Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/B4oWuHsA5iwaR3wjEITqr1xQ6Q4.roa
File: B4oWuHsA5iwaR3wjEITqr1xQ6Q4.roa (raw, json)
Hash identifier: c6F3ZiossY+Elln3MGlOvMNItXPLh+LUF2b0Lxnk+zk=
Subject key identifier: 07:8A:16:B8:7B:00:E6:2C:1A:47:7C:23:10:84:EA:AF:5C:50:E9:0E
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7966C449AEA08BD71DB77F4993BEF9F4
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/B4oWuHsA5iwaR3wjEITqr1xQ6Q4.roa
Signing time: Sat 09 Sep 2023 10:04:52 +0000
ROA not before: Sat 09 Sep 2023 10:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:7966:438b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:79:66:c4:49:ae:a0:8b:d7:1d:b7:7f:49:93:be:f9:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 10:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=078a16b87b00e62c1a477c231084eaaf5c50e90e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f8:e1:b4:6a:30:00:d4:08:ca:db:83:c7:df:
22:f4:58:ff:18:48:36:07:85:f2:80:88:b6:16:31:
ea:3a:5b:28:1f:0a:21:1e:e2:ba:14:b4:31:ef:ed:
a1:9a:11:af:8b:d8:13:11:04:d8:98:32:1b:f9:c7:
f9:61:25:fd:4d:1d:8c:9d:d7:c2:a7:9e:9a:54:2d:
dc:21:f0:d2:25:3a:49:ea:1f:c0:a7:4a:47:0f:c1:
70:ca:f1:53:e1:80:48:fb:b4:9f:27:f6:05:5a:3d:
f2:08:91:e2:1b:f9:d3:ca:e2:ed:21:11:51:85:85:
dc:ce:2e:66:7e:46:4a:93:ad:42:84:2d:e3:e2:3a:
80:d7:bf:d2:5f:33:5b:72:e4:1a:b9:16:71:10:f6:
11:8e:f8:35:d8:81:9e:cb:68:81:5c:88:40:cf:7b:
4f:dd:d4:0d:aa:42:97:80:e1:1a:a5:be:49:97:86:
f0:ee:41:6d:e8:a5:0f:e7:84:8f:9a:a5:88:f5:f2:
5c:f1:19:67:f0:1a:76:0d:4b:6c:7d:7d:67:eb:0d:
75:75:98:03:69:ea:14:ba:0c:b3:a7:0c:6c:10:68:
57:44:71:3e:5a:80:37:f6:53:db:d6:22:45:27:96:
85:4f:f3:a5:35:40:a4:eb:b1:92:86:45:ef:21:16:
09:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8A:16:B8:7B:00:E6:2C:1A:47:7C:23:10:84:EA:AF:5C:50:E9:0E
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/B4oWuHsA5iwaR3wjEITqr1xQ6Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:ab:f5:76:28:ec:4a:bc:64:8f:92:8c:75:35:2a:d5:05:9e:
46:13:96:4f:e6:31:0e:d2:bd:96:a8:f6:45:16:01:65:5d:67:
0b:67:e7:8a:53:c4:27:0e:c4:fb:26:a5:2f:8e:8d:0b:50:17:
96:64:88:8f:d5:ed:c8:d8:8b:65:34:c3:56:c2:00:3f:e5:d9:
23:09:10:30:39:eb:44:d6:4f:27:f2:01:34:32:5c:b4:8f:83:
bd:8c:46:5b:8a:8e:77:b3:6e:3b:74:2b:68:27:88:af:6d:3e:
15:22:d9:77:40:d1:2e:f1:7b:4d:a6:3f:4c:60:0f:18:d5:bc:
4f:c2:41:79:2e:2e:f1:0c:ea:54:ec:71:3b:c8:a8:b6:61:ea:
11:6d:8e:be:d1:b2:8c:fa:60:a2:c0:51:21:d9:69:73:7f:2a:
8a:87:5f:46:ee:60:8e:d4:6f:5d:f6:fb:11:5c:d0:9a:a0:72:
1d:ee:c6:ec:98:13:d8:da:22:d5:ab:35:6f:38:9c:76:e3:dd:
d7:71:4e:71:a8:4d:c7:fa:e0:45:ed:36:0c:ec:d6:74:cf:cf:
19:0f:8a:b9:95:a3:54:83:8a:ef:83:e7:b5:57:e4:d4:08:35:
e1:62:36:fd:22:66:db:1a:98:55:d0:ab:63:cc:64:c2:b8:2e:
8b:ed:f8:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp5ZsRJrqCL1x23f0mTvvn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MTAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzhhMTZiODdiMDBlNjJjMWE0NzdjMjMxMDg0ZWFhZjVjNTBlOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfjhtGowANQIytuDx98i9Fj/GEg2
B4XygIi2FjHqOlsoHwohHuK6FLQx7+2hmhGvi9gTEQTYmDIb+cf5YSX9TR2MndfC
p56aVC3cIfDSJTpJ6h/Ap0pHD8FwyvFT4YBI+7SfJ/YFWj3yCJHiG/nTyuLtIRFR
hYXczi5mfkZKk61ChC3j4jqA17/SXzNbcuQauRZxEPYRjvg12IGey2iBXIhAz3tP
3dQNqkKXgOEapb5Jl4bw7kFt6KUP54SPmqWI9fJc8Rln8Bp2DUtsfX1n6w11dZgD
aeoUugyzpwxsEGhXRHE+WoA39lPb1iJFJ5aFT/OlNUCk67GShkXvIRYJmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAeKFrh7AOYsGkd8IxCE6q9cUOkOMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQjRvV3VIc0E1aXdhUjN3akVJVHFyMXhRNlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACyr9XYo7Eq8ZI+SjHU1
KtUFnkYTlk/mMQ7SvZao9kUWAWVdZwtn54pTxCcOxPsmpS+OjQtQF5ZkiI/V7cjY
i2U0w1bCAD/l2SMJEDA560TWTyfyATQyXLSPg72MRluKjnezbjt0K2gniK9tPhUi
2XdA0S7xe02mP0xgDxjVvE/CQXkuLvEM6lTscTvIqLZh6hFtjr7Rsoz6YKLAUSHZ
aXN/KoqHX0buYI7Ub132+xFc0Jqgch3uxuyYE9jaItWrNW84nHbj3ddxTnGoTcf6
4EXtNgzs1nTPzxkPirmVo1SDiu+D57VX5NQINeFiNv0iZtsamFXQq2PMZMK4Lovt
+D4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:00 2025 by rpki-client