Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/HfYFqDMS0ZwzlH32U0RBrwuz3cI.roa
File: HfYFqDMS0ZwzlH32U0RBrwuz3cI.roa (raw, json)
Hash identifier: fASF55Y0up0jPEStBT0LzD433Pdto7xy0Fs78vg1liQ=
Subject key identifier: 1D:F6:05:A8:33:12:D1:9C:33:94:7D:F6:53:44:41:AF:0B:B3:DD:C2
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A864D091B2701B1E551F345CE93A427FC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/HfYFqDMS0ZwzlH32U0RBrwuz3cI.roa
Signing time: Mon 11 Sep 2023 22:11:50 +0000
ROA not before: Mon 11 Sep 2023 22:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:86:4d:09:1b:27:01:b1:e5:51:f3:45:ce:93:a4:27:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 22:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1df605a83312d19c33947df6534441af0bb3ddc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:99:99:65:f8:01:f3:f0:bf:91:83:0c:05:59:
4e:f0:c0:d2:dd:6b:f5:59:09:b3:c6:63:c4:db:41:
6a:c0:e8:81:f8:fb:7d:6c:f2:9c:df:bc:5d:c8:de:
f8:07:58:f0:e0:98:3c:77:2f:12:55:47:1e:56:62:
62:d9:53:51:d4:1e:a5:68:b9:39:57:63:c0:e3:14:
0d:e2:77:e0:a6:ce:71:ef:0b:3c:56:10:69:52:2a:
32:55:e7:e9:39:fe:8f:19:3b:32:50:e2:47:c7:df:
4f:39:cc:f3:47:5d:2e:a6:4c:fa:82:79:f3:25:14:
d0:ad:5a:7b:e6:b5:4a:22:1d:a5:f4:c8:e0:35:c2:
3e:2a:1e:aa:11:fa:ca:7a:65:84:3b:f7:b9:37:08:
45:54:2b:7d:43:64:49:00:ad:9d:0e:ae:b5:19:d6:
14:23:16:c0:c4:9e:d9:31:c8:85:cd:d6:61:65:cf:
ad:0e:c4:94:6a:79:a6:d6:da:ba:82:02:d9:97:5b:
0e:43:71:df:df:17:2a:9d:75:91:ee:67:60:90:f2:
39:b0:c2:b5:cb:1c:ff:5c:b3:e1:33:a2:a8:3b:49:
5d:45:ab:02:58:21:8c:7f:b2:a9:a7:9c:b3:b3:03:
19:74:9f:b6:fd:c2:1b:b1:2a:dd:37:37:e9:0c:97:
97:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F6:05:A8:33:12:D1:9C:33:94:7D:F6:53:44:41:AF:0B:B3:DD:C2
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/HfYFqDMS0ZwzlH32U0RBrwuz3cI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:8e:63:33:27:67:ce:2a:ea:dc:ed:c1:f0:5d:b7:24:42:54:
e7:3b:b5:a4:82:d7:46:7f:bc:40:36:e9:67:60:fd:bc:d7:d9:
0e:28:2b:16:6e:a1:9a:9c:eb:00:8d:f4:12:85:0d:8a:66:84:
a3:df:03:7d:da:32:be:6f:9e:7d:d2:87:8b:ce:9d:62:dc:91:
de:69:8d:5b:ae:0f:67:64:d7:ef:d2:88:b5:69:a1:70:2e:2f:
fc:83:9c:a5:5b:cd:76:0d:25:ae:14:1e:12:01:db:6a:21:ed:
69:42:07:5a:9c:9a:0f:77:e8:55:2a:05:5f:c0:a3:31:5d:fe:
c8:88:8e:bf:91:a1:12:02:eb:b0:7f:72:a6:f3:f8:66:b7:1f:
5d:e9:b0:f9:5b:5a:f5:0e:5b:73:1a:70:29:f4:f1:1e:ff:10:
25:82:e5:cd:b7:1b:6c:cc:5d:21:6f:e7:78:bd:ce:72:05:bd:
20:13:43:6e:09:cb:43:c0:cc:8f:96:c4:fd:6d:0b:db:ce:87:
d1:52:97:15:1b:fe:42:2b:b8:86:a7:08:f4:78:d2:71:99:47:
66:98:86:d8:26:09:23:c6:b4:60:be:b2:8f:c1:82:2b:7e:49:
de:42:52:a9:49:b9:2b:e9:9b:ba:9c:18:53:b6:2d:27:fd:f0:
a0:c7:b6:7d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqGTQkbJwGx5VHzRc6TpCf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMjIxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGY2MDVhODMzMTJkMTljMzM5NDdkZjY1MzQ0NDFhZjBiYjNkZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpmZZfgB8/C/kYMMBVlO8MDS3Wv1
WQmzxmPE20FqwOiB+Pt9bPKc37xdyN74B1jw4Jg8dy8SVUceVmJi2VNR1B6laLk5
V2PA4xQN4nfgps5x7ws8VhBpUioyVefpOf6PGTsyUOJHx99POczzR10upkz6gnnz
JRTQrVp75rVKIh2l9MjgNcI+Kh6qEfrKemWEO/e5NwhFVCt9Q2RJAK2dDq61GdYU
IxbAxJ7ZMciFzdZhZc+tDsSUanmm1tq6ggLZl1sOQ3Hf3xcqnXWR7mdgkPI5sMK1
yxz/XLPhM6KoO0ldRasCWCGMf7Kpp5yzswMZdJ+2/cIbsSrdNzfpDJeXmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB32BagzEtGcM5R99lNEQa8Ls93CMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvSGZZRnFETVMwWnd6bEgzMlUwUkJyd3V6M2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIOOYzMnZ84q6tztwfBd
tyRCVOc7taSC10Z/vEA26Wdg/bzX2Q4oKxZuoZqc6wCN9BKFDYpmhKPfA33aMr5v
nn3Sh4vOnWLckd5pjVuuD2dk1+/SiLVpoXAuL/yDnKVbzXYNJa4UHhIB22oh7WlC
B1qcmg936FUqBV/AozFd/siIjr+RoRIC67B/cqbz+Ga3H13psPlbWvUOW3MacCn0
8R7/ECWC5c23G2zMXSFv53i9znIFvSATQ24Jy0PAzI+WxP1tC9vOh9FSlxUb/kIr
uIanCPR40nGZR2aYhtgmCSPGtGC+so/Bgit+Sd5CUqlJuSvpm7qcGFO2LSf98KDH
tn0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:53 2025 by rpki-client