Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/C20g5BTSJVs857E4h_kCyw5mlXM.roa
File: C20g5BTSJVs857E4h_kCyw5mlXM.roa (raw, json)
Hash identifier: 2mq6m9dzA8MsGgyxyuWydy+flEB5i3F5y3W3fgzZ2mQ=
Subject key identifier: 0B:6D:20:E4:14:D2:25:5B:3C:E7:B1:38:87:F9:02:CB:0E:66:95:73
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A71E42F9DEBD5D28604F4508B50FA1422
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/C20g5BTSJVs857E4h_kCyw5mlXM.roa
Signing time: Thu 07 Sep 2023 23:04:54 +0000
ROA not before: Thu 07 Sep 2023 23:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:71e3:845f/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:71:e4:2f:9d:eb:d5:d2:86:04:f4:50:8b:50:fa:14:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 7 23:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b6d20e414d2255b3ce7b13887f902cb0e669573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:60:06:a8:c1:1b:21:73:aa:a7:4c:b5:6a:fe:
47:98:53:6b:fc:90:2a:32:e7:8e:00:17:38:7d:64:
57:71:d5:c7:9a:f5:4f:b6:ac:e0:04:a2:7a:dd:24:
22:ef:9a:36:b4:7a:35:77:29:df:0b:72:03:8c:63:
5c:88:df:67:eb:e7:7d:55:4f:26:27:83:2b:08:2d:
71:76:34:7c:30:28:f2:c3:72:d3:a2:a9:cf:58:68:
12:31:9f:ae:13:db:97:b3:3e:c0:85:ab:30:ea:fa:
a1:32:e4:e5:87:45:ba:28:66:a5:ee:e1:9c:78:aa:
a8:ff:81:a1:ce:8b:70:0e:a5:0c:90:b8:6d:96:a5:
b5:28:96:50:d4:45:2f:53:3a:7a:1c:8e:9a:9f:7a:
47:b1:f4:be:59:28:ca:53:38:07:d5:16:95:10:2c:
19:32:d2:3d:45:b5:de:1d:09:69:18:da:69:56:64:
92:85:d2:0c:10:0c:a3:1a:b7:fb:a9:93:2b:7c:8c:
31:ab:61:2d:22:89:42:82:80:14:fb:ed:1e:31:3d:
eb:7c:7b:19:84:19:ef:ad:d4:92:fa:1a:64:c1:5f:
47:f0:9d:58:03:86:7d:8c:95:84:c1:85:8b:47:31:
ef:f0:b4:b4:98:24:49:46:e2:c8:35:44:19:86:1b:
6a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:6D:20:E4:14:D2:25:5B:3C:E7:B1:38:87:F9:02:CB:0E:66:95:73
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/C20g5BTSJVs857E4h_kCyw5mlXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:5c:3c:6d:95:35:e6:f4:b6:81:69:0c:63:e2:b8:79:98:39:
88:9b:2c:cd:b7:c2:82:75:20:72:04:0b:5b:88:60:47:37:3f:
96:0f:68:36:c2:05:48:87:f4:f2:be:d4:90:69:ac:4f:fa:3d:
ad:7e:c4:e2:b6:4a:74:ec:db:1a:d9:0c:bf:b3:3f:39:e2:84:
78:17:ee:61:27:65:01:1a:24:1a:a2:5d:6c:97:8f:d7:b1:02:
cd:6c:22:06:1e:04:2b:45:eb:90:b7:1b:5e:2a:67:69:eb:17:
51:81:91:c8:74:df:b4:b7:b6:ea:6f:45:aa:a1:cb:c4:71:00:
5c:a7:49:ac:35:27:08:9c:93:3d:b8:b1:4d:9a:77:bc:34:58:
fa:fd:3a:89:52:0b:5e:f0:5e:ab:9e:90:13:c5:0c:12:0c:09:
1b:45:0d:1f:47:3b:7b:df:a0:49:f5:4c:1e:74:1b:a9:3a:5a:
84:68:18:13:a3:1a:66:82:4c:ee:62:80:b7:6f:05:95:6d:97:
92:2c:d6:ce:82:32:1e:25:65:75:b7:9c:cd:d0:36:ec:0b:b6:
c2:51:27:1b:74:c6:93:81:ab:4b:6b:b6:a3:b3:1e:6d:8b:2b:
01:56:16:87:33:7d:15:aa:b1:f3:c3:74:c6:38:91:a7:15:0e:
f7:74:d1:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpx5C+d69XShgT0UItQ+hQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA3MjMwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjZkMjBlNDE0ZDIyNTViM2NlN2IxMzg4N2Y5MDJjYjBlNjY5NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWAGqMEbIXOqp0y1av5HmFNr/JAq
MueOABc4fWRXcdXHmvVPtqzgBKJ63SQi75o2tHo1dynfC3IDjGNciN9n6+d9VU8m
J4MrCC1xdjR8MCjyw3LToqnPWGgSMZ+uE9uXsz7Ahasw6vqhMuTlh0W6KGal7uGc
eKqo/4GhzotwDqUMkLhtlqW1KJZQ1EUvUzp6HI6an3pHsfS+WSjKUzgH1RaVECwZ
MtI9RbXeHQlpGNppVmSShdIMEAyjGrf7qZMrfIwxq2EtIolCgoAU++0eMT3rfHsZ
hBnvrdSS+hpkwV9H8J1YA4Z9jJWEwYWLRzHv8LS0mCRJRuLINUQZhhtqGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAttIOQU0iVbPOexOIf5AssOZpVzMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQzIwZzVCVFNKVnM4NTdFNGhfa0N5dzVtbFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJlcPG2VNeb0toFpDGPi
uHmYOYibLM23woJ1IHIEC1uIYEc3P5YPaDbCBUiH9PK+1JBprE/6Pa1+xOK2SnTs
2xrZDL+zPznihHgX7mEnZQEaJBqiXWyXj9exAs1sIgYeBCtF65C3G14qZ2nrF1GB
kch037S3tupvRaqhy8RxAFynSaw1Jwickz24sU2ad7w0WPr9OolSC17wXquekBPF
DBIMCRtFDR9HO3vfoEn1TB50G6k6WoRoGBOjGmaCTO5igLdvBZVtl5Is1s6CMh4l
ZXW3nM3QNuwLtsJRJxt0xpOBq0trtqOzHm2LKwFWFoczfRWqsfPDdMY4kacVDvd0
0RA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:36:36 2025 by rpki-client