Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/HYr-cXDkk2ZWB54BpPy5xYoLRns.roa
File: HYr-cXDkk2ZWB54BpPy5xYoLRns.roa (raw, json)
Hash identifier: btBXZ2LMokaadPn/O+4oy/SOXNEhrIE7lux5Z+fwi5E=
Subject key identifier: 1D:8A:FE:71:70:E4:93:66:56:07:9E:01:A4:FC:B9:C5:8A:0B:46:7B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A93D38F18605AD72A6F1CDA99D988B3F1
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/HYr-cXDkk2ZWB54BpPy5xYoLRns.roa
Signing time: Thu 14 Sep 2023 13:13:50 +0000
ROA not before: Thu 14 Sep 2023 13:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:d3:8f:18:60:5a:d7:2a:6f:1c:da:99:d9:88:b3:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 14 13:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d8afe7170e4936656079e01a4fcb9c58a0b467b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:44:26:f1:52:86:8f:c1:f2:81:77:8d:1e:84:
a5:01:2f:c4:7d:c1:47:fc:cc:e0:f9:05:73:75:44:
93:ef:02:88:5b:2b:51:56:88:27:ca:88:4f:4a:df:
37:9b:4e:4b:17:60:08:10:17:f3:de:a4:d1:d9:97:
a5:e6:6e:bd:3e:1a:c0:5e:c1:14:ca:8e:8a:d1:1f:
26:c0:6b:6f:cd:68:4f:9f:5f:8a:b0:c5:9d:1e:c2:
88:42:35:29:8a:8c:e7:99:99:1e:d1:08:0b:b0:e2:
d9:ca:88:0d:ec:fc:1d:0b:48:15:14:a7:78:48:c8:
51:7f:51:07:87:6e:3b:e2:dc:86:94:7a:85:72:52:
d5:1c:4c:1d:16:d1:0f:31:76:74:e8:9c:2f:5d:4d:
16:36:0e:13:66:e9:8c:9f:57:ea:82:56:aa:5a:16:
08:3f:dc:c5:ba:86:fa:fc:e1:46:62:7b:5c:89:0d:
91:8a:58:99:0c:e8:4d:f8:59:ef:38:04:a6:22:c2:
d0:4b:01:91:92:0b:10:f9:1b:0e:a9:d5:12:fa:55:
59:48:f7:9a:7b:af:27:bb:8c:88:71:42:2d:09:72:
9d:fd:6f:eb:8e:79:7c:5e:d8:9f:11:d1:f7:ed:ea:
4a:8d:50:9e:4c:ef:3b:05:35:eb:4a:c4:85:6b:a0:
69:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8A:FE:71:70:E4:93:66:56:07:9E:01:A4:FC:B9:C5:8A:0B:46:7B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/HYr-cXDkk2ZWB54BpPy5xYoLRns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:fd:e4:eb:98:d4:21:64:f5:84:6b:66:84:69:3e:1d:0f:10:
33:d2:95:9e:39:d4:11:01:e4:2f:b6:9f:6b:72:fc:56:a4:59:
b1:ae:6b:93:a4:01:dd:49:ba:88:bf:65:7c:25:3a:ff:e3:d4:
b1:ff:f1:55:28:9d:e5:48:44:f9:9a:a3:fd:64:44:eb:d8:8f:
64:aa:7e:ff:81:2e:8c:6c:60:01:e4:ac:2b:6a:51:a4:a1:3f:
da:62:49:13:ef:a9:7b:b7:8f:06:d0:cf:12:d6:3a:7a:0d:b6:
6d:ce:bc:23:94:ec:2e:a5:f0:17:70:6a:22:ad:14:88:63:75:
3c:17:d9:6a:69:06:57:2f:18:7a:d4:27:59:ef:f7:08:24:96:
59:13:d4:77:b0:0c:9a:ff:fe:54:2d:1d:5d:67:59:c2:2e:0d:
b2:cc:44:cd:75:8e:15:43:fa:cf:ca:0c:83:59:d4:0d:f2:fc:
4d:28:19:d5:1a:41:d5:ce:12:58:85:a2:91:37:dd:36:d4:e8:
d8:e0:c2:82:82:5c:09:7e:b6:5c:fd:54:94:01:3f:a2:61:b4:
78:7b:e1:60:18:0f:1d:fd:21:ab:4e:b5:6e:53:47:d1:53:6d:
16:98:6f:14:96:9d:1d:5a:db:1e:1f:82:07:6a:02:79:00:61:
f1:78:20:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqT048YYFrXKm8c2pnZiLPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE0MTMxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDhhZmU3MTcwZTQ5MzY2NTYwNzllMDFhNGZjYjljNThhMGI0NjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUQm8VKGj8HygXeNHoSlAS/EfcFH
/Mzg+QVzdUST7wKIWytRVognyohPSt83m05LF2AIEBfz3qTR2Zel5m69PhrAXsEU
yo6K0R8mwGtvzWhPn1+KsMWdHsKIQjUpioznmZke0QgLsOLZyogN7PwdC0gVFKd4
SMhRf1EHh2474tyGlHqFclLVHEwdFtEPMXZ06JwvXU0WNg4TZumMn1fqglaqWhYI
P9zFuob6/OFGYntciQ2RiliZDOhN+FnvOASmIsLQSwGRkgsQ+RsOqdUS+lVZSPea
e68nu4yIcUItCXKd/W/rjnl8XtifEdH37epKjVCeTO87BTXrSsSFa6BpcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB2K/nFw5JNmVgeeAaT8ucWKC0Z7MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvSFlyLWNYRGtrMlpXQjU0QnBQeTV4WW9MUm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABn95OuY1CFk9YRrZoRp
Ph0PEDPSlZ451BEB5C+2n2ty/FakWbGua5OkAd1Juoi/ZXwlOv/j1LH/8VUoneVI
RPmao/1kROvYj2Sqfv+BLoxsYAHkrCtqUaShP9piSRPvqXu3jwbQzxLWOnoNtm3O
vCOU7C6l8BdwaiKtFIhjdTwX2WppBlcvGHrUJ1nv9wgkllkT1HewDJr//lQtHV1n
WcIuDbLMRM11jhVD+s/KDINZ1A3y/E0oGdUaQdXOEliFopE33TbU6NjgwoKCXAl+
tlz9VJQBP6JhtHh74WAYDx39IatOtW5TR9FTbRaYbxSWnR1a2x4fggdqAnkAYfF4
IIA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:11:01 2025 by rpki-client