Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/JWf5Nqt8VrTvvuf4QyO4j96jNU8.roa
File: JWf5Nqt8VrTvvuf4QyO4j96jNU8.roa (raw, json)
Hash identifier: AJVVX+Xlo9reOobduyO/BRBjPlgNYgL5SkD7Yil2B24=
Subject key identifier: 25:67:F9:36:AB:7C:56:B4:EF:BE:E7:F8:43:23:B8:8F:DE:A3:35:4F
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5BCA625549EF7403D6441CB299487140
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/JWf5Nqt8VrTvvuf4QyO4j96jNU8.roa
Signing time: Sun 03 Sep 2023 16:05:04 +0000
ROA not before: Sun 03 Sep 2023 16:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:5bc9:8951/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5b:ca:62:55:49:ef:74:03:d6:44:1c:b2:99:48:71:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 16:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2567f936ab7c56b4efbee7f84323b88fdea3354f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ca:e3:1e:f7:03:be:a6:98:74:21:d7:85:82:
c1:be:16:41:63:57:da:8b:69:f9:b7:db:ba:34:2a:
1e:ea:62:c8:84:0a:6c:2a:d8:20:b3:3c:3f:3b:49:
73:27:0f:9f:34:fc:ee:9f:d3:45:dc:fb:97:a7:03:
dd:63:60:c1:db:b4:06:53:a2:3f:a0:d5:39:af:e6:
cb:b8:16:f7:08:d7:d2:bb:54:10:34:22:ab:88:72:
ad:29:ed:4c:6a:4f:32:ea:7c:23:79:99:c8:8c:99:
fd:8c:32:de:0c:e3:81:ea:d3:40:d6:e5:58:d4:b3:
d9:d3:2e:cc:52:55:54:7d:e7:01:34:15:a4:ed:12:
d0:ab:17:03:9e:1e:c3:55:de:0b:39:44:1b:d2:d0:
99:5d:b4:0a:9f:e2:74:58:86:bc:c9:78:1f:21:dc:
63:a2:6e:85:bf:af:e7:34:5e:05:63:02:69:20:16:
1f:76:93:cf:ba:99:6f:97:03:4e:c7:34:63:6c:f0:
3e:cd:58:04:8d:35:f5:02:6c:b4:8c:18:d2:b3:06:
18:80:d8:21:c1:68:c9:1c:76:41:f7:10:a9:36:fd:
7b:ca:4e:b4:19:23:01:71:3b:97:60:98:cd:6a:10:
f0:1f:80:9b:8d:c7:c1:23:99:e2:14:33:98:59:b7:
34:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:67:F9:36:AB:7C:56:B4:EF:BE:E7:F8:43:23:B8:8F:DE:A3:35:4F
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/JWf5Nqt8VrTvvuf4QyO4j96jNU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:d0:01:9d:fa:36:cd:f2:1b:a6:c7:ce:c3:9b:33:64:fc:ed:
09:e6:61:be:4d:b7:20:dd:57:ed:fe:1f:8a:64:8d:2b:93:d7:
1f:05:4c:4c:39:0d:b9:e7:74:3c:47:bd:f1:22:c7:c1:e5:04:
f2:0e:36:b5:d4:50:c5:2a:a0:fd:41:d4:6b:31:0c:0c:61:98:
13:b6:fc:c0:cd:74:f8:5c:6e:1b:6a:8a:28:36:3d:14:5a:85:
54:4e:1c:23:55:89:dc:35:d2:e2:c9:70:64:de:08:5f:11:3d:
69:9b:b9:56:d4:b2:d4:24:59:2d:f8:ce:18:4e:bf:c7:11:6f:
0e:ef:03:ce:f5:97:3e:34:d3:b5:8b:83:01:5f:4a:e1:07:83:
1e:be:3d:88:dd:b6:47:66:01:89:32:fe:0e:5b:f8:78:b5:db:
b6:70:ba:c5:70:68:af:0a:9c:71:d0:67:0f:7a:b9:f7:db:7a:
c2:84:d0:74:86:94:34:5f:a2:0d:66:af:a5:39:c1:ac:ee:2b:
a4:16:36:28:91:22:f8:25:02:82:a7:0c:68:18:42:bc:31:0c:
84:69:c6:f2:10:f7:91:45:1d:ff:21:ae:e8:0b:2b:33:78:c8:
e8:38:e8:c5:ad:50:51:ca:2b:83:7d:f5:78:2a:f4:f3:62:a4:
7f:e7:1c:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpbymJVSe90A9ZEHLKZSHFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMTYwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTY3ZjkzNmFiN2M1NmI0ZWZiZWU3Zjg0MzIzYjg4ZmRlYTMzNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMrjHvcDvqaYdCHXhYLBvhZBY1fa
i2n5t9u6NCoe6mLIhApsKtggszw/O0lzJw+fNPzun9NF3PuXpwPdY2DB27QGU6I/
oNU5r+bLuBb3CNfSu1QQNCKriHKtKe1Mak8y6nwjeZnIjJn9jDLeDOOB6tNA1uVY
1LPZ0y7MUlVUfecBNBWk7RLQqxcDnh7DVd4LOUQb0tCZXbQKn+J0WIa8yXgfIdxj
om6Fv6/nNF4FYwJpIBYfdpPPuplvlwNOxzRjbPA+zVgEjTX1Amy0jBjSswYYgNgh
wWjJHHZB9xCpNv17yk60GSMBcTuXYJjNahDwH4CbjcfBI5niFDOYWbc0+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCVn+TarfFa0777n+EMjuI/eozVPMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvSldmNU5xdDhWclR2dnVmNFF5TzRqOTZqTlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADXQAZ36Ns3yG6bHzsOb
M2T87QnmYb5NtyDdV+3+H4pkjSuT1x8FTEw5DbnndDxHvfEix8HlBPIONrXUUMUq
oP1B1GsxDAxhmBO2/MDNdPhcbhtqiig2PRRahVROHCNVidw10uLJcGTeCF8RPWmb
uVbUstQkWS34zhhOv8cRbw7vA871lz4007WLgwFfSuEHgx6+PYjdtkdmAYky/g5b
+Hi127ZwusVwaK8KnHHQZw96uffbesKE0HSGlDRfog1mr6U5wazuK6QWNiiRIvgl
AoKnDGgYQrwxDIRpxvIQ95FFHf8hrugLKzN4yOg46MWtUFHKK4N99Xgq9PNipH/n
HJU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:53 2025 by rpki-client