Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8-p7AtVBjZS9omavos0d_PXUXCc.roa
File: 8-p7AtVBjZS9omavos0d_PXUXCc.roa (raw, json)
Hash identifier: tFMISXz9G2NGXTTYTwpKgg+pbW3GeCUi42jYASDWgkA=
Subject key identifier: F3:EA:7B:02:D5:41:8D:94:BD:A2:66:AF:A2:CD:1D:FC:F5:D4:5C:27
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6127AC39DB50D12DB0E3933CF7EA5D20
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8-p7AtVBjZS9omavos0d_PXUXCc.roa
Signing time: Mon 04 Sep 2023 17:05:04 +0000
ROA not before: Mon 04 Sep 2023 17:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:6127:2d60/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:61:27:ac:39:db:50:d1:2d:b0:e3:93:3c:f7:ea:5d:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 17:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3ea7b02d5418d94bda266afa2cd1dfcf5d45c27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c5:cc:63:10:59:92:82:d2:9e:16:8f:45:8e:
10:fe:f1:32:6a:23:97:32:35:1d:f6:50:1a:4a:55:
65:10:9f:f4:66:37:cd:59:89:90:c2:89:a2:72:14:
2d:ac:da:8d:ff:e0:d4:86:2b:e7:f0:9e:70:f6:c1:
62:ef:96:98:a3:d7:df:4c:26:50:9d:c0:d9:b1:fe:
84:d5:24:21:d4:19:99:e2:27:fe:59:65:42:d1:20:
70:08:d9:70:49:b8:b5:f7:e2:7f:18:52:2c:af:c2:
25:7a:a7:74:75:85:c4:99:c6:9b:db:20:d5:be:d1:
ec:54:82:35:ae:77:98:f4:43:ea:2e:c3:62:4d:d1:
dc:56:52:11:40:31:d7:2d:90:d1:f2:b3:e7:0a:86:
72:78:c6:7a:a4:89:ee:8b:5c:bf:f0:64:75:8d:ad:
99:35:fa:2b:0f:2b:3b:ae:19:66:da:cf:13:12:a3:
bb:06:e7:7d:3a:2f:9e:a9:83:a3:ee:63:c0:47:ed:
ea:52:7d:82:c7:ed:9e:32:a6:5e:d5:e0:7c:25:53:
a9:65:41:bf:55:6b:20:97:f7:21:5a:98:24:b9:20:
cf:63:d1:a3:3b:43:67:63:eb:1f:6f:cf:45:f7:8d:
01:fc:59:fb:07:8c:ba:56:a1:cf:1a:5a:df:cb:f1:
b7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EA:7B:02:D5:41:8D:94:BD:A2:66:AF:A2:CD:1D:FC:F5:D4:5C:27
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8-p7AtVBjZS9omavos0d_PXUXCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:db:a3:7f:68:00:d6:15:6c:12:1e:72:e1:7f:a3:19:32:41:
a3:27:59:c9:d5:ed:69:a5:9e:ad:e8:b0:e1:8c:f3:f9:c3:69:
27:47:ab:1f:ab:ba:80:6f:36:37:6e:5f:4f:4d:af:15:de:24:
63:86:04:09:f2:f0:34:94:dc:a8:9d:2d:41:be:42:d1:89:4f:
11:12:50:3f:89:82:d6:ad:36:a3:16:50:73:33:77:dc:cc:3d:
73:fd:01:93:57:e5:a8:4c:5d:39:03:2a:bc:b9:e8:5b:54:b5:
d4:e8:de:16:40:30:34:75:13:8b:d0:4a:4c:4d:6a:b6:8e:97:
2a:c3:fb:bb:cc:be:a6:bb:77:ca:c1:ae:63:d3:97:04:2e:f3:
9f:e4:68:c1:1c:8c:85:75:37:eb:ee:a9:20:f7:b5:79:88:21:
5f:2b:cc:04:3e:02:26:e1:fa:d9:d0:58:78:b1:7c:a8:a7:e3:
de:4f:26:00:46:5f:93:11:3b:19:d7:37:fa:a6:fb:2e:40:23:
79:02:a5:79:ac:a0:31:1a:be:a6:46:b9:24:78:4f:0e:33:c0:
c2:1e:f2:d4:94:cb:d2:58:e3:ab:a7:19:88:2b:d5:5c:c7:4d:
98:c0:e8:98:ce:dc:af:7c:de:aa:1a:9b:fc:66:bd:27:86:25:
19:15:93:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYphJ6w521DRLbDjkzz36l0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MTcwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2VhN2IwMmQ1NDE4ZDk0YmRhMjY2YWZhMmNkMWRmY2Y1ZDQ1YzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosXMYxBZkoLSnhaPRY4Q/vEyaiOX
MjUd9lAaSlVlEJ/0ZjfNWYmQwomichQtrNqN/+DUhivn8J5w9sFi75aYo9ffTCZQ
ncDZsf6E1SQh1BmZ4if+WWVC0SBwCNlwSbi19+J/GFIsr8Ileqd0dYXEmcab2yDV
vtHsVII1rneY9EPqLsNiTdHcVlIRQDHXLZDR8rPnCoZyeMZ6pInui1y/8GR1ja2Z
NforDys7rhlm2s8TEqO7Bud9Oi+eqYOj7mPAR+3qUn2Cx+2eMqZe1eB8JVOpZUG/
VWsgl/chWpgkuSDPY9GjO0NnY+sfb89F940B/Fn7B4y6VqHPGlrfy/G3HwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPPqewLVQY2UvaJmr6LNHfz11FwnMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvOC1wN0F0VkJqWlM5b21hdm9zMGRfUFhVWENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFDbo39oANYVbBIecuF/
oxkyQaMnWcnV7Wmlnq3osOGM8/nDaSdHqx+ruoBvNjduX09NrxXeJGOGBAny8DSU
3KidLUG+QtGJTxESUD+JgtatNqMWUHMzd9zMPXP9AZNX5ahMXTkDKry56FtUtdTo
3hZAMDR1E4vQSkxNaraOlyrD+7vMvqa7d8rBrmPTlwQu85/kaMEcjIV1N+vuqSD3
tXmIIV8rzAQ+Aibh+tnQWHixfKin495PJgBGX5MROxnXN/qm+y5AI3kCpXmsoDEa
vqZGuSR4Tw4zwMIe8tSUy9JY46unGYgr1VzHTZjA6JjO3K983qoam/xmvSeGJRkV
k3c=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:24:02 2025 by rpki-client