:33:14:f6:22:b5:ab:b9:98:d9:1a:f9:92:2e:9b:97:ca:
97:b7:a3:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpagMqp0rI7EQYg2Nyt2sx/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMTAwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWJkNTQwZTExYTFmMTFlYjc1YjkxYjgwNjhkYzFlNTliM2Y1MzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxF8q7PAs+lQM9Gor4zhqi2roLY9
kSLdLit7NxUTWPpXEZdPf/hUJEG+pknfRJ7WPSK9c6KbmGPfnKcdQWobbcR1hlek
wif962dVNGIVLDFt7VTLVz6nlyuHewPOZr3xqDPf7+LCt1D6WcPCrEMRi7i4DNwY
EkKegdHHHEzJmNw7C2t0UFDJhOUerE1dBr3q+7/v8sujAw2yZfEMUYf5IcZxvCyW
V2WMrG7eDP1Yg2Oq21fg9/HL69rqqZDIzO2H8ff9Z76XMvEH3tbF1/GyrAYwqkNf
ecDyM2fr3nvH7Sug6DICx8xUxFvRj67KIms6BQc6E0MW1nA1Bz6fZVWXsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO69VA4RofEet1uRuAaNweWbP1MiMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvN3IxVURoR2g4UjYzVzVHNEJvM0I1WnNfVXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEsJipm/eU1O5lunE/Yf
sVTz0zgf7+RdKg3QuTLL6a+Gquhy0GfLS4Gv0pAPLdySTP9EnmZOXwOtonGQyRpm
XPrWxW49GeYVoVQ7OqxspigVVm+GaS/Ks/VR77ZGzLWyK0sx6MUVGSKt+Xv++Xrg
A0s0sgoJc5Ey1lh3G9tanEodqzuwGPy62ACT+opr32KUhxf5ReBwYEff8ehXlY79
leGEU8nXmUZykFImu/FUSwZZMO1vxJD21hw4a881wHA/2PNFmKevNt2cRNhiudCn
CNvsxaIfRX7bBlQPPPVGfXeh2dLO+q4wUb2PdHcsMxT2IrWruZjZGvmSLpuXype3
o6c=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:35:40 2025 by rpki-client