Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/LT_ct6uFiDF7id2ad1mM0wjenGM.roa
File: LT_ct6uFiDF7id2ad1mM0wjenGM.roa (raw, json)
Hash identifier: odfN3mozYupTm+NptRjYuSBQhS3YV9moBCBeBsNv74I=
Subject key identifier: 2D:3F:DC:B7:AB:85:88:31:7B:89:DD:9A:77:59:8C:D3:08:DE:9C:63
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A47D5BD3E15E980CFF8241CEF3657B603
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/LT_ct6uFiDF7id2ad1mM0wjenGM.roa
Signing time: Wed 30 Aug 2023 19:05:04 +0000
ROA not before: Wed 30 Aug 2023 19:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:47d4:f60a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:47:d5:bd:3e:15:e9:80:cf:f8:24:1c:ef:36:57:b6:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 19:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d3fdcb7ab8588317b89dd9a77598cd308de9c63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:50:06:13:d5:8c:0d:7a:b2:73:81:23:6a:fa:
c8:09:26:3d:21:31:a3:8e:e0:90:66:34:e3:68:7f:
a6:d6:39:e3:5d:3e:31:56:38:5f:f5:1e:03:41:9f:
eb:25:27:65:84:68:88:e2:8e:83:a6:06:4c:fc:0b:
f9:2d:02:5f:eb:b4:ef:b0:08:7d:bd:e3:08:4a:21:
1d:70:53:c7:5d:36:b6:00:9e:79:a0:80:d6:50:a4:
32:5f:82:de:9d:58:f5:70:4c:64:ad:84:81:f1:bb:
f9:c3:c7:b7:b8:49:f8:26:b5:03:af:03:0b:df:c2:
44:fa:36:6a:70:28:fc:68:c8:f0:a2:71:2e:35:1f:
2f:26:b7:3b:87:1f:3f:70:cf:10:74:a0:4b:5b:46:
73:32:82:d2:9c:5e:6a:9b:fb:62:1e:8c:25:97:cd:
bb:4b:de:6f:7f:86:b3:05:aa:b1:fa:f5:b5:30:b5:
54:6e:51:b4:58:19:e4:58:df:6b:6f:42:c3:67:23:
25:b8:0b:ac:52:55:ce:4b:e7:eb:eb:ec:f8:bf:48:
3c:2e:1b:e9:ca:b1:b1:d2:d6:46:27:6a:f9:70:82:
ad:ea:5f:a4:da:aa:1a:88:d2:79:a7:2a:84:ed:90:
1c:a0:74:c0:38:e5:ef:38:9b:d2:b1:10:55:f4:8a:
17:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:3F:DC:B7:AB:85:88:31:7B:89:DD:9A:77:59:8C:D3:08:DE:9C:63
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/LT_ct6uFiDF7id2ad1mM0wjenGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:6e:0b:b4:e6:59:4f:9d:3e:74:3a:67:5d:67:82:b9:f0:ee:
b8:f5:21:6e:8c:f9:e8:7f:09:ed:ad:3b:85:8d:f8:9e:a1:5b:
33:42:49:fe:c3:2f:ee:72:0a:e4:90:08:66:e1:00:98:d2:ec:
39:d7:96:0f:f1:ba:21:a4:c0:a8:04:f8:39:dc:d5:d4:8f:8a:
52:6e:4d:f1:b1:18:f0:9e:3f:d9:46:9d:9a:16:67:f4:0e:e5:
3f:bb:25:3e:6e:a8:7a:4f:85:21:b1:b4:2f:78:5f:c4:1d:db:
4a:73:0c:08:46:5a:72:fa:64:bd:84:1c:23:1f:4d:3e:64:1a:
71:95:48:16:bb:da:b4:64:4c:8a:8e:73:2d:ec:0d:66:41:d6:
3e:fc:4f:47:5c:94:fa:39:6a:ea:50:df:19:70:c4:11:1f:7d:
d2:e5:33:96:5d:32:67:96:ee:22:7e:03:06:f5:a4:8d:a3:98:
1d:31:70:37:79:ee:ec:d6:09:51:26:80:0e:2d:6d:99:4f:62:
77:e9:e5:2a:47:79:f2:d1:6a:a3:3a:3e:d4:06:00:91:af:c7:
6f:0a:fd:5c:a9:9c:ee:b6:4b:5d:d7:a1:f3:69:04:6c:01:f6:
53:9f:e4:c9:9c:34:26:7a:67:36:23:89:ec:db:51:9b:95:1c:
49:9e:af:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpH1b0+FemAz/gkHO82V7YDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMTkwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDNmZGNiN2FiODU4ODMxN2I4OWRkOWE3NzU5OGNkMzA4ZGU5YzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllAGE9WMDXqyc4EjavrICSY9ITGj
juCQZjTjaH+m1jnjXT4xVjhf9R4DQZ/rJSdlhGiI4o6DpgZM/Av5LQJf67TvsAh9
veMISiEdcFPHXTa2AJ55oIDWUKQyX4LenVj1cExkrYSB8bv5w8e3uEn4JrUDrwML
38JE+jZqcCj8aMjwonEuNR8vJrc7hx8/cM8QdKBLW0ZzMoLSnF5qm/tiHowll827
S95vf4azBaqx+vW1MLVUblG0WBnkWN9rb0LDZyMluAusUlXOS+fr6+z4v0g8Lhvp
yrGx0tZGJ2r5cIKt6l+k2qoaiNJ5pyqE7ZAcoHTAOOXvOJvSsRBV9IoXcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC0/3LerhYgxe4ndmndZjNMI3pxjMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTFRfY3Q2dUZpREY3aWQyYWQxbU0wd2plbkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADduC7TmWU+dPnQ6Z11n
grnw7rj1IW6M+eh/Ce2tO4WN+J6hWzNCSf7DL+5yCuSQCGbhAJjS7DnXlg/xuiGk
wKgE+Dnc1dSPilJuTfGxGPCeP9lGnZoWZ/QO5T+7JT5uqHpPhSGxtC94X8Qd20pz
DAhGWnL6ZL2EHCMfTT5kGnGVSBa72rRkTIqOcy3sDWZB1j78T0dclPo5aupQ3xlw
xBEffdLlM5ZdMmeW7iJ+Awb1pI2jmB0xcDd57uzWCVEmgA4tbZlPYnfp5SpHefLR
aqM6PtQGAJGvx28K/VypnO62S13XofNpBGwB9lOf5MmcNCZ6ZzYjiezbUZuVHEme
r34=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:37 2025 by rpki-client