Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/JGxGem4SJ4DNFwSyIOhOgYK-iAc.roa
File: JGxGem4SJ4DNFwSyIOhOgYK-iAc.roa (raw, json)
Hash identifier: UQpOexJVpbf9v9hM80M1sqUqJpxGEmU/5qkWoQ9atuM=
Subject key identifier: 24:6C:46:7A:6E:12:27:80:CD:17:04:B2:20:E8:4E:81:82:BE:88:07
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A81C518236EDBA2BD04B6558D22E49BF9
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/JGxGem4SJ4DNFwSyIOhOgYK-iAc.roa
Signing time: Mon 11 Sep 2023 01:04:52 +0000
ROA not before: Mon 11 Sep 2023 01:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:81c4:a66a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:81:c5:18:23:6e:db:a2:bd:04:b6:55:8d:22:e4:9b:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 01:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=246c467a6e122780cd1704b220e84e8182be8807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ca:15:38:1e:56:43:13:33:24:98:d5:b0:a4:
94:2c:45:c6:3b:3e:6b:8b:4c:c9:ad:cf:5e:c0:40:
c3:bf:09:70:12:5d:d6:51:2c:3e:17:09:e3:a2:b0:
f7:92:1b:4f:30:dc:8b:de:60:08:4b:63:f1:f5:4e:
2f:3c:43:89:c5:53:6d:99:5d:94:a1:b5:80:ef:5f:
16:ac:ad:85:13:b7:7f:90:66:a0:56:06:b0:78:fc:
e1:fa:47:ec:9e:8d:37:3c:93:17:f2:26:36:62:bb:
05:40:cd:c9:91:4c:40:50:be:8f:c2:6c:14:fc:4e:
4d:de:ba:e4:34:df:7d:cb:f5:91:d9:72:7e:23:ab:
59:b0:f4:59:5a:df:61:fc:4b:92:f0:c0:6d:f1:c9:
4d:f7:9c:34:f5:5d:5b:b1:a4:c9:80:51:8d:7d:d7:
53:2e:4b:1c:e7:d6:d8:7f:f5:a1:26:0d:71:d7:f0:
fd:f2:fb:bd:a3:99:f9:8c:a4:e4:fc:c2:1e:e8:dc:
b7:48:7e:a6:50:0a:ba:5c:49:2e:07:f8:ff:61:a8:
f2:28:d0:d3:83:01:f6:6a:b6:70:c1:76:5a:e8:d0:
68:02:00:ea:57:0b:34:35:8c:3d:34:cb:39:5b:27:
ea:eb:a6:c1:61:82:9b:a7:06:56:25:3e:52:cf:f0:
6c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:6C:46:7A:6E:12:27:80:CD:17:04:B2:20:E8:4E:81:82:BE:88:07
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/JGxGem4SJ4DNFwSyIOhOgYK-iAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:53:78:1c:3b:e6:26:d2:2e:33:da:ab:af:ef:99:fc:1a:84:
91:6b:db:97:b6:6b:7b:7d:88:2a:e8:c0:e8:8f:db:af:b0:95:
f6:63:64:ee:22:b8:0f:bd:54:a2:68:10:47:9b:c0:ca:ad:b1:
f1:78:71:47:9b:05:f8:e8:10:72:9e:f8:77:03:a4:f7:50:68:
ca:83:ef:bb:cf:65:26:27:d9:8e:0a:92:42:4a:e1:42:fb:c4:
c1:ca:10:47:7f:85:c6:ea:32:6d:4e:ad:b4:a7:e2:21:00:cd:
9a:4f:e1:67:86:21:07:93:55:17:32:ef:cd:4f:23:3e:2b:4b:
78:fc:1c:62:63:49:4b:f9:6d:41:08:89:be:e6:18:c1:bf:5b:
3b:3a:a0:fc:57:72:a0:00:68:ca:7d:f8:67:e1:90:0e:fd:fa:
6d:27:9e:ab:83:c1:2b:f8:8f:45:3f:a0:4f:a6:35:fc:e5:6c:
e1:2b:f2:1d:62:03:cd:09:c7:2d:87:ba:c2:19:ce:53:c4:ee:
6d:32:fc:47:20:00:8a:be:1b:58:88:4b:c9:40:0a:6d:37:63:
11:b6:07:32:23:7e:ca:a7:47:bb:81:94:bf:c6:88:64:48:d9:
ed:98:2c:5e:a7:0d:2e:b9:cd:2b:87:e6:5f:0a:12:d1:f9:9e:
91:c0:2b:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqBxRgjbtuivQS2VY0i5Jv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMDEwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDZjNDY3YTZlMTIyNzgwY2QxNzA0YjIyMGU4NGU4MTgyYmU4ODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsoVOB5WQxMzJJjVsKSULEXGOz5r
i0zJrc9ewEDDvwlwEl3WUSw+FwnjorD3khtPMNyL3mAIS2Px9U4vPEOJxVNtmV2U
obWA718WrK2FE7d/kGagVgawePzh+kfsno03PJMX8iY2YrsFQM3JkUxAUL6PwmwU
/E5N3rrkNN99y/WR2XJ+I6tZsPRZWt9h/EuS8MBt8clN95w09V1bsaTJgFGNfddT
Lksc59bYf/WhJg1x1/D98vu9o5n5jKTk/MIe6Ny3SH6mUAq6XEkuB/j/YajyKNDT
gwH2arZwwXZa6NBoAgDqVws0NYw9NMs5Wyfq66bBYYKbpwZWJT5Sz/BsAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCRsRnpuEieAzRcEsiDoToGCvogHMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvSkd4R2VtNFNKNERORndTeUlPaE9nWUstaUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAVTeBw75ibSLjPaq6/v
mfwahJFr25e2a3t9iCrowOiP26+wlfZjZO4iuA+9VKJoEEebwMqtsfF4cUebBfjo
EHKe+HcDpPdQaMqD77vPZSYn2Y4KkkJK4UL7xMHKEEd/hcbqMm1OrbSn4iEAzZpP
4WeGIQeTVRcy781PIz4rS3j8HGJjSUv5bUEIib7mGMG/Wzs6oPxXcqAAaMp9+Gfh
kA79+m0nnquDwSv4j0U/oE+mNfzlbOEr8h1iA80Jxy2HusIZzlPE7m0y/EcgAIq+
G1iIS8lACm03YxG2BzIjfsqnR7uBlL/GiGRI2e2YLF6nDS65zSuH5l8KEtH5npHA
KzM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:00 2025 by rpki-client