Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Lid5QtMLhTkketVYvJkhBXH2MD8.roa
File: Lid5QtMLhTkketVYvJkhBXH2MD8.roa (raw, json)
Hash identifier: pfd0DOuBX/mUx32CLU2T6OqMgIo7HuccwEIK7d+PGGc=
Subject key identifier: 2E:27:79:42:D3:0B:85:39:24:7A:D5:58:BC:99:21:05:71:F6:30:3F
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A95F70B7C3010C29E841625CB217CD70E
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Lid5QtMLhTkketVYvJkhBXH2MD8.roa
Signing time: Thu 14 Sep 2023 23:11:50 +0000
ROA not before: Thu 14 Sep 2023 23:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:95:f7:0b:7c:30:10:c2:9e:84:16:25:cb:21:7c:d7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 14 23:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e277942d30b8539247ad558bc99210571f6303f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:80:ab:cc:58:dc:b6:e2:8d:e6:b6:1c:3f:9d:
f7:e0:9e:c4:44:af:aa:33:04:58:90:a3:86:3c:a9:
4c:ab:1d:9e:b5:30:e3:a6:10:15:2c:6f:c7:44:ec:
c4:e1:01:32:83:21:83:05:7a:9f:ac:52:71:d6:86:
c9:66:60:8e:ad:ca:81:d0:a6:e5:bc:11:02:d1:70:
ab:e9:21:c5:8d:7c:3c:71:3f:83:0c:6f:bd:cd:65:
97:5c:c1:22:82:c5:8e:10:e1:34:90:46:66:69:37:
29:c7:18:04:34:3c:ff:33:cd:36:fc:55:f8:de:a9:
2a:ca:ce:ce:13:af:4e:f0:68:4a:ac:0b:8b:e4:29:
af:af:09:a0:f1:60:6c:b9:2e:26:b9:f6:73:3b:6c:
9e:a0:6e:42:67:56:fa:04:43:22:75:3d:6f:71:0f:
f7:a8:19:89:e1:9a:68:43:3e:86:d2:ea:f3:75:ac:
2c:c9:58:2c:73:4b:df:04:34:9d:98:9c:9c:c9:9e:
16:fd:43:47:5c:3b:48:92:cf:85:c6:46:33:3f:0f:
bb:bd:2d:3b:ff:72:eb:ca:75:3a:f0:9c:ab:4b:6e:
29:c7:7e:28:c0:1f:70:ab:4b:b9:40:1e:d6:3f:55:
92:c4:22:db:e0:bc:70:8c:fd:7f:03:b4:92:45:46:
4d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:27:79:42:D3:0B:85:39:24:7A:D5:58:BC:99:21:05:71:F6:30:3F
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Lid5QtMLhTkketVYvJkhBXH2MD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:4c:a9:06:c0:e3:1e:2a:b3:18:3c:ff:c4:70:05:5c:e5:43:
df:4c:86:6f:24:17:07:35:9b:e9:6b:7d:78:66:97:c8:89:53:
58:7c:c0:ca:53:26:ac:ab:d6:e3:5b:c2:bd:f4:03:ef:35:70:
7f:99:b2:93:fb:9c:37:b8:f7:55:ee:8f:9b:51:1e:b6:ec:c7:
f7:5b:d2:ec:c9:bd:99:a0:7e:03:42:20:4c:68:22:13:80:fc:
ae:19:ad:52:82:07:c8:34:f9:ae:c5:9a:7a:f3:a4:2b:0a:f1:
4e:7b:c3:c2:28:95:f1:94:c3:8c:a2:6d:a2:4e:07:89:5e:48:
d7:15:14:c1:d8:98:27:3f:b7:fd:5b:3a:31:6e:06:9b:6f:9b:
dc:6d:ba:76:21:a1:ef:0f:1c:6a:42:eb:8b:4e:78:1e:a8:91:
26:31:70:a3:9b:a0:97:c7:7f:10:fd:4b:5a:43:72:b2:25:b7:
2d:ac:63:4c:1e:a9:b2:5a:ac:d1:5f:5b:e9:83:c5:d7:f2:29:
ed:8b:f7:ba:21:1e:b1:61:6b:da:81:3c:2b:42:f6:79:3b:d7:
a5:69:73:6b:85:a8:b7:64:80:2d:68:89:e9:f6:8b:40:86:ba:
1c:71:1e:91:d4:40:9a:71:2f:b9:2d:a8:c7:d6:ff:89:af:99:
1f:79:ac:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqV9wt8MBDCnoQWJcshfNcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE0MjMxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTI3Nzk0MmQzMGI4NTM5MjQ3YWQ1NThiYzk5MjEwNTcxZjYzMDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoCrzFjctuKN5rYcP5334J7ERK+q
MwRYkKOGPKlMqx2etTDjphAVLG/HROzE4QEygyGDBXqfrFJx1obJZmCOrcqB0Kbl
vBEC0XCr6SHFjXw8cT+DDG+9zWWXXMEigsWOEOE0kEZmaTcpxxgENDz/M802/FX4
3qkqys7OE69O8GhKrAuL5Cmvrwmg8WBsuS4mufZzO2yeoG5CZ1b6BEMidT1vcQ/3
qBmJ4ZpoQz6G0urzdawsyVgsc0vfBDSdmJycyZ4W/UNHXDtIks+FxkYzPw+7vS07
/3LrynU68JyrS24px34owB9wq0u5QB7WP1WSxCLb4LxwjP1/A7SSRUZNdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC4neULTC4U5JHrVWLyZIQVx9jA/MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTGlkNVF0TUxoVGtrZXRWWXZKa2hCWEgyTUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGJMqQbA4x4qsxg8/8Rw
BVzlQ99Mhm8kFwc1m+lrfXhml8iJU1h8wMpTJqyr1uNbwr30A+81cH+ZspP7nDe4
91Xuj5tRHrbsx/db0uzJvZmgfgNCIExoIhOA/K4ZrVKCB8g0+a7FmnrzpCsK8U57
w8IolfGUw4yibaJOB4leSNcVFMHYmCc/t/1bOjFuBptvm9xtunYhoe8PHGpC64tO
eB6okSYxcKOboJfHfxD9S1pDcrIlty2sY0weqbJarNFfW+mDxdfyKe2L97ohHrFh
a9qBPCtC9nk716Vpc2uFqLdkgC1oien2i0CGuhxxHpHUQJpxL7ktqMfW/4mvmR95
rMY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:40:20 2025 by rpki-client