Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/MA7ZHFKv9xCcCdmX5y_l4qk-y7Q.roa
File: MA7ZHFKv9xCcCdmX5y_l4qk-y7Q.roa (raw, json)
Hash identifier: tUhRSV3YObAen2lSVGGVNxF7CAOqDb7JDxMSr+ccj60=
Subject key identifier: 30:0E:D9:1C:52:AF:F7:10:9C:09:D9:97:E7:2F:E5:E2:A9:3E:CB:B4
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A55FF3A34681FFB54DC3817D43537F0C7
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/MA7ZHFKv9xCcCdmX5y_l4qk-y7Q.roa
Signing time: Sat 02 Sep 2023 13:05:04 +0000
ROA not before: Sat 02 Sep 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:55fe:c614/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:55:ff:3a:34:68:1f:fb:54:dc:38:17:d4:35:37:f0:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=300ed91c52aff7109c09d997e72fe5e2a93ecbb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b1:bd:c5:20:e4:aa:c6:ed:40:c8:53:5d:42:
3e:04:16:f5:d1:0c:e6:13:13:cd:95:55:e7:44:99:
09:29:59:55:f4:18:a6:bb:7e:28:c4:cd:1d:93:32:
82:d4:c2:81:c2:b2:da:84:16:54:09:56:b9:75:6c:
63:a1:e5:41:bc:0d:a6:60:fe:25:43:60:4c:99:ad:
78:42:f0:3e:b2:2f:6a:64:da:e4:94:b8:f7:95:40:
41:c0:94:3a:a2:c3:44:a8:37:5b:27:75:e9:06:d3:
a4:51:5e:86:7e:ba:0f:c5:6b:9f:be:c6:6a:75:75:
ff:36:28:2f:f8:b4:0a:0c:6f:13:49:42:20:ec:a4:
88:8f:14:0c:71:a2:a8:b3:f2:66:ac:b0:7f:02:76:
9b:41:1a:32:4c:31:bc:ba:da:97:61:84:43:fd:ac:
ab:fc:42:96:9b:ea:b2:26:35:38:f8:42:36:0f:11:
15:e5:7c:2c:b7:a7:fe:7a:4a:a3:c1:89:40:3e:b4:
5e:10:9d:43:bc:bc:75:68:fe:c9:80:64:54:51:c9:
6d:53:41:0a:fc:2b:f0:78:fd:cf:5e:4a:76:21:92:
e7:0b:d7:1c:24:e4:80:46:c4:d1:89:0e:a4:c0:b0:
d3:f6:42:32:28:31:ea:ab:71:41:ec:24:e8:02:7f:
95:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0E:D9:1C:52:AF:F7:10:9C:09:D9:97:E7:2F:E5:E2:A9:3E:CB:B4
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/MA7ZHFKv9xCcCdmX5y_l4qk-y7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:5d:cc:4b:4f:6b:90:02:22:da:5f:67:b9:24:9a:4d:8f:ed:
c9:80:30:3a:47:88:0f:2e:af:22:01:9e:b0:07:f9:b3:54:bc:
ee:6d:8a:ed:3c:a5:d3:63:30:82:ae:9c:8d:3a:02:64:e9:4a:
8a:b0:18:f2:dc:b8:c9:14:71:50:c7:92:55:cb:3f:39:48:50:
f1:10:9e:0b:05:f2:8e:22:d0:6e:f3:20:9a:e2:4f:ce:f1:0e:
af:20:06:de:dd:c6:bf:8d:2d:31:a6:7d:89:3d:a8:63:0b:f7:
80:11:47:c6:9a:56:8e:de:3c:cc:52:27:05:90:f0:7c:ae:a9:
ea:49:53:92:0a:19:94:c8:a2:c8:06:4f:9f:50:11:1c:d2:9d:
5a:40:c5:20:04:e5:2f:fb:a0:ce:83:ec:42:c3:4d:0c:38:2a:
1d:63:36:55:c2:c5:02:21:cd:00:46:dc:b6:d4:25:f6:fb:a7:
96:f8:7a:f4:3e:5a:d0:12:6e:13:57:c4:c5:65:6c:0a:63:0c:
b3:55:8f:6a:47:5c:15:f0:74:38:07:f4:bd:ec:51:e3:de:f4:
c3:e9:23:ab:55:b5:74:8d:d2:eb:19:8d:fd:b5:7e:80:9a:4c:
c2:ed:4a:26:48:67:1b:aa:c6:a1:5f:e7:58:1a:9e:bd:07:19:
c5:d5:c6:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpV/zo0aB/7VNw4F9Q1N/DHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDBlZDkxYzUyYWZmNzEwOWMwOWQ5OTdlNzJmZTVlMmE5M2VjYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbG9xSDkqsbtQMhTXUI+BBb10Qzm
ExPNlVXnRJkJKVlV9Bimu34oxM0dkzKC1MKBwrLahBZUCVa5dWxjoeVBvA2mYP4l
Q2BMma14QvA+si9qZNrklLj3lUBBwJQ6osNEqDdbJ3XpBtOkUV6GfroPxWufvsZq
dXX/Nigv+LQKDG8TSUIg7KSIjxQMcaKos/JmrLB/AnabQRoyTDG8utqXYYRD/ayr
/EKWm+qyJjU4+EI2DxEV5Xwst6f+ekqjwYlAPrReEJ1DvLx1aP7JgGRUUcltU0EK
/CvweP3PXkp2IZLnC9ccJOSARsTRiQ6kwLDT9kIyKDHqq3FB7CToAn+VPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDAO2RxSr/cQnAnZl+cv5eKpPsu0MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTUE3WkhGS3Y5eENjQ2RtWDV5X2w0cWsteTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ1dzEtPa5ACItpfZ7kk
mk2P7cmAMDpHiA8uryIBnrAH+bNUvO5tiu08pdNjMIKunI06AmTpSoqwGPLcuMkU
cVDHklXLPzlIUPEQngsF8o4i0G7zIJriT87xDq8gBt7dxr+NLTGmfYk9qGML94AR
R8aaVo7ePMxSJwWQ8HyuqepJU5IKGZTIosgGT59QERzSnVpAxSAE5S/7oM6D7ELD
TQw4Kh1jNlXCxQIhzQBG3LbUJfb7p5b4evQ+WtASbhNXxMVlbApjDLNVj2pHXBXw
dDgH9L3sUePe9MPpI6tVtXSN0usZjf21foCaTMLtSiZIZxuqxqFf51ganr0HGcXV
xp0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:03 2025 by rpki-client