Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/D4aZ2XwqRw2pgW513COsyAHSiNM.roa
File: D4aZ2XwqRw2pgW513COsyAHSiNM.roa (raw, json)
Hash identifier: eTN4ClGo9nyA5xI/LGuI8B1MWvgud3aKj91DaFQZDPw=
Subject key identifier: 0F:86:99:D9:7C:2A:47:0D:A9:81:6E:75:DC:23:AC:C8:01:D2:88:D3
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A45BB3AF2B938EB964BD88FA3445ACE61
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/D4aZ2XwqRw2pgW513COsyAHSiNM.roa
Signing time: Wed 30 Aug 2023 09:16:52 +0000
ROA not before: Wed 30 Aug 2023 09:16:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:bb:3a:f2:b9:38:eb:96:4b:d8:8f:a3:44:5a:ce:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 09:16:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f8699d97c2a470da9816e75dc23acc801d288d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e6:82:1e:00:0c:3c:25:39:4a:af:16:d9:6e:
b3:3a:99:62:b4:f5:1e:fb:71:b3:eb:ed:46:c4:5e:
e5:b1:49:b2:e0:92:9a:84:5e:b8:ad:9a:9e:f7:af:
46:e9:b4:9b:6f:a7:90:cf:5a:68:10:0c:be:aa:45:
1a:aa:b0:1f:df:8e:35:ae:77:29:21:e2:d0:91:05:
26:a3:8c:e1:16:f2:0c:ad:3e:e2:29:60:3f:66:f6:
15:55:c5:0e:55:0a:dd:3a:75:ba:05:a9:44:23:b3:
8c:c3:1f:73:a6:26:4f:76:87:ae:7e:15:b9:59:36:
65:09:b2:63:63:c9:3e:07:c7:e7:20:15:ef:5c:74:
ed:82:98:16:5c:fa:05:cc:7d:16:92:1a:c2:7c:8a:
e7:ac:f2:aa:39:3f:33:21:4a:fa:93:20:e3:f6:9d:
1a:7c:df:50:bd:a6:a1:50:fd:72:1f:19:c7:25:36:
3f:55:ea:bf:a5:1d:ec:1f:6c:16:c2:37:37:0d:0c:
80:5f:47:b5:13:0d:a8:39:b2:57:f5:ac:8d:6f:fc:
33:3f:7b:d2:c1:3c:c7:21:59:ab:90:55:84:e3:03:
65:c9:c3:06:2c:b4:1c:7c:8d:d3:13:00:06:e6:bc:
7a:49:70:10:d6:84:b9:54:c1:70:6e:94:85:52:39:
97:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:86:99:D9:7C:2A:47:0D:A9:81:6E:75:DC:23:AC:C8:01:D2:88:D3
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/D4aZ2XwqRw2pgW513COsyAHSiNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:cb:13:e2:6d:98:4f:21:8f:35:91:e8:b3:14:47:23:90:e8:
e0:3f:d3:c5:79:48:5c:5d:c8:f7:37:25:04:a7:ad:a4:8c:ad:
4b:55:84:8f:59:24:20:c5:6a:07:bb:67:d9:eb:c0:ef:6e:09:
33:fd:a1:6a:c6:fa:a8:46:ee:43:8b:b9:09:94:39:e6:a4:1a:
69:4f:9c:41:f8:62:39:f0:b8:56:7f:74:17:f3:f3:5a:a1:ad:
4f:6f:f4:45:ae:11:2f:d9:99:ca:4e:22:29:d5:37:dc:e3:db:
84:c4:a0:ab:e9:15:9d:99:17:9a:d8:06:22:97:a8:73:a4:77:
7c:f8:4f:a8:e1:ed:e4:a0:d4:8f:5f:76:e7:16:1a:dd:ab:54:
f1:04:c2:4e:24:14:ca:1e:1d:bf:b9:a1:d4:e7:9e:4f:94:ab:
5b:34:6a:8f:7e:05:1d:44:2e:70:0b:7f:44:62:2f:b3:42:51:
d9:1b:cd:54:0b:b3:84:52:d7:04:a7:b8:0f:76:12:ab:cc:ec:
ed:cf:e5:9e:c9:35:09:93:5f:59:dc:a4:db:79:06:bb:c1:7f:
61:9d:d0:d6:bc:0f:bf:1e:cb:93:c0:ad:d0:1b:bd:23:9d:0c:
26:29:c9:53:e8:24:39:5b:ce:51:68:08:70:f0:0a:54:c8:53:
14:91:00:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpFuzryuTjrlkvYj6NEWs5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMDkxNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjg2OTlkOTdjMmE0NzBkYTk4MTZlNzVkYzIzYWNjODAxZDI4OGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eaCHgAMPCU5Sq8W2W6zOplitPUe
+3Gz6+1GxF7lsUmy4JKahF64rZqe969G6bSbb6eQz1poEAy+qkUaqrAf3441rncp
IeLQkQUmo4zhFvIMrT7iKWA/ZvYVVcUOVQrdOnW6BalEI7OMwx9zpiZPdoeufhW5
WTZlCbJjY8k+B8fnIBXvXHTtgpgWXPoFzH0WkhrCfIrnrPKqOT8zIUr6kyDj9p0a
fN9QvaahUP1yHxnHJTY/Veq/pR3sH2wWwjc3DQyAX0e1Ew2oObJX9ayNb/wzP3vS
wTzHIVmrkFWE4wNlycMGLLQcfI3TEwAG5rx6SXAQ1oS5VMFwbpSFUjmXiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA+Gmdl8KkcNqYFuddwjrMgB0ojTMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvRDRhWjJYd3FSdzJwZ1c1MTNDT3N5QUhTaU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHjLE+JtmE8hjzWR6LMU
RyOQ6OA/08V5SFxdyPc3JQSnraSMrUtVhI9ZJCDFage7Z9nrwO9uCTP9oWrG+qhG
7kOLuQmUOeakGmlPnEH4YjnwuFZ/dBfz81qhrU9v9EWuES/ZmcpOIinVN9zj24TE
oKvpFZ2ZF5rYBiKXqHOkd3z4T6jh7eSg1I9fducWGt2rVPEEwk4kFMoeHb+5odTn
nk+Uq1s0ao9+BR1ELnALf0RiL7NCUdkbzVQLs4RS1wSnuA92EqvM7O3P5Z7JNQmT
X1ncpNt5BrvBf2Gd0Na8D78ey5PArdAbvSOdDCYpyVPoJDlbzlFoCHDwClTIUxSR
AA8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:07 2025 by rpki-client