Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/B7Xd83_BKxLzo0QSBDKgkYtqZxU.roa
File: B7Xd83_BKxLzo0QSBDKgkYtqZxU.roa (raw, json)
Hash identifier: 7SZtm3WvUN/Gt8dvHiCKVWOPYU1Gnxbh3kaOb0mDGJI=
Subject key identifier: 07:B5:DD:F3:7F:C1:2B:12:F3:A3:44:12:04:32:A0:91:8B:6A:67:15
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8DD263E5FA159DAC31F4C2423ADD2E4B
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/B7Xd83_BKxLzo0QSBDKgkYtqZxU.roa
Signing time: Wed 13 Sep 2023 09:14:50 +0000
ROA not before: Wed 13 Sep 2023 09:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:d2:63:e5:fa:15:9d:ac:31:f4:c2:42:3a:dd:2e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 09:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07b5ddf37fc12b12f3a344120432a0918b6a6715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:db:6d:71:b1:03:4e:37:c8:37:e6:2b:da:8e:
db:81:c1:94:f8:b5:5a:e5:e5:6a:4d:37:b0:7a:4f:
5b:db:7e:18:1b:6f:d8:c2:23:4d:80:a6:71:30:08:
bc:b5:86:4d:65:b3:fa:1a:65:39:92:0f:86:00:91:
ff:88:9a:a3:05:22:4b:ce:b9:f9:cc:24:13:cc:2f:
6a:19:41:63:a1:18:29:38:b4:74:59:d5:6b:bb:fc:
98:8b:7c:8a:a5:09:1b:14:32:f3:0d:5d:ee:ad:72:
24:34:0f:86:ab:52:6b:c1:d8:a4:12:51:42:13:19:
11:ba:5a:f5:ba:48:ba:76:8f:b1:3d:2c:d0:73:e3:
b1:8f:f4:02:18:2a:36:ed:3f:bc:d1:f5:bc:4b:ff:
25:e3:3e:41:bf:35:e5:68:1c:e8:b8:0d:76:9d:8f:
b3:d5:53:da:29:18:46:61:cb:98:4b:6e:69:6d:84:
e7:c9:13:91:51:82:a5:28:b5:3c:62:e3:c9:47:70:
fa:bb:4c:ad:56:fc:cd:2e:94:d7:91:3c:70:48:fd:
25:f9:7a:a9:f0:a0:cd:d9:51:32:2f:3e:b3:ea:7d:
98:d4:e7:7f:ab:6b:fe:89:28:0c:97:05:60:83:c2:
d1:b5:2a:45:21:29:6d:d0:60:0f:75:69:4d:48:ef:
ee:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:B5:DD:F3:7F:C1:2B:12:F3:A3:44:12:04:32:A0:91:8B:6A:67:15
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/B7Xd83_BKxLzo0QSBDKgkYtqZxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:bc:46:05:df:75:d3:b9:e6:cb:0c:93:2c:77:ea:08:c8:5b:
e1:bc:83:53:df:8f:0c:06:dd:8a:dd:22:ba:e6:a6:53:7d:8b:
f4:fe:73:5a:9e:eb:11:82:f3:4b:e4:02:e5:26:0c:66:d2:26:
1f:0b:fc:f6:cb:f4:16:a6:81:51:24:27:38:c0:e4:51:6c:c1:
29:1c:49:39:03:1a:50:2c:4e:f1:be:89:e5:ca:d2:e2:e0:4b:
23:ec:5f:f5:21:30:3b:53:5c:24:53:2c:8d:cd:8b:8b:4b:23:
1f:37:b3:49:53:96:50:49:fa:b6:ce:24:bf:b0:b5:53:ab:f1:
a9:62:52:1e:84:41:0e:b1:d6:ef:b5:95:84:9d:95:33:ec:cc:
d1:6c:f0:c3:e9:55:58:39:28:96:43:0a:2f:15:f0:06:93:0b:
53:da:9f:ea:39:72:0c:e1:a7:f5:29:55:25:e1:29:be:66:49:
61:c2:f5:a7:9d:d8:bc:83:6e:8a:44:04:43:cc:92:fc:f9:71:
2c:be:30:4b:00:8d:93:21:77:7a:e5:64:29:c5:8c:7f:2c:1b:
f6:79:d3:b6:85:9d:cb:c6:35:ce:08:97:12:1b:e1:62:9f:e1:
49:52:d3:7e:dd:0c:5b:27:c9:27:c0:db:1d:6e:db:1d:1a:27:
97:b2:89:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqN0mPl+hWdrDH0wkI63S5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMDkxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2I1ZGRmMzdmYzEyYjEyZjNhMzQ0MTIwNDMyYTA5MThiNmE2NzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tttcbEDTjfIN+Yr2o7bgcGU+LVa
5eVqTTewek9b234YG2/YwiNNgKZxMAi8tYZNZbP6GmU5kg+GAJH/iJqjBSJLzrn5
zCQTzC9qGUFjoRgpOLR0WdVru/yYi3yKpQkbFDLzDV3urXIkNA+Gq1JrwdikElFC
ExkRulr1uki6do+xPSzQc+Oxj/QCGCo27T+80fW8S/8l4z5BvzXlaBzouA12nY+z
1VPaKRhGYcuYS25pbYTnyRORUYKlKLU8YuPJR3D6u0ytVvzNLpTXkTxwSP0l+Xqp
8KDN2VEyLz6z6n2Y1Od/q2v+iSgMlwVgg8LRtSpFISlt0GAPdWlNSO/uGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAe13fN/wSsS86NEEgQyoJGLamcVMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQjdYZDgzX0JLeEx6bzBRU0JES2drWXRxWnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAC8RgXfddO55ssMkyx3
6gjIW+G8g1PfjwwG3YrdIrrmplN9i/T+c1qe6xGC80vkAuUmDGbSJh8L/PbL9Bam
gVEkJzjA5FFswSkcSTkDGlAsTvG+ieXK0uLgSyPsX/UhMDtTXCRTLI3Ni4tLIx83
s0lTllBJ+rbOJL+wtVOr8aliUh6EQQ6x1u+1lYSdlTPszNFs8MPpVVg5KJZDCi8V
8AaTC1Pan+o5cgzhp/UpVSXhKb5mSWHC9aed2LyDbopEBEPMkvz5cSy+MEsAjZMh
d3rlZCnFjH8sG/Z507aFncvGNc4IlxIb4WKf4UlS037dDFsnySfA2x1u2x0aJ5ey
ibk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:50 2025 by rpki-client