Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Dxf8KKb0ymfsXzE912SNRqm5QZk.roa
File: Dxf8KKb0ymfsXzE912SNRqm5QZk.roa (raw, json)
Hash identifier: Viiaj6U530ctqKmRRSMXI/mc7wAcM1TZC1hX+GYOmkQ=
Subject key identifier: 0F:17:FC:28:A6:F4:CA:67:EC:5F:31:3D:D7:64:8D:46:A9:B9:41:99
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A60F9E5EF31ED353B1FDD3E21C06FF94F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Dxf8KKb0ymfsXzE912SNRqm5QZk.roa
Signing time: Mon 04 Sep 2023 16:15:04 +0000
ROA not before: Mon 04 Sep 2023 16:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:f9:e5:ef:31:ed:35:3b:1f:dd:3e:21:c0:6f:f9:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 16:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f17fc28a6f4ca67ec5f313dd7648d46a9b94199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5b:fe:5c:d8:61:dd:d6:3c:71:8e:b2:bc:f1:
6b:72:b0:1d:1c:a9:69:9b:53:a9:eb:6d:6e:31:70:
cf:10:90:79:35:65:c2:c1:cc:ce:75:31:a7:cd:e6:
7b:fd:a8:08:81:86:20:42:4f:0a:47:77:f3:a4:04:
8f:5b:73:1c:5e:5b:ed:e1:fb:bc:83:5f:8c:62:28:
44:70:ae:a2:d1:97:99:3a:37:d8:a4:ac:78:c2:9b:
ca:59:ba:32:48:a7:0e:d3:b2:7c:12:34:b8:d2:54:
85:d0:ed:d9:b9:86:a3:0c:01:fb:14:66:ea:55:7a:
75:1d:d8:dd:76:22:6b:f0:d4:cb:84:56:a3:f4:7e:
97:a3:88:07:56:75:ad:0b:2e:30:5d:60:2d:2a:64:
e9:94:d1:c9:37:2c:bc:9d:ac:50:b4:59:04:c2:50:
f2:ea:b2:86:be:c5:82:1f:4f:8b:36:25:af:6e:f6:
2d:1c:f1:5c:23:cc:dd:23:84:e5:02:30:d9:7a:19:
38:42:03:3f:df:9f:6b:83:e5:3b:a3:ae:f0:f0:12:
04:f6:4d:ec:17:d6:ca:c4:7e:74:ba:d1:c3:8a:66:
32:f4:cd:ba:1c:b6:33:dc:23:61:bf:77:e2:d7:c6:
3c:37:34:f2:a1:31:07:5e:36:31:c5:10:0b:42:f9:
e2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:17:FC:28:A6:F4:CA:67:EC:5F:31:3D:D7:64:8D:46:A9:B9:41:99
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Dxf8KKb0ymfsXzE912SNRqm5QZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:f0:6e:96:b5:95:44:02:08:59:90:19:c7:ad:91:88:dd:2f:
3e:5d:10:7d:d9:50:9e:90:54:bc:b2:cb:2b:b3:6d:61:0f:2f:
81:93:8c:76:63:3d:ce:fe:15:2b:76:4a:5f:e2:b9:2f:21:02:
fe:95:01:0c:35:7f:88:00:29:88:25:04:24:5e:ce:5c:1f:42:
53:bd:03:92:d5:c8:eb:85:0d:00:28:c0:c7:05:2c:49:bf:7a:
1a:92:72:5b:99:1c:41:6c:ff:ed:99:e1:ec:3f:70:64:a8:15:
d8:48:85:bd:d5:ef:4a:ff:c7:69:04:90:c3:09:24:63:45:65:
ec:9b:ee:15:3f:66:5e:0f:3a:65:c2:41:83:86:d6:b7:33:f1:
e9:c4:eb:81:08:19:a0:62:f6:93:3a:9b:57:80:7d:18:8d:bf:
6c:e0:cf:b0:ba:d2:48:94:ae:a3:fc:57:21:ad:5d:bf:26:85:
86:94:af:c5:c1:5b:40:88:94:0a:a9:6b:36:34:26:b7:e3:59:
1f:7a:29:51:c0:01:0d:10:42:e2:df:8f:dc:cc:b8:64:ff:62:
8c:f0:90:94:d3:0e:5f:26:af:6b:30:e1:33:06:16:d0:e7:ae:
0b:d7:ab:a3:65:00:64:ad:3e:f5:05:f6:d8:0a:34:f8:40:ab:
02:5d:96:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpg+eXvMe01Ox/dPiHAb/lPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MTYxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjE3ZmMyOGE2ZjRjYTY3ZWM1ZjMxM2RkNzY0OGQ0NmE5Yjk0MTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1v+XNhh3dY8cY6yvPFrcrAdHKlp
m1Op621uMXDPEJB5NWXCwczOdTGnzeZ7/agIgYYgQk8KR3fzpASPW3McXlvt4fu8
g1+MYihEcK6i0ZeZOjfYpKx4wpvKWboySKcO07J8EjS40lSF0O3ZuYajDAH7FGbq
VXp1HdjddiJr8NTLhFaj9H6Xo4gHVnWtCy4wXWAtKmTplNHJNyy8naxQtFkEwlDy
6rKGvsWCH0+LNiWvbvYtHPFcI8zdI4TlAjDZehk4QgM/359rg+U7o67w8BIE9k3s
F9bKxH50utHDimYy9M26HLYz3CNhv3fi18Y8NzTyoTEHXjYxxRALQvnibQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA8X/Cim9Mpn7F8xPddkjUapuUGZMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvRHhmOEtLYjB5bWZzWHpFOTEyU05ScW01UVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAALwbpa1lUQCCFmQGcet
kYjdLz5dEH3ZUJ6QVLyyyyuzbWEPL4GTjHZjPc7+FSt2Sl/iuS8hAv6VAQw1f4gA
KYglBCRezlwfQlO9A5LVyOuFDQAowMcFLEm/ehqScluZHEFs/+2Z4ew/cGSoFdhI
hb3V70r/x2kEkMMJJGNFZeyb7hU/Zl4POmXCQYOG1rcz8enE64EIGaBi9pM6m1eA
fRiNv2zgz7C60kiUrqP8VyGtXb8mhYaUr8XBW0CIlAqpazY0JrfjWR96KVHAAQ0Q
QuLfj9zMuGT/YozwkJTTDl8mr2sw4TMGFtDnrgvXq6NlAGStPvUF9tgKNPhAqwJd
luQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:58 2025 by rpki-client