Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/G3GeUJCXPSQgp4ybuAu_KqhjcQ4.roa
File: G3GeUJCXPSQgp4ybuAu_KqhjcQ4.roa (raw, json)
Hash identifier: 0MnD8zCQbF7hZb25fUVbkwCd6NHabn8BXP12jZm7auQ=
Subject key identifier: 1B:71:9E:50:90:97:3D:24:20:A7:8C:9B:B8:0B:BF:2A:A8:63:71:0E
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A48E86589395E5BA0EE4E39DBA3D727E5
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/G3GeUJCXPSQgp4ybuAu_KqhjcQ4.roa
Signing time: Thu 31 Aug 2023 00:05:04 +0000
ROA not before: Thu 31 Aug 2023 00:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:48e7:dc8e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:48:e8:65:89:39:5e:5b:a0:ee:4e:39:db:a3:d7:27:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 00:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b719e5090973d2420a78c9bb80bbf2aa863710e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2a:28:53:76:87:a5:91:31:99:16:bd:f4:48:
37:1b:14:16:c7:77:6b:cf:e0:1a:fa:dd:dd:e7:f6:
ff:d2:23:08:c3:99:60:d0:d4:5f:1c:96:cf:eb:76:
30:69:cc:e5:39:06:43:2c:8a:4f:ee:10:18:ce:c4:
e9:cc:90:a1:04:a4:f3:a0:c0:86:0b:a0:ef:d8:59:
5e:01:ee:b0:08:6a:c7:c3:41:ce:56:cb:44:45:80:
33:c7:aa:4b:a6:66:eb:30:a2:90:1c:ef:3a:3b:2a:
17:bb:9c:b0:7f:71:98:dc:7c:70:47:38:6a:46:40:
86:a9:12:3d:aa:b5:52:a2:71:b9:a1:6f:12:e4:0e:
26:27:ef:ff:69:88:a1:b1:8a:0f:96:e4:07:84:b8:
1b:6d:18:98:32:c2:3d:93:51:0b:c1:7d:36:58:70:
3a:94:ad:6e:90:09:88:12:22:24:d8:24:10:a6:2f:
1d:69:14:8f:c0:37:7e:45:2c:cc:52:2a:28:d4:60:
29:09:06:b6:ea:99:68:37:f0:98:d4:06:62:3c:9e:
d3:2a:02:a8:22:25:0e:fd:f4:07:33:a7:06:81:3f:
95:b7:2a:04:60:10:99:40:7e:6c:d3:ec:a2:c4:b8:
ac:1e:40:86:41:46:f1:4b:56:b6:10:dc:af:c5:9c:
09:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:71:9E:50:90:97:3D:24:20:A7:8C:9B:B8:0B:BF:2A:A8:63:71:0E
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/G3GeUJCXPSQgp4ybuAu_KqhjcQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:73:67:2b:12:27:e4:98:44:61:60:c2:e6:44:e6:7b:9e:4c:
f5:d5:48:08:5d:de:9b:23:c8:05:45:f1:35:48:c8:f8:a9:04:
75:c2:30:0e:11:e7:25:d5:56:9c:ad:da:ec:1f:0b:16:58:1f:
4d:b4:69:44:f0:22:37:9b:fe:27:3f:f9:3c:c6:ad:b0:22:d0:
33:73:21:99:64:af:22:70:8f:0f:fc:2d:8d:51:12:e8:5e:6b:
d2:46:b0:ae:65:71:ff:33:1f:36:b8:54:be:1f:e5:32:4f:25:
e3:7a:5f:65:64:5b:4c:86:ff:7f:62:23:8e:74:c1:39:1b:0b:
61:c9:c8:4e:c1:d2:a2:20:4f:c8:20:9a:2a:fd:9c:bc:96:eb:
ef:da:89:a1:3c:02:89:14:d5:ce:ae:5f:fb:4c:83:b9:5e:ea:
4e:75:91:46:21:46:d3:ec:e9:b9:76:e6:1a:12:5b:e8:75:52:
f5:ee:ad:f4:cb:ee:a2:ad:f9:5b:56:82:b8:e7:e0:9c:35:7d:
28:80:d0:43:87:00:64:20:a8:ba:35:b4:2b:8c:ab:84:0e:a8:
87:ba:92:85:7d:0b:98:47:cb:b2:b2:49:73:bd:97:00:0f:05:
90:bc:10:f5:a5:ca:7f:b7:53:09:0a:e9:2f:90:fa:2d:9a:08:
bb:04:7a:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpI6GWJOV5boO5OOduj1yflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMDAwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjcxOWU1MDkwOTczZDI0MjBhNzhjOWJiODBiYmYyYWE4NjM3MTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCooU3aHpZExmRa99Eg3GxQWx3dr
z+Aa+t3d5/b/0iMIw5lg0NRfHJbP63YwaczlOQZDLIpP7hAYzsTpzJChBKTzoMCG
C6Dv2FleAe6wCGrHw0HOVstERYAzx6pLpmbrMKKQHO86OyoXu5ywf3GY3HxwRzhq
RkCGqRI9qrVSonG5oW8S5A4mJ+//aYihsYoPluQHhLgbbRiYMsI9k1ELwX02WHA6
lK1ukAmIEiIk2CQQpi8daRSPwDd+RSzMUioo1GApCQa26ploN/CY1AZiPJ7TKgKo
IiUO/fQHM6cGgT+VtyoEYBCZQH5s0+yixLisHkCGQUbxS1a2ENyvxZwJpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBtxnlCQlz0kIKeMm7gLvyqoY3EOMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvRzNHZVVKQ1hQU1FncDR5YnVBdV9LcWhqY1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGJzZysSJ+SYRGFgwuZE
5nueTPXVSAhd3psjyAVF8TVIyPipBHXCMA4R5yXVVpyt2uwfCxZYH020aUTwIjeb
/ic/+TzGrbAi0DNzIZlkryJwjw/8LY1REuhea9JGsK5lcf8zHza4VL4f5TJPJeN6
X2VkW0yG/39iI450wTkbC2HJyE7B0qIgT8ggmir9nLyW6+/aiaE8AokU1c6uX/tM
g7le6k51kUYhRtPs6bl25hoSW+h1UvXurfTL7qKt+VtWgrjn4Jw1fSiA0EOHAGQg
qLo1tCuMq4QOqIe6koV9C5hHy7KySXO9lwAPBZC8EPWlyn+3UwkK6S+Q+i2aCLsE
eh0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:03 2025 by rpki-client