Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/AOEw6JMbAyp5zljbChs9JHlvZSE.roa
File: AOEw6JMbAyp5zljbChs9JHlvZSE.roa (raw, json)
Hash identifier: Wb7PYrrRP9BrFbUIEcfC4nMEPI9EnxsSK7061s3pCE8=
Subject key identifier: 00:E1:30:E8:93:1B:03:2A:79:CE:58:DB:0A:1B:3D:24:79:6F:65:21
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A46FA0335577C1FCB609BE148DFE6169E
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/AOEw6JMbAyp5zljbChs9JHlvZSE.roa
Signing time: Wed 30 Aug 2023 15:05:04 +0000
ROA not before: Wed 30 Aug 2023 15:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:46f9:3773/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:fa:03:35:57:7c:1f:cb:60:9b:e1:48:df:e6:16:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 15:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00e130e8931b032a79ce58db0a1b3d24796f6521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:89:7a:75:27:d6:8c:31:cc:b3:8a:8c:b7:04:
b0:da:eb:84:c9:77:70:2d:b5:00:9d:93:23:fd:f2:
90:80:29:66:c4:ce:cf:19:7f:d1:6a:4a:08:3e:ee:
0f:ce:f8:25:3a:d4:c5:b6:a5:67:3f:74:ff:db:58:
b0:2e:5b:c5:ca:45:bc:91:54:31:3a:78:38:10:e4:
a8:54:6c:25:bd:27:fb:3c:50:58:63:ad:e7:4f:21:
8d:80:db:64:9d:86:e4:79:c8:a6:3f:fd:71:9b:a5:
8e:f6:e8:a5:8c:95:40:78:13:4b:da:5b:10:ce:84:
fe:80:bf:7c:e9:05:00:f8:67:8f:93:fe:6d:d9:df:
a9:68:f5:d1:61:49:c8:b7:99:26:f5:7f:0d:e1:34:
8f:9a:c3:4b:64:a4:c1:e6:f9:93:e8:1e:f6:f0:91:
82:d2:37:c6:a3:25:5d:96:bf:fb:b1:1b:a9:c1:ad:
74:c0:6a:f5:c2:fb:c5:78:54:45:62:e8:a5:cb:b0:
12:3b:ba:85:8c:f5:ec:84:60:ae:6d:55:41:d1:80:
43:7f:2d:37:91:a2:db:3f:bf:c5:09:9e:d6:a1:6a:
74:93:9e:f3:bb:07:a6:07:d5:aa:be:d3:9a:7f:9f:
84:a6:32:ad:6d:e4:8a:37:6d:c3:ec:07:96:ea:d7:
91:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E1:30:E8:93:1B:03:2A:79:CE:58:DB:0A:1B:3D:24:79:6F:65:21
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/AOEw6JMbAyp5zljbChs9JHlvZSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:40:a3:8c:97:02:f5:c6:00:1d:e6:40:bd:66:25:95:99:65:
38:97:f7:31:7e:3e:6c:56:47:96:27:e7:87:a8:2d:0b:8f:95:
b6:1e:93:e4:62:6a:2a:df:da:e7:a9:ca:8d:d9:86:ab:73:dd:
38:14:c7:45:fd:aa:34:32:fd:6c:dc:a7:94:dc:87:18:bf:2d:
50:a1:d1:eb:97:ea:8b:28:b3:a4:f2:b8:f1:45:d2:0d:5a:68:
7e:a8:61:0d:5f:8f:cb:8e:a4:fa:b8:96:3a:a6:5e:f6:ad:f6:
a8:b5:5b:ce:0d:b5:0e:fa:92:8a:d2:c2:fb:1a:52:ec:9d:c2:
0c:51:24:a4:81:52:a3:58:cd:62:67:02:fd:c8:85:66:68:23:
fe:c7:7c:83:39:9d:82:eb:06:7b:3b:a7:ff:8a:e2:bf:b4:6c:
11:ed:90:31:c7:27:66:0e:b4:fc:f8:93:cb:c2:7c:63:0c:d4:
e4:75:76:6f:26:75:e1:f8:39:b1:39:a8:cd:0b:84:82:e8:fd:
05:ac:e0:0b:c3:fc:5f:9a:a9:b5:47:e5:ac:f4:46:2a:1f:8f:
60:69:75:63:af:d0:f5:cd:60:11:22:cf:d9:2b:32:e1:95:ec:
15:2c:d3:3c:cf:e4:06:c0:c5:52:c3:37:b6:97:98:94:9c:a4:
9d:a2:36:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpG+gM1V3wfy2Cb4Ujf5haeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMTUwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGUxMzBlODkzMWIwMzJhNzljZTU4ZGIwYTFiM2QyNDc5NmY2NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4l6dSfWjDHMs4qMtwSw2uuEyXdw
LbUAnZMj/fKQgClmxM7PGX/RakoIPu4PzvglOtTFtqVnP3T/21iwLlvFykW8kVQx
Ong4EOSoVGwlvSf7PFBYY63nTyGNgNtknYbkecimP/1xm6WO9uiljJVAeBNL2lsQ
zoT+gL986QUA+GePk/5t2d+paPXRYUnIt5km9X8N4TSPmsNLZKTB5vmT6B728JGC
0jfGoyVdlr/7sRupwa10wGr1wvvFeFRFYuily7ASO7qFjPXshGCubVVB0YBDfy03
kaLbP7/FCZ7WoWp0k57zuwemB9WqvtOaf5+EpjKtbeSKN23D7AeW6teRewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFADhMOiTGwMqec5Y2wobPSR5b2UhMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQU9FdzZKTWJBeXA1emxqYkNoczlKSGx2WlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB1Ao4yXAvXGAB3mQL1m
JZWZZTiX9zF+PmxWR5Yn54eoLQuPlbYek+Riairf2uepyo3Zhqtz3TgUx0X9qjQy
/Wzcp5Tchxi/LVCh0euX6osos6TyuPFF0g1aaH6oYQ1fj8uOpPq4ljqmXvat9qi1
W84NtQ76korSwvsaUuydwgxRJKSBUqNYzWJnAv3IhWZoI/7HfIM5nYLrBns7p/+K
4r+0bBHtkDHHJ2YOtPz4k8vCfGMM1OR1dm8mdeH4ObE5qM0LhILo/QWs4AvD/F+a
qbVH5az0Riofj2BpdWOv0PXNYBEiz9krMuGV7BUs0zzP5AbAxVLDN7aXmJScpJ2i
NkA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:41:42 2025 by rpki-client