Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/MHpVzcq_sT1fLIHXUDFdwinVG2Q.roa
File: MHpVzcq_sT1fLIHXUDFdwinVG2Q.roa (raw, json)
Hash identifier: LTxlRLaBEpT16qN3qf9maV8weODtgILku0QBV7DzvXg=
Subject key identifier: 30:7A:55:CD:CA:BF:B1:3D:5F:2C:81:D7:50:31:5D:C2:29:D5:1B:64
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A867D8F52457C200AB0E997E8DC7D924C
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/MHpVzcq_sT1fLIHXUDFdwinVG2Q.roa
Signing time: Mon 11 Sep 2023 23:04:50 +0000
ROA not before: Mon 11 Sep 2023 23:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:867c:f43f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:86:7d:8f:52:45:7c:20:0a:b0:e9:97:e8:dc:7d:92:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 23:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=307a55cdcabfb13d5f2c81d750315dc229d51b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0a:56:dd:35:d2:9f:59:ca:6b:70:a0:36:73:
14:4f:62:ab:31:b5:0d:41:d6:9f:34:7d:c6:d1:e8:
8c:73:e2:5f:d9:15:49:48:51:44:41:bd:61:50:3e:
2e:2d:70:0d:b1:58:44:1b:43:61:49:5b:73:14:90:
07:d4:42:6e:86:40:fe:c5:87:39:94:c4:26:ee:e6:
7a:1e:de:9c:3e:28:3e:f1:a5:7f:28:0b:9f:6e:08:
58:a4:5f:a6:e5:23:55:d1:2e:75:21:f7:fa:a8:a6:
2c:a1:b1:2d:4c:b2:2d:e2:a0:b2:f1:c9:80:bb:15:
82:86:fc:d4:05:e2:40:65:fe:d2:f8:ae:08:3e:dd:
63:39:a8:49:bb:46:23:24:43:5d:de:31:6b:df:93:
28:26:bc:fd:b6:ab:33:e6:61:04:c1:ec:49:a6:a2:
d9:7f:09:e9:d4:0e:aa:a0:97:9f:f9:9c:8a:27:fe:
47:dd:a4:dd:41:1f:57:eb:65:13:fd:6a:62:74:22:
81:a4:ff:6b:da:dc:8f:7d:bb:94:84:0e:51:0f:3b:
42:9b:08:90:94:7e:62:a8:bc:16:ed:13:99:8e:b8:
0c:1f:c2:6e:d8:91:c3:96:c2:95:31:a2:27:03:ec:
db:6f:96:68:a0:7e:fb:d0:e4:70:09:d4:2c:90:7a:
26:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:7A:55:CD:CA:BF:B1:3D:5F:2C:81:D7:50:31:5D:C2:29:D5:1B:64
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/MHpVzcq_sT1fLIHXUDFdwinVG2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:84:54:10:53:6b:7b:ae:44:30:71:44:75:90:07:ea:58:fa:
33:2c:a5:9c:8d:d6:a4:a7:44:a0:a2:be:47:a3:7d:f7:de:99:
23:a4:79:f8:40:36:03:cf:ca:0b:98:e6:d2:30:e8:0f:c0:b8:
2d:9b:ab:09:42:3f:6f:a3:b7:d2:e3:bd:d6:ef:be:61:b4:b5:
ba:ee:ba:32:8f:d6:f0:d0:f4:be:97:49:44:61:b5:0f:6f:b1:
c6:dc:7d:9d:50:3f:9a:99:31:d3:ad:55:ac:62:dc:05:63:7b:
88:e3:1e:36:79:48:83:5b:57:26:a8:95:73:d3:83:9f:95:4d:
f0:c6:a5:d7:ca:44:d3:16:26:83:54:be:d5:c2:e3:9b:39:96:
72:d1:9f:f0:26:46:80:34:07:fc:90:94:4c:71:c8:3f:a3:67:
34:e3:57:74:1e:b6:47:4b:cc:87:93:af:5d:d4:0a:1d:3b:e3:
21:cf:ab:d5:3f:a1:d5:ff:f4:f7:58:53:09:17:1d:56:c6:7f:
d4:5f:63:71:6b:b9:88:83:99:84:13:50:33:da:88:22:c3:44:
8e:8e:9a:a2:f1:3e:c0:81:3c:11:0e:28:2f:24:55:cb:fc:85:
0b:94:05:0b:bc:ed:e8:08:f7:b2:02:6f:f0:2b:93:17:dd:d4:
2a:1d:dd:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqGfY9SRXwgCrDpl+jcfZJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMjMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDdhNTVjZGNhYmZiMTNkNWYyYzgxZDc1MDMxNWRjMjI5ZDUxYjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArApW3TXSn1nKa3CgNnMUT2KrMbUN
QdafNH3G0eiMc+Jf2RVJSFFEQb1hUD4uLXANsVhEG0NhSVtzFJAH1EJuhkD+xYc5
lMQm7uZ6Ht6cPig+8aV/KAufbghYpF+m5SNV0S51Iff6qKYsobEtTLIt4qCy8cmA
uxWChvzUBeJAZf7S+K4IPt1jOahJu0YjJENd3jFr35MoJrz9tqsz5mEEwexJpqLZ
fwnp1A6qoJef+ZyKJ/5H3aTdQR9X62UT/WpidCKBpP9r2tyPfbuUhA5RDztCmwiQ
lH5iqLwW7ROZjrgMH8Ju2JHDlsKVMaInA+zbb5ZooH770ORwCdQskHomOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDB6Vc3Kv7E9XyyB11AxXcIp1RtkMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTUhwVnpjcV9zVDFmTElIWFVERmR3aW5WRzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIiEVBBTa3uuRDBxRHWQ
B+pY+jMspZyN1qSnRKCivkejfffemSOkefhANgPPyguY5tIw6A/AuC2bqwlCP2+j
t9LjvdbvvmG0tbruujKP1vDQ9L6XSURhtQ9vscbcfZ1QP5qZMdOtVaxi3AVje4jj
HjZ5SINbVyaolXPTg5+VTfDGpdfKRNMWJoNUvtXC45s5lnLRn/AmRoA0B/yQlExx
yD+jZzTjV3QetkdLzIeTr13UCh074yHPq9U/odX/9PdYUwkXHVbGf9RfY3FruYiD
mYQTUDPaiCLDRI6OmqLxPsCBPBEOKC8kVcv8hQuUBQu87egI97ICb/Arkxfd1Cod
3dw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:42 2025 by rpki-client