Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7z0Urp2pV1e--8m-Sa0IQS99hZI.roa
File: 7z0Urp2pV1e--8m-Sa0IQS99hZI.roa (raw, json)
Hash identifier: PftlF6L8m4YcpVWODTqEWTaCQyG5hfse1YS30oLuRSI=
Subject key identifier: EF:3D:14:AE:9D:A9:57:57:BE:FB:C9:BE:49:AD:08:41:2F:7D:85:92
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4DE84E0489C27F260DB58302F347FCD0
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7z0Urp2pV1e--8m-Sa0IQS99hZI.roa
Signing time: Thu 31 Aug 2023 23:23:04 +0000
ROA not before: Thu 31 Aug 2023 23:23:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4d:e8:4e:04:89:c2:7f:26:0d:b5:83:02:f3:47:fc:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 23:23:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef3d14ae9da95757befbc9be49ad08412f7d8592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7b:e6:99:09:68:60:ca:f9:c3:e8:aa:fb:be:
76:04:ad:01:bb:20:07:68:cc:fb:a7:41:ac:23:18:
89:6d:46:bc:61:64:bc:91:98:ee:1a:11:f6:99:4a:
d5:d7:b9:a0:f3:84:e4:7d:88:7b:00:31:2c:65:46:
37:0a:f3:71:02:81:73:9f:d5:69:3b:19:67:fa:a4:
e7:6f:85:d5:db:3a:f7:ab:f7:c4:35:63:ba:67:99:
e5:36:f0:a4:4b:9a:ca:c9:9f:53:4c:c4:47:9e:b6:
73:4e:77:e6:82:95:72:84:9f:9b:76:30:b6:b5:8d:
b9:84:d6:48:4c:c2:85:87:9d:3f:32:87:08:3e:1b:
d1:cc:06:fa:c7:1f:a6:3f:b8:2b:d8:7a:d1:b5:17:
12:9d:94:a9:1c:c3:6e:af:65:85:fa:e9:76:5c:5e:
9d:b9:59:46:dd:58:48:ca:bc:34:64:6c:54:b0:00:
26:0b:81:55:65:74:e4:8f:f3:99:38:d0:bb:33:95:
bd:98:75:6f:16:6b:f9:81:7b:40:55:9f:bb:73:b8:
57:d7:7f:78:d5:19:a8:c2:f7:bf:54:a1:29:f3:ff:
4d:f4:6a:1e:f3:fd:fb:35:8d:3f:d0:c1:e9:08:28:
4a:b2:37:52:ab:05:21:be:6b:e1:f1:4e:c2:28:db:
30:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:3D:14:AE:9D:A9:57:57:BE:FB:C9:BE:49:AD:08:41:2F:7D:85:92
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/7z0Urp2pV1e--8m-Sa0IQS99hZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:d1:3b:33:2d:d3:f6:b2:90:1d:13:5a:83:e6:89:49:bc:08:
7e:75:12:4c:98:b1:68:8a:21:04:b0:79:4f:19:95:e0:c4:c5:
21:46:17:5d:e5:8b:3b:63:21:8d:9b:d0:44:fd:ef:ee:5d:4f:
5c:ec:8e:58:de:18:79:b8:d9:45:b8:6d:fe:0d:f2:6f:cd:40:
32:b1:a5:7d:36:2c:6c:21:18:3d:90:3c:35:8c:3b:bf:0d:21:
68:13:f0:49:b9:6e:90:04:f6:40:44:a9:f1:de:3c:4b:cc:d7:
46:38:a2:86:9a:86:a7:67:59:3c:4f:f4:68:b6:9b:ac:6b:e1:
b0:bd:b6:62:d6:c4:df:8b:30:12:46:4b:a7:bb:ae:9a:41:44:
99:45:0a:8d:1c:1e:d3:4b:57:30:c4:69:83:d1:a3:ef:cd:ed:
4e:cd:45:e1:89:8e:ed:f2:d0:30:28:11:ef:6f:d5:17:35:99:
b4:f3:87:44:42:a7:69:20:e3:82:57:fc:a1:0f:92:80:a8:ac:
d4:48:2c:1f:e0:2f:e4:0e:a8:b1:5b:db:f9:71:79:2e:fb:8b:
e7:a0:12:01:85:8a:cf:67:44:4d:e5:1d:52:92:f7:ba:57:15:
af:b0:2d:b0:1a:30:1f:f0:e8:28:77:59:24:17:de:aa:dd:2d:
09:56:0e:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpN6E4EicJ/Jg21gwLzR/zQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMjMyMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjNkMTRhZTlkYTk1NzU3YmVmYmM5YmU0OWFkMDg0MTJmN2Q4NTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXvmmQloYMr5w+iq+752BK0BuyAH
aMz7p0GsIxiJbUa8YWS8kZjuGhH2mUrV17mg84TkfYh7ADEsZUY3CvNxAoFzn9Vp
Oxln+qTnb4XV2zr3q/fENWO6Z5nlNvCkS5rKyZ9TTMRHnrZzTnfmgpVyhJ+bdjC2
tY25hNZITMKFh50/MocIPhvRzAb6xx+mP7gr2HrRtRcSnZSpHMNur2WF+ul2XF6d
uVlG3VhIyrw0ZGxUsAAmC4FVZXTkj/OZONC7M5W9mHVvFmv5gXtAVZ+7c7hX1394
1Rmowve/VKEp8/9N9Goe8/37NY0/0MHpCChKsjdSqwUhvmvh8U7CKNswjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO89FK6dqVdXvvvJvkmtCEEvfYWSMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvN3owVXJwMnBWMWUtLThtLVNhMElRUzk5aFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKDROzMt0/aykB0TWoPm
iUm8CH51EkyYsWiKIQSweU8ZleDExSFGF13liztjIY2b0ET97+5dT1zsjljeGHm4
2UW4bf4N8m/NQDKxpX02LGwhGD2QPDWMO78NIWgT8Em5bpAE9kBEqfHePEvM10Y4
ooaahqdnWTxP9Gi2m6xr4bC9tmLWxN+LMBJGS6e7rppBRJlFCo0cHtNLVzDEaYPR
o+/N7U7NReGJju3y0DAoEe9v1Rc1mbTzh0RCp2kg44JX/KEPkoCorNRILB/gL+QO
qLFb2/lxeS77i+egEgGFis9nRE3lHVKS97pXFa+wLbAaMB/w6Ch3WSQX3qrdLQlW
Dq8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:55 2025 by rpki-client