Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/K9LmyMsZc5N-lh6YPxiGxchZmF0.roa
File: K9LmyMsZc5N-lh6YPxiGxchZmF0.roa (raw, json)
Hash identifier: gTPjqERDa2Fqi/ie7nTWiZ+BgfyZavq13gULkqnV4rY=
Subject key identifier: 2B:D2:E6:C8:CB:19:73:93:7E:96:1E:98:3F:18:86:C5:C8:59:98:5D
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A47E3789D93DDD9F983C0F54CD113F518
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/K9LmyMsZc5N-lh6YPxiGxchZmF0.roa
Signing time: Wed 30 Aug 2023 19:20:04 +0000
ROA not before: Wed 30 Aug 2023 19:20:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:47:e3:78:9d:93:dd:d9:f9:83:c0:f5:4c:d1:13:f5:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 19:20:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bd2e6c8cb1973937e961e983f1886c5c859985d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:76:74:0c:6b:c4:16:ea:56:40:05:75:f0:b6:
a5:20:07:d6:ce:72:76:01:09:1f:3c:fc:c1:fd:9d:
46:0b:66:52:f7:e4:cc:52:ec:a8:d7:7e:5b:54:b6:
df:8f:0a:21:e7:a2:3f:7d:b3:12:86:64:bb:3a:da:
7a:f5:be:cd:96:f8:fa:3d:93:46:0a:d6:af:55:32:
6f:0b:a3:78:bd:6a:57:be:33:0e:86:33:f7:c6:74:
73:b1:14:9a:f4:92:9a:1c:22:6b:40:69:09:82:2a:
51:36:74:0d:2c:04:34:23:9c:c0:67:0c:c4:dc:a1:
72:cd:bd:73:43:42:33:58:1b:9b:5a:4a:69:55:d6:
22:ba:d5:5e:d6:90:01:b8:83:a4:8a:fa:91:b1:5a:
3d:68:26:36:9b:b7:e1:7c:0c:84:7b:82:d1:87:b2:
a5:8b:ca:3e:3e:16:1d:a0:47:80:88:51:4f:a9:33:
dd:b9:27:23:98:ed:4a:5e:a3:04:61:46:96:33:d7:
52:9e:63:f6:f5:be:ec:e2:6e:ce:7f:4c:02:53:bc:
92:5e:5f:74:f4:2e:20:ff:7a:1a:3e:6d:c8:13:80:
27:f0:ac:42:69:7c:1c:80:ea:ea:98:d6:42:1d:b8:
3f:03:d5:6a:82:12:ae:55:66:94:af:1f:c6:9e:4e:
20:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D2:E6:C8:CB:19:73:93:7E:96:1E:98:3F:18:86:C5:C8:59:98:5D
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/K9LmyMsZc5N-lh6YPxiGxchZmF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:ac:3d:32:8e:1e:46:4e:93:fc:dc:16:dd:50:5e:d9:7c:c1:
38:23:5e:89:d2:7b:ff:50:e9:a4:0e:6f:07:5d:1b:c7:8a:e0:
62:5d:e1:ff:34:61:7f:41:92:af:9c:27:ad:ae:90:73:d0:15:
e5:6c:d1:08:67:cd:0e:fb:c3:ab:a2:ae:36:89:31:fa:bc:1b:
94:41:89:a8:34:2e:7d:8e:0d:69:5a:dc:25:5d:39:e0:f3:e2:
cf:c7:ca:33:dc:9b:f2:99:7f:77:9d:6c:ef:27:7c:a8:d2:c8:
e9:87:24:fb:4b:31:68:dc:0e:e2:2b:f0:d1:8c:d4:19:49:cb:
fa:b7:89:7d:80:c3:c3:4f:dd:9e:14:29:45:cb:6f:13:80:37:
6e:e2:31:1b:ce:3c:d6:ca:43:21:ef:99:d6:03:c3:9e:42:58:
dd:78:43:a9:ee:37:d5:84:a0:76:94:3d:ef:25:51:25:7a:5b:
15:02:ae:20:51:db:b2:9a:ec:45:4b:26:87:be:8f:f3:8d:15:
e9:33:fc:b4:2b:5f:3d:b4:23:80:5b:71:4f:fe:9d:9f:13:d9:
f1:0f:45:2a:9f:30:b6:fa:3f:0a:09:d0:c1:01:81:2f:2b:9c:
00:60:a4:27:fa:0c:67:42:cf:6f:13:a1:4f:a6:8a:59:67:01:
4c:44:69:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpH43idk93Z+YPA9UzRE/UYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMTkyMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQyZTZjOGNiMTk3MzkzN2U5NjFlOTgzZjE4ODZjNWM4NTk5ODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnZ0DGvEFupWQAV18LalIAfWznJ2
AQkfPPzB/Z1GC2ZS9+TMUuyo135bVLbfjwoh56I/fbMShmS7Otp69b7Nlvj6PZNG
CtavVTJvC6N4vWpXvjMOhjP3xnRzsRSa9JKaHCJrQGkJgipRNnQNLAQ0I5zAZwzE
3KFyzb1zQ0IzWBubWkppVdYiutVe1pABuIOkivqRsVo9aCY2m7fhfAyEe4LRh7Kl
i8o+PhYdoEeAiFFPqTPduScjmO1KXqMEYUaWM9dSnmP29b7s4m7Of0wCU7ySXl90
9C4g/3oaPm3IE4An8KxCaXwcgOrqmNZCHbg/A9VqghKuVWaUrx/Gnk4gQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCvS5sjLGXOTfpYemD8YhsXIWZhdMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvSzlMbXlNc1pjNU4tbGg2WVB4aUd4Y2habUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEmsPTKOHkZOk/zcFt1Q
Xtl8wTgjXonSe/9Q6aQObwddG8eK4GJd4f80YX9Bkq+cJ62ukHPQFeVs0QhnzQ77
w6uirjaJMfq8G5RBiag0Ln2ODWla3CVdOeDz4s/HyjPcm/KZf3edbO8nfKjSyOmH
JPtLMWjcDuIr8NGM1BlJy/q3iX2Aw8NP3Z4UKUXLbxOAN27iMRvOPNbKQyHvmdYD
w55CWN14Q6nuN9WEoHaUPe8lUSV6WxUCriBR27Ka7EVLJoe+j/ONFekz/LQrXz20
I4BbcU/+nZ8T2fEPRSqfMLb6PwoJ0MEBgS8rnABgpCf6DGdCz28ToU+millnAUxE
aQI=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:14:38 2025 by rpki-client