Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CLURB91PAizb6nwAQiLUxvcBSlE.roa
File: CLURB91PAizb6nwAQiLUxvcBSlE.roa (raw, json)
Hash identifier: HY3u1/X6xF5d4kPKCK9Vewy5/E/21wWJHXE9TDIajaA=
Subject key identifier: 08:B5:11:07:DD:4F:02:2C:DB:EA:7C:00:42:22:D4:C6:F7:01:4A:51
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8D99A0692FD75C5330C30C236281A8FC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CLURB91PAizb6nwAQiLUxvcBSlE.roa
Signing time: Wed 13 Sep 2023 08:12:50 +0000
ROA not before: Wed 13 Sep 2023 08:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:99:a0:69:2f:d7:5c:53:30:c3:0c:23:62:81:a8:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 08:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08b51107dd4f022cdbea7c004222d4c6f7014a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:91:d0:b3:d0:69:b4:71:cc:0d:18:76:1c:de:
e1:aa:0f:21:ae:cb:3f:be:d8:11:13:63:4a:7d:21:
5e:ce:de:2c:60:0d:45:80:38:02:b2:e8:01:ed:b3:
62:70:b2:76:c2:12:eb:21:fd:76:c4:2e:f3:2a:69:
5a:1c:7e:c7:38:8f:14:3a:1c:4a:96:34:a7:fb:60:
7f:89:dd:84:22:b0:5e:32:e0:a9:24:92:fa:ed:55:
e6:86:4d:fe:10:b9:59:e9:be:f0:ac:8a:4d:0e:7d:
50:45:c6:40:eb:08:87:7b:32:a0:57:d8:41:ec:58:
21:29:0e:26:c0:9c:b8:3f:45:b5:2a:2e:4d:00:9d:
12:94:3a:0a:dc:ba:07:f7:f2:05:d6:bf:0f:94:02:
dd:6a:4b:cb:7c:7e:b3:c8:8e:68:86:53:18:35:7b:
1e:b0:28:c2:97:1c:1b:c9:2a:fe:bd:38:78:69:71:
0a:e7:b5:6b:59:75:7b:61:2a:54:db:db:f2:ea:cd:
36:40:f5:e4:ce:fc:79:ad:5b:48:93:09:3c:1a:3b:
d1:33:2b:4d:3d:97:2c:d0:81:e9:e9:f5:a2:92:5c:
84:30:a0:66:29:e3:a7:c4:66:8e:83:49:78:17:8b:
16:df:c6:43:a8:c3:1f:41:92:4c:7d:2f:05:11:81:
1a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B5:11:07:DD:4F:02:2C:DB:EA:7C:00:42:22:D4:C6:F7:01:4A:51
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CLURB91PAizb6nwAQiLUxvcBSlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:4e:a6:7c:1f:20:0f:51:b8:df:39:6b:61:92:e6:95:c8:6b:
c0:4c:ae:bc:80:3e:42:2d:5c:a0:a1:d4:44:5d:fa:7e:d3:1c:
b3:cb:37:c5:b6:27:4b:3b:cf:41:53:17:1f:c2:03:f9:33:7b:
35:ca:a3:82:53:84:f0:16:75:0c:0b:27:10:dc:7d:81:79:3e:
ff:63:38:66:8a:5a:1e:01:6c:7b:df:dd:39:31:50:ca:de:5b:
8f:9f:e6:06:d4:2b:3b:51:a2:1f:5b:8a:49:2d:da:85:54:cb:
8d:87:93:6b:0e:71:9a:ed:fe:af:ed:e2:10:9e:c1:e6:94:19:
11:ed:4a:cd:7c:81:db:fb:40:ac:ac:47:06:16:d4:a8:0d:b1:
d0:10:e5:1e:fb:6e:7f:52:76:ba:62:c5:0d:b4:2b:39:e3:0d:
d8:a1:99:3c:5b:4e:52:d4:e0:b2:9b:42:c6:b6:ae:86:da:ad:
a7:86:8a:d5:4c:f5:f9:da:9c:52:e9:62:29:99:ee:84:57:e6:
25:5a:fc:8e:f8:a3:5b:94:9d:2d:45:c5:56:24:98:97:81:55:
d3:b2:d8:63:5a:d5:5d:9e:ca:34:f7:66:e5:9f:18:33:32:3c:
c2:5e:a1:90:5a:73:42:25:e2:cb:ff:7a:d9:ed:20:17:22:88:
25:d7:e8:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqNmaBpL9dcUzDDDCNigaj8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMDgxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGI1MTEwN2RkNGYwMjJjZGJlYTdjMDA0MjIyZDRjNmY3MDE0YTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5HQs9BptHHMDRh2HN7hqg8hrss/
vtgRE2NKfSFezt4sYA1FgDgCsugB7bNicLJ2whLrIf12xC7zKmlaHH7HOI8UOhxK
ljSn+2B/id2EIrBeMuCpJJL67VXmhk3+ELlZ6b7wrIpNDn1QRcZA6wiHezKgV9hB
7FghKQ4mwJy4P0W1Ki5NAJ0SlDoK3LoH9/IF1r8PlALdakvLfH6zyI5ohlMYNXse
sCjClxwbySr+vTh4aXEK57VrWXV7YSpU29vy6s02QPXkzvx5rVtIkwk8GjvRMytN
PZcs0IHp6fWiklyEMKBmKeOnxGaOg0l4F4sW38ZDqMMfQZJMfS8FEYEaXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAi1EQfdTwIs2+p8AEIi1Mb3AUpRMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQ0xVUkI5MVBBaXpiNm53QVFpTFV4dmNCU2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF5OpnwfIA9RuN85a2GS
5pXIa8BMrryAPkItXKCh1ERd+n7THLPLN8W2J0s7z0FTFx/CA/kzezXKo4JThPAW
dQwLJxDcfYF5Pv9jOGaKWh4BbHvf3TkxUMreW4+f5gbUKztRoh9bikkt2oVUy42H
k2sOcZrt/q/t4hCeweaUGRHtSs18gdv7QKysRwYW1KgNsdAQ5R77bn9SdrpixQ20
KznjDdihmTxbTlLU4LKbQsa2robaraeGitVM9fnanFLpYimZ7oRX5iVa/I74o1uU
nS1FxVYkmJeBVdOy2GNa1V2eyjT3ZuWfGDMyPMJeoZBac0Il4sv/etntIBciiCXX
6DY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:15 2025 by rpki-client