Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Ly7Mez_ozbrDX24q1drD0Xh1ciY.roa
File: Ly7Mez_ozbrDX24q1drD0Xh1ciY.roa (raw, json)
Hash identifier: ZEyWvNKj1gNP28nmsbM7Uz++4Gjww1PnaOwof+/x1DE=
Subject key identifier: 2F:2E:CC:7B:3F:E8:CD:BA:C3:5F:6E:2A:D5:DA:C3:D1:78:75:72:26
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7749AFC3A4239A635ED40858F31BB6CA
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Ly7Mez_ozbrDX24q1drD0Xh1ciY.roa
Signing time: Sat 09 Sep 2023 00:13:52 +0000
ROA not before: Sat 09 Sep 2023 00:13:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:77:49:af:c3:a4:23:9a:63:5e:d4:08:58:f3:1b:b6:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 00:13:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f2ecc7b3fe8cdbac35f6e2ad5dac3d178757226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:81:cb:09:4f:99:6a:24:a9:56:92:90:ec:91:
d1:39:a2:53:a4:17:d9:b2:32:ad:ac:71:c0:32:2f:
9c:3f:01:34:07:71:62:6c:c2:1e:2b:c7:75:2b:fd:
fa:31:1d:f3:d9:d2:0f:2f:cc:ab:7f:c9:26:5a:69:
21:ff:71:f1:b2:a9:97:40:2f:6d:de:32:70:16:ae:
8f:22:c0:1f:f8:c0:81:a5:bf:6c:2e:3f:94:65:c0:
5a:4d:11:5b:ee:7d:8e:87:42:ce:e2:cc:9a:80:9b:
eb:10:57:d8:b8:63:19:c1:3c:2b:49:2f:33:4f:50:
9e:82:28:86:d5:c0:86:d9:a2:33:6a:3e:80:22:53:
74:b9:2f:15:56:b3:69:4a:6b:d5:37:cf:9c:e9:84:
d6:92:53:ef:86:ef:3c:82:40:af:1c:c6:1e:46:3f:
90:22:27:ce:fd:7e:0d:18:1b:8d:03:8a:89:a0:91:
b8:e5:89:9a:d7:a1:34:0d:61:8d:18:bb:7a:30:9e:
b1:f4:f9:11:3e:93:a3:f9:5e:69:71:6d:78:dd:c0:
f5:37:b1:5f:37:44:97:df:b6:b7:e2:fe:c4:48:6b:
4e:da:14:df:c1:6d:b2:23:8b:95:79:8a:4b:a5:ac:
e2:15:45:8a:27:11:30:bb:b1:df:f6:98:49:78:17:
3e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:2E:CC:7B:3F:E8:CD:BA:C3:5F:6E:2A:D5:DA:C3:D1:78:75:72:26
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Ly7Mez_ozbrDX24q1drD0Xh1ciY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:d8:17:10:2e:a2:4e:60:55:55:71:e6:6f:18:f5:61:28:05:
8f:1b:cd:cb:10:4c:08:d0:8b:fa:ec:34:5f:62:da:a4:e6:32:
11:eb:b8:12:e6:7a:c9:81:53:01:c0:ad:80:d2:b0:30:17:99:
a6:b8:53:c9:68:03:63:e8:20:08:24:81:f0:35:a1:5f:5e:75:
08:f8:74:36:92:31:8a:2a:2c:b3:6d:f5:20:b6:66:bc:c3:c8:
37:ba:fa:a3:97:15:2a:0b:95:49:c6:55:e1:5f:96:75:99:78:
f3:cf:ba:ae:89:ef:b2:75:80:0b:20:fe:ef:23:b5:70:94:e8:
07:e9:9c:2f:ac:74:36:2a:ec:a8:70:ca:e9:a9:09:dd:70:25:
d0:95:a0:7c:8b:da:53:79:8e:dc:b0:a5:67:93:b5:c3:13:af:
1a:07:94:e4:53:f4:5e:a8:c5:ab:f1:ef:0c:b2:05:67:f1:78:
41:36:02:cd:a9:e7:7f:56:2b:e1:98:1a:12:3a:7b:37:e0:b1:
fc:86:5c:93:f1:91:fb:77:8b:8c:5f:32:84:4f:5b:98:8d:19:
54:8e:b0:db:47:0f:fb:a6:a1:53:f8:0a:7c:b1:2b:a8:f2:55:
6d:36:17:fb:6c:69:1f:8d:de:d9:b4:de:53:76:00:bb:82:06:
17:7e:af:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp3Sa/DpCOaY17UCFjzG7bKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MDAxMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjJlY2M3YjNmZThjZGJhYzM1ZjZlMmFkNWRhYzNkMTc4NzU3MjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4HLCU+ZaiSpVpKQ7JHROaJTpBfZ
sjKtrHHAMi+cPwE0B3FibMIeK8d1K/36MR3z2dIPL8yrf8kmWmkh/3HxsqmXQC9t
3jJwFq6PIsAf+MCBpb9sLj+UZcBaTRFb7n2Oh0LO4syagJvrEFfYuGMZwTwrSS8z
T1CegiiG1cCG2aIzaj6AIlN0uS8VVrNpSmvVN8+c6YTWklPvhu88gkCvHMYeRj+Q
IifO/X4NGBuNA4qJoJG45Yma16E0DWGNGLt6MJ6x9PkRPpOj+V5pcW143cD1N7Ff
N0SX37a34v7ESGtO2hTfwW2yI4uVeYpLpaziFUWKJxEwu7Hf9phJeBc+XQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC8uzHs/6M26w19uKtXaw9F4dXImMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTHk3TWV6X296YnJEWDI0cTFkckQwWGgxY2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKbYFxAuok5gVVVx5m8Y
9WEoBY8bzcsQTAjQi/rsNF9i2qTmMhHruBLmesmBUwHArYDSsDAXmaa4U8loA2Po
IAgkgfA1oV9edQj4dDaSMYoqLLNt9SC2ZrzDyDe6+qOXFSoLlUnGVeFflnWZePPP
uq6J77J1gAsg/u8jtXCU6AfpnC+sdDYq7KhwyumpCd1wJdCVoHyL2lN5jtywpWeT
tcMTrxoHlORT9F6oxavx7wyyBWfxeEE2As2p539WK+GYGhI6ezfgsfyGXJPxkft3
i4xfMoRPW5iNGVSOsNtHD/umoVP4CnyxK6jyVW02F/tsaR+N3tm03lN2ALuCBhd+
r8E=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:53 2025 by rpki-client