Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KyN2h9PnRhjVFhWRk75hh_qofZI.roa
File: KyN2h9PnRhjVFhWRk75hh_qofZI.roa (raw, json)
Hash identifier: JsJKCDOwlKUgPNTmbNF/1M7AZbXBu4emNx6qZJ/43gM=
Subject key identifier: 2B:23:76:87:D3:E7:46:18:D5:16:15:91:93:BE:61:87:FA:A8:7D:92
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A78925C5C95FD1694017AD2D50930EDBA
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KyN2h9PnRhjVFhWRk75hh_qofZI.roa
Signing time: Sat 09 Sep 2023 06:12:52 +0000
ROA not before: Sat 09 Sep 2023 06:12:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:78:92:5c:5c:95:fd:16:94:01:7a:d2:d5:09:30:ed:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 06:12:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b237687d3e74618d516159193be6187faa87d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:cb:a8:98:e5:10:cb:33:70:37:a3:13:90:1b:
f5:bd:98:69:7d:d7:fc:8c:d8:8f:93:f2:2f:44:37:
bf:88:36:2e:b0:91:29:e6:58:08:a7:03:c7:8c:34:
30:5e:07:b1:10:d5:a6:00:ef:a7:ab:3d:4b:23:97:
50:1c:40:8d:f0:a9:8b:1e:34:3b:8e:7e:c7:32:fa:
d7:08:6a:d7:9b:b8:7d:0d:3a:fc:43:78:cc:21:aa:
08:75:d5:82:30:5c:a1:01:19:62:ab:5e:a7:c3:49:
53:62:b8:a4:72:df:b4:00:4e:ba:2a:57:1e:c6:b5:
47:b4:8a:83:b5:6b:3f:64:ac:95:81:26:13:42:bb:
de:40:d5:84:d2:80:e6:0e:3b:5a:94:3a:30:0a:cc:
d1:06:c6:d2:81:35:91:50:55:63:89:94:8a:4e:1b:
4c:a4:58:74:5c:58:59:ce:6f:0a:db:ec:6c:3b:ef:
19:e6:5e:6d:af:e9:6e:eb:f0:81:ff:9e:c3:da:4e:
9b:8f:7d:89:e2:79:c1:8d:fc:e0:2a:8a:5f:08:ec:
34:8f:fb:9f:a6:95:ec:35:51:28:94:0a:54:54:eb:
89:0a:15:2f:37:95:38:82:67:ef:f5:5d:2f:cb:42:
f0:c4:05:65:e5:a3:59:3d:e1:32:e4:6d:29:ce:9d:
39:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:23:76:87:D3:E7:46:18:D5:16:15:91:93:BE:61:87:FA:A8:7D:92
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KyN2h9PnRhjVFhWRk75hh_qofZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:57:bf:49:02:b0:ff:22:ee:95:c7:8a:f8:09:54:54:9f:cd:
4b:29:22:59:80:a5:5b:4c:45:f8:f9:bc:c9:a6:e8:9e:34:2b:
d7:38:36:d0:7e:e9:24:f2:e0:7d:c8:8f:51:9c:c5:d4:ad:c3:
ce:cb:bd:58:18:88:bd:3c:26:02:92:7b:7b:e9:25:0f:61:04:
54:70:9b:b8:b0:fa:22:e4:b8:0a:2e:aa:74:6a:c0:1d:18:71:
cc:b0:f5:12:d6:fa:31:e5:36:8b:3d:69:f0:79:95:c9:21:a1:
44:ba:f5:c2:3c:56:77:d5:89:5d:c9:01:56:1d:56:23:09:c1:
da:24:7d:f0:a4:c5:58:b1:f9:c4:8d:46:1c:60:6a:c9:1b:7a:
08:44:7d:45:f1:a3:3e:dd:43:5e:38:9c:99:58:35:2d:f0:4c:
70:f5:e8:5e:c3:75:fe:e2:01:ca:cc:e1:cf:ec:f4:b9:f6:b7:
ab:30:22:55:75:ab:db:59:09:03:25:22:b4:95:62:39:88:02:
ce:07:13:60:20:99:af:e2:71:0d:5b:4d:00:79:89:2b:56:77:
be:2a:23:5f:20:42:9a:bf:2b:9d:4a:54:f3:f3:46:77:b5:a3:
df:0f:0c:54:4f:ca:c3:5d:20:0b:1b:65:bd:ae:c9:a1:d7:02:
ec:fe:8c:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp4klxclf0WlAF60tUJMO26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MDYxMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjIzNzY4N2QzZTc0NjE4ZDUxNjE1OTE5M2JlNjE4N2ZhYTg3ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMuomOUQyzNwN6MTkBv1vZhpfdf8
jNiPk/IvRDe/iDYusJEp5lgIpwPHjDQwXgexENWmAO+nqz1LI5dQHECN8KmLHjQ7
jn7HMvrXCGrXm7h9DTr8Q3jMIaoIddWCMFyhARliq16nw0lTYrikct+0AE66Klce
xrVHtIqDtWs/ZKyVgSYTQrveQNWE0oDmDjtalDowCszRBsbSgTWRUFVjiZSKThtM
pFh0XFhZzm8K2+xsO+8Z5l5tr+lu6/CB/57D2k6bj32J4nnBjfzgKopfCOw0j/uf
ppXsNVEolApUVOuJChUvN5U4gmfv9V0vy0LwxAVl5aNZPeEy5G0pzp05nwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCsjdofT50YY1RYVkZO+YYf6qH2SMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvS3lOMmg5UG5SaGpWRmhXUms3NWhoX3FvZlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHJXv0kCsP8i7pXHivgJ
VFSfzUspIlmApVtMRfj5vMmm6J40K9c4NtB+6STy4H3Ij1GcxdStw87LvVgYiL08
JgKSe3vpJQ9hBFRwm7iw+iLkuAouqnRqwB0Yccyw9RLW+jHlNos9afB5lckhoUS6
9cI8VnfViV3JAVYdViMJwdokffCkxVix+cSNRhxgaskbeghEfUXxoz7dQ144nJlY
NS3wTHD16F7Ddf7iAcrM4c/s9Ln2t6swIlV1q9tZCQMlIrSVYjmIAs4HE2Agma/i
cQ1bTQB5iStWd74qI18gQpq/K51KVPPzRne1o98PDFRPysNdIAsbZb2uyaHXAuz+
jAI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:43 2025 by rpki-client