Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8OimaeFT4D0Dr0HURj5XjvceIZk.roa
File: 8OimaeFT4D0Dr0HURj5XjvceIZk.roa (raw, json)
Hash identifier: N6cmsfLjg0sbYoNGruHsNnU2UPeBCyIEfxuMEjhXyFI=
Subject key identifier: F0:E8:A6:69:E1:53:E0:3D:03:AF:41:D4:46:3E:57:8E:F7:1E:21:99
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A480CACF61C903EAE619F484FC323F7D6
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8OimaeFT4D0Dr0HURj5XjvceIZk.roa
Signing time: Wed 30 Aug 2023 20:05:04 +0000
ROA not before: Wed 30 Aug 2023 20:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:480c:2162/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:48:0c:ac:f6:1c:90:3e:ae:61:9f:48:4f:c3:23:f7:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 20:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0e8a669e153e03d03af41d4463e578ef71e2199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:67:ca:ca:60:9c:0a:45:95:79:12:bc:58:fa:
dd:76:85:3f:2a:22:92:ec:f8:74:71:de:30:fc:ce:
53:ff:2e:c6:1e:f6:84:fe:ec:82:f9:69:06:c5:65:
22:26:29:5b:74:e8:a6:7d:3e:31:1d:e7:4c:95:bc:
20:76:0e:08:c2:b2:22:20:cf:83:74:58:c6:cd:04:
a9:2d:75:2a:fb:d2:b5:8d:6b:e6:2c:bc:66:31:fe:
c3:ac:c5:d4:fb:0d:62:f0:9e:f5:75:62:81:5f:80:
4f:f9:e7:0b:bb:12:ed:02:2f:8f:01:e2:05:bf:dd:
e9:1c:8d:ed:7c:08:3c:b0:27:54:02:52:69:fa:70:
c5:d6:89:37:7b:95:ff:3a:c1:2e:73:83:10:c0:15:
c4:3f:40:eb:3b:71:1e:7f:ce:ce:40:41:66:09:82:
11:b8:f2:9c:b6:06:16:08:82:d9:3b:10:77:11:00:
62:42:e1:f9:ab:e8:7e:69:0f:47:24:93:38:48:2c:
b4:37:71:25:14:27:c7:76:02:0a:dc:ce:8b:9c:18:
93:61:1d:7a:c6:95:b5:29:8a:4b:3b:cb:80:ef:c8:
20:23:55:6a:61:e1:66:98:a9:a8:d6:d5:ba:2e:6c:
d4:77:c4:1a:9d:5a:85:86:b2:98:2f:63:45:c7:56:
12:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E8:A6:69:E1:53:E0:3D:03:AF:41:D4:46:3E:57:8E:F7:1E:21:99
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8OimaeFT4D0Dr0HURj5XjvceIZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:ff:e4:d3:b2:a3:3c:4e:e8:fb:d2:91:05:79:99:c9:5b:58:
00:72:82:06:53:c4:dc:f5:ec:b1:18:1e:04:37:ac:c2:6c:7c:
33:0c:1b:35:d9:bd:f1:98:1b:2b:e6:24:78:ff:29:32:47:ec:
b0:42:52:74:25:2e:e4:3b:86:1b:5d:7a:0f:3c:cc:ee:37:46:
c5:93:6d:d3:3b:c3:0e:12:0e:f3:10:1c:cf:55:8c:05:5a:b5:
70:c8:bc:b7:d6:ac:ea:c1:a3:2c:d0:7b:15:ee:5a:3f:2c:bd:
ea:67:77:d2:47:eb:7e:ee:d1:5b:e7:ab:40:2d:9d:d1:3d:58:
32:3e:c5:d6:62:aa:96:55:7c:6d:ff:59:98:1c:8c:d0:cf:45:
39:2a:2e:ad:c2:53:e6:bb:35:a1:56:bc:97:29:9f:ff:be:9e:
01:b0:f5:ee:78:eb:04:b0:83:04:c1:d9:13:06:e5:53:e9:77:
f6:1d:a5:14:c9:05:d1:f3:a1:3d:73:ae:f1:d4:c5:3c:88:57:
1a:a6:d1:6c:e6:dd:a4:b8:4d:67:11:7f:07:3c:d6:1e:0f:c7:
7c:a2:25:66:0e:fc:f3:87:2a:73:78:aa:dc:c6:25:91:1f:74:
2a:c8:07:97:ab:27:ef:e4:41:2d:fa:69:6e:73:7c:9d:cb:43:
74:8d:c3:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpIDKz2HJA+rmGfSE/DI/fWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMjAwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGU4YTY2OWUxNTNlMDNkMDNhZjQxZDQ0NjNlNTc4ZWY3MWUyMTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmfKymCcCkWVeRK8WPrddoU/KiKS
7Ph0cd4w/M5T/y7GHvaE/uyC+WkGxWUiJilbdOimfT4xHedMlbwgdg4IwrIiIM+D
dFjGzQSpLXUq+9K1jWvmLLxmMf7DrMXU+w1i8J71dWKBX4BP+ecLuxLtAi+PAeIF
v93pHI3tfAg8sCdUAlJp+nDF1ok3e5X/OsEuc4MQwBXEP0DrO3Eef87OQEFmCYIR
uPKctgYWCILZOxB3EQBiQuH5q+h+aQ9HJJM4SCy0N3ElFCfHdgIK3M6LnBiTYR16
xpW1KYpLO8uA78ggI1VqYeFmmKmo1tW6LmzUd8QanVqFhrKYL2NFx1YS7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPDopmnhU+A9A69B1EY+V473HiGZMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvOE9pbWFlRlQ0RDBEcjBIVVJqNVhqdmNlSVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGD/5NOyozxO6PvSkQV5
mclbWAByggZTxNz17LEYHgQ3rMJsfDMMGzXZvfGYGyvmJHj/KTJH7LBCUnQlLuQ7
hhtdeg88zO43RsWTbdM7ww4SDvMQHM9VjAVatXDIvLfWrOrBoyzQexXuWj8svepn
d9JH637u0Vvnq0AtndE9WDI+xdZiqpZVfG3/WZgcjNDPRTkqLq3CU+a7NaFWvJcp
n/++ngGw9e546wSwgwTB2RMG5VPpd/YdpRTJBdHzoT1zrvHUxTyIVxqm0Wzm3aS4
TWcRfwc81h4Px3yiJWYO/POHKnN4qtzGJZEfdCrIB5erJ+/kQS36aW5zfJ3LQ3SN
wyM=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:42:05 2025 by rpki-client