Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/EMpZ0Jww7AJ0xIABfQWlhhjgWiE.roa
File: EMpZ0Jww7AJ0xIABfQWlhhjgWiE.roa (raw, json)
Hash identifier: 2ATOlFyQkvbllUml9Y7xPG/45vrpel183c8Taht0SOQ=
Subject key identifier: 10:CA:59:D0:9C:30:EC:02:74:C4:80:01:7D:05:A5:86:18:E0:5A:21
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4C699D6937598A0FF0F3D7794CE8BBF8
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/EMpZ0Jww7AJ0xIABfQWlhhjgWiE.roa
Signing time: Thu 31 Aug 2023 16:25:04 +0000
ROA not before: Thu 31 Aug 2023 16:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4c:69:9d:69:37:59:8a:0f:f0:f3:d7:79:4c:e8:bb:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 16:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10ca59d09c30ec0274c480017d05a58618e05a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7f:fd:f6:0f:c3:6f:18:cc:b0:b8:9a:dc:06:
bf:65:92:93:f1:88:58:31:cc:bb:b9:79:eb:ba:fb:
b2:c5:ce:b1:d4:28:83:31:4c:78:a8:05:c7:99:0e:
c1:af:bb:de:e5:d5:38:2a:94:44:11:01:2f:16:5a:
e9:5f:a6:dc:95:a5:27:f4:60:e2:a6:91:b4:f2:6c:
3a:4f:42:54:5c:69:e4:1e:72:15:91:69:ca:c8:9c:
c7:2e:34:01:84:4a:0b:eb:ac:11:7d:c2:bc:42:b4:
1b:f1:f3:38:00:67:2d:f2:93:ec:f4:02:e0:4f:a6:
04:70:0e:71:6f:62:27:c9:84:ab:e7:79:b5:cf:c4:
57:5a:8e:a9:9c:a7:f8:3a:51:fa:90:da:d4:78:9a:
5f:f0:02:12:2b:0c:f3:2c:a3:84:ba:47:70:02:42:
91:eb:89:ba:59:bf:ed:7d:65:a8:74:23:e3:01:cb:
a2:9b:4e:aa:88:ae:aa:92:d3:8d:a4:f0:6d:1d:af:
12:38:52:bf:6d:6f:2a:45:67:a3:5a:62:00:c5:fe:
3e:60:33:00:29:c1:57:ab:34:20:35:e2:fc:48:43:
b6:cf:d0:f4:36:ec:fb:01:a4:59:bb:7e:12:71:64:
c9:73:a4:de:80:6a:c7:8d:d1:28:4d:fe:b0:53:54:
98:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:CA:59:D0:9C:30:EC:02:74:C4:80:01:7D:05:A5:86:18:E0:5A:21
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/EMpZ0Jww7AJ0xIABfQWlhhjgWiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:3a:73:fd:10:df:d3:c0:68:3a:3e:c2:b5:9f:ec:2c:28:c1:
88:bd:ae:07:54:d0:21:e9:58:99:38:91:bc:b5:ee:6e:7b:ad:
70:27:94:7d:36:28:3c:71:ac:69:d2:c5:7e:b9:55:85:5b:e9:
ef:da:53:73:29:1c:ac:3a:8a:38:95:76:12:97:40:7c:69:89:
12:f6:43:e0:f2:88:d9:de:9d:03:6d:5a:6d:a5:96:9a:de:22:
e5:c9:47:73:1b:48:70:16:97:ef:1b:ff:99:81:76:81:e4:fe:
ab:e9:ec:05:27:20:76:8e:32:6c:82:9e:07:73:fd:64:90:52:
75:01:2d:02:38:93:c4:a6:de:af:e5:5e:5c:45:39:c8:61:d3:
4b:60:ee:bd:be:79:6c:a7:bd:ab:ab:d4:d3:4d:75:de:d5:1e:
8f:cc:b2:73:0d:f0:ba:67:07:b8:64:60:64:67:0d:bb:8c:0f:
36:4e:e6:7f:c9:e3:6e:39:de:75:b6:3f:ef:ba:93:f7:cc:ed:
a3:f9:24:83:79:b6:7d:d2:5b:2c:29:38:60:ef:bf:cc:b1:67:
e7:60:94:13:9e:a5:bd:6a:fd:86:06:0b:bf:7f:97:c7:d1:08:
dd:a4:42:61:c2:a4:90:91:1c:bf:cc:3a:3f:c3:e5:5f:1e:c0:
a4:44:09:5f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpMaZ1pN1mKD/Dz13lM6Lv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMTYyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGNhNTlkMDljMzBlYzAyNzRjNDgwMDE3ZDA1YTU4NjE4ZTA1YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3/99g/DbxjMsLia3Aa/ZZKT8YhY
Mcy7uXnruvuyxc6x1CiDMUx4qAXHmQ7Br7ve5dU4KpREEQEvFlrpX6bclaUn9GDi
ppG08mw6T0JUXGnkHnIVkWnKyJzHLjQBhEoL66wRfcK8QrQb8fM4AGct8pPs9ALg
T6YEcA5xb2InyYSr53m1z8RXWo6pnKf4OlH6kNrUeJpf8AISKwzzLKOEukdwAkKR
64m6Wb/tfWWodCPjAcuim06qiK6qktONpPBtHa8SOFK/bW8qRWejWmIAxf4+YDMA
KcFXqzQgNeL8SEO2z9D0Nuz7AaRZu34ScWTJc6TegGrHjdEoTf6wU1SY3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBDKWdCcMOwCdMSAAX0FpYYY4FohMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvRU1wWjBKd3c3QUoweElBQmZRV2xoaGpnV2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFg6c/0Q39PAaDo+wrWf
7CwowYi9rgdU0CHpWJk4kby17m57rXAnlH02KDxxrGnSxX65VYVb6e/aU3MpHKw6
ijiVdhKXQHxpiRL2Q+DyiNnenQNtWm2llpreIuXJR3MbSHAWl+8b/5mBdoHk/qvp
7AUnIHaOMmyCngdz/WSQUnUBLQI4k8Sm3q/lXlxFOchh00tg7r2+eWynvaur1NNN
dd7VHo/MsnMN8LpnB7hkYGRnDbuMDzZO5n/J42453nW2P++6k/fM7aP5JIN5tn3S
WywpOGDvv8yxZ+dglBOepb1q/YYGC79/l8fRCN2kQmHCpJCRHL/MOj/D5V8ewKRE
CV8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:54 2025 by rpki-client