Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CtsxOtCrQx9NRq-Jc0SYf30wock.roa
File: CtsxOtCrQx9NRq-Jc0SYf30wock.roa (raw, json)
Hash identifier: JVwgiTZLCKScM/M2qOo+ati/YEvDbCSI4wrIXphPDO8=
Subject key identifier: 0A:DB:31:3A:D0:AB:43:1F:4D:46:AF:89:73:44:98:7F:7D:30:A1:C9
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7D80BF89288787F50592579A77DED231
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CtsxOtCrQx9NRq-Jc0SYf30wock.roa
Signing time: Sun 10 Sep 2023 05:11:44 +0000
ROA not before: Sun 10 Sep 2023 05:11:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7d:80:bf:89:28:87:87:f5:05:92:57:9a:77:de:d2:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 10 05:11:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0adb313ad0ab431f4d46af897344987f7d30a1c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9a:ad:d2:ba:68:45:48:57:be:22:b0:08:4c:
6e:b5:96:ed:b3:dd:35:88:57:2e:09:16:31:9c:ea:
1e:a9:e5:8a:de:96:77:b7:6b:93:ab:31:e0:9e:f0:
3e:d6:2c:2c:eb:88:f8:12:f4:4a:57:52:a0:5f:28:
ac:7a:8f:0a:31:58:24:fe:e6:76:00:9e:ee:85:19:
39:91:bf:08:b7:30:9a:2e:dd:9f:49:f9:66:52:4d:
e3:ce:5f:7b:90:28:dd:82:6e:0d:77:7e:84:2c:fa:
9e:1d:00:80:18:8f:66:57:77:fc:41:7c:3c:0a:33:
33:51:9a:ff:a5:3d:24:53:57:a1:54:28:67:c6:bf:
29:66:4c:16:20:bd:f8:b1:ad:af:b0:a8:1c:ee:bc:
02:c4:d7:c7:f7:fb:f7:84:86:2c:7a:81:73:2d:eb:
16:72:82:f4:63:74:b5:c4:bb:d7:ef:9e:af:d1:72:
43:e7:e3:de:69:6d:96:24:ad:47:b1:77:28:5d:fd:
51:a2:93:d6:01:f9:a9:6e:78:c3:6e:10:a7:30:f8:
58:45:29:b0:20:71:87:72:4e:ee:85:f9:06:8a:57:
58:86:1c:2a:79:55:a2:8d:5e:12:ca:5c:ea:27:a6:
b5:a3:94:20:60:68:75:9d:1b:55:82:34:dc:80:c4:
04:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:DB:31:3A:D0:AB:43:1F:4D:46:AF:89:73:44:98:7F:7D:30:A1:C9
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CtsxOtCrQx9NRq-Jc0SYf30wock.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:db:bc:5a:b8:f8:cc:1b:9e:61:86:25:f3:76:cb:50:f5:5e:
81:98:25:95:5f:c5:d2:fd:8a:94:c5:0e:e4:5e:0d:75:32:34:
6f:d6:b5:25:10:90:42:17:ac:35:ee:e7:90:69:2f:32:a8:1a:
4a:db:f7:49:23:ed:94:77:96:57:e6:f6:4c:86:32:d1:79:fa:
2c:cb:f2:a8:d7:aa:26:06:60:91:1e:80:82:ff:54:f5:61:e2:
26:27:97:10:94:52:3a:8f:02:c0:8d:fe:04:01:34:92:5a:01:
c5:04:d9:7f:65:7b:a2:2a:b0:fa:63:9f:bb:56:17:8d:da:99:
6f:ab:55:9c:df:1d:42:fe:b4:cc:6c:ad:c8:2e:2a:b1:96:f2:
24:2e:9f:15:13:bf:c1:fc:0a:95:68:ca:30:df:40:29:64:08:
f8:ff:12:3f:96:c3:9f:92:b0:ec:34:e4:1f:ec:fb:be:65:db:
eb:df:07:de:7f:38:fe:2f:12:e6:8c:bf:8a:f7:5e:3a:06:b6:
da:07:4b:08:63:48:4b:47:d3:30:df:f7:c5:9d:86:fe:b3:c4:
d2:d4:67:76:be:85:ca:17:26:31:7d:22:68:41:2e:3f:de:d9:
1e:7e:4b:1f:f4:c5:80:45:7d:a0:e1:ed:fc:de:57:ad:88:3d:
27:f6:ae:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp9gL+JKIeH9QWSV5p33tIxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEwMDUxMTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWRiMzEzYWQwYWI0MzFmNGQ0NmFmODk3MzQ0OTg3ZjdkMzBhMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5qt0rpoRUhXviKwCExutZbts901
iFcuCRYxnOoeqeWK3pZ3t2uTqzHgnvA+1iws64j4EvRKV1KgXyiseo8KMVgk/uZ2
AJ7uhRk5kb8ItzCaLt2fSflmUk3jzl97kCjdgm4Nd36ELPqeHQCAGI9mV3f8QXw8
CjMzUZr/pT0kU1ehVChnxr8pZkwWIL34sa2vsKgc7rwCxNfH9/v3hIYseoFzLesW
coL0Y3S1xLvX756v0XJD5+PeaW2WJK1HsXcoXf1RopPWAfmpbnjDbhCnMPhYRSmw
IHGHck7uhfkGildYhhwqeVWijV4SylzqJ6a1o5QgYGh1nRtVgjTcgMQEVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFArbMTrQq0MfTUaviXNEmH99MKHJMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQ3RzeE90Q3JReDlOUnEtSmMwU1lmMzB3b2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAErbvFq4+MwbnmGGJfN2
y1D1XoGYJZVfxdL9ipTFDuReDXUyNG/WtSUQkEIXrDXu55BpLzKoGkrb90kj7ZR3
llfm9kyGMtF5+izL8qjXqiYGYJEegIL/VPVh4iYnlxCUUjqPAsCN/gQBNJJaAcUE
2X9le6IqsPpjn7tWF43amW+rVZzfHUL+tMxsrcguKrGW8iQunxUTv8H8CpVoyjDf
QClkCPj/Ej+Ww5+SsOw05B/s+75l2+vfB95/OP4vEuaMv4r3XjoGttoHSwhjSEtH
0zDf98Wdhv6zxNLUZ3a+hcoXJjF9ImhBLj/e2R5+Sx/0xYBFfaDh7fzeV62IPSf2
rhM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:19 2025 by rpki-client