Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/N5nq6OryVnjgpFlNRzVrseUboAw.roa
File: N5nq6OryVnjgpFlNRzVrseUboAw.roa (raw, json)
Hash identifier: mHkxvtMX6U+c7qozK23ACukmyVYVr53XdS4T11n834I=
Subject key identifier: 37:99:EA:E8:EA:F2:56:78:E0:A4:59:4D:47:35:6B:B1:E5:1B:A0:0C
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7710DBF25FE3FF45C575595C707AF126
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/N5nq6OryVnjgpFlNRzVrseUboAw.roa
Signing time: Fri 08 Sep 2023 23:11:48 +0000
ROA not before: Fri 08 Sep 2023 23:11:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:77:10:db:f2:5f:e3:ff:45:c5:75:59:5c:70:7a:f1:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 8 23:11:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3799eae8eaf25678e0a4594d47356bb1e51ba00c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f6:cb:dc:b6:d8:53:8a:b8:b2:a8:38:9e:17:
5f:0e:0f:65:b3:b8:c9:61:84:2a:c3:5a:7f:45:17:
6d:1a:97:47:08:17:90:e6:81:6d:92:6f:41:0e:6a:
8f:be:45:df:cd:da:4f:e2:eb:ec:51:74:ac:9e:02:
9f:ca:b4:a5:49:f9:98:f6:e9:e9:a0:68:e2:ca:c0:
49:f9:77:44:84:24:43:e1:fa:c2:f8:ad:de:a7:3f:
b7:12:e0:1e:2b:4a:4c:80:91:38:31:b2:b6:4e:fa:
86:09:00:4a:11:51:ac:52:da:60:dd:35:cb:ac:32:
3d:fd:39:2d:34:d8:4b:81:85:9f:0c:5e:62:35:46:
e6:18:af:69:ce:ea:f7:22:73:0b:bb:bd:b4:cd:17:
27:3e:35:ee:e9:df:68:f8:fc:ad:d2:e2:1b:54:ec:
a5:c0:dc:e3:4b:01:5b:3f:4b:f0:cb:8c:da:8e:57:
87:0c:01:aa:e8:0c:77:b9:38:90:10:9e:77:8f:52:
0a:2c:b6:35:2e:e6:34:33:08:1b:08:57:88:ae:40:
d2:05:5a:47:43:64:74:b6:27:a3:0a:a7:ff:01:55:
99:0e:44:8f:f4:8d:9b:fd:77:fc:35:52:e0:b3:80:
ae:7a:21:4a:54:38:c5:3f:81:bb:d7:00:f9:c3:74:
24:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:99:EA:E8:EA:F2:56:78:E0:A4:59:4D:47:35:6B:B1:E5:1B:A0:0C
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/N5nq6OryVnjgpFlNRzVrseUboAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:02:4b:ee:5b:c2:80:75:0c:15:dd:cf:dd:b7:8b:a8:03:9b:
8b:d4:93:42:13:fd:e3:ec:2e:35:a9:d0:65:76:75:20:d0:02:
83:74:9a:de:20:f9:fd:d2:91:db:94:c1:01:04:e0:49:1d:73:
2b:15:04:ef:61:42:a3:19:3a:d7:dc:21:6c:99:7c:25:7e:bb:
7e:b0:68:ba:19:00:69:ef:99:2f:ec:97:78:1b:d2:25:f9:73:
03:2d:69:df:43:54:90:11:82:5d:33:92:6a:82:53:ee:e8:6a:
bf:c2:95:8c:f6:b7:fc:6e:5a:63:95:90:bb:ff:ea:2e:1b:60:
9d:72:fb:e1:12:af:a2:45:69:8a:ee:40:32:38:be:5a:c8:91:
2c:a2:80:6c:1b:6e:a6:3b:e6:10:81:7f:4e:06:c9:e2:83:98:
67:02:3b:8a:40:f5:e7:f8:2c:c0:b2:40:8d:90:37:f2:fd:93:
b6:2b:81:3d:c2:04:0e:e8:e4:b7:af:63:86:f5:bc:c0:e5:ed:
a2:00:96:97:27:74:a7:30:44:94:8e:69:eb:2f:d6:b1:d7:62:
aa:85:a4:07:8a:79:05:db:52:4c:8f:94:10:f7:4e:f4:5a:31:
ee:c6:10:98:2a:e0:2f:b3:30:d4:7a:21:ac:f4:53:78:ad:27:
76:36:30:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp3ENvyX+P/RcV1WVxwevEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA4MjMxMTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzk5ZWFlOGVhZjI1Njc4ZTBhNDU5NGQ0NzM1NmJiMWU1MWJhMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fbL3LbYU4q4sqg4nhdfDg9ls7jJ
YYQqw1p/RRdtGpdHCBeQ5oFtkm9BDmqPvkXfzdpP4uvsUXSsngKfyrSlSfmY9unp
oGjiysBJ+XdEhCRD4frC+K3epz+3EuAeK0pMgJE4MbK2TvqGCQBKEVGsUtpg3TXL
rDI9/TktNNhLgYWfDF5iNUbmGK9pzur3InMLu720zRcnPjXu6d9o+Pyt0uIbVOyl
wNzjSwFbP0vwy4zajleHDAGq6Ax3uTiQEJ53j1IKLLY1LuY0MwgbCFeIrkDSBVpH
Q2R0tiejCqf/AVWZDkSP9I2b/Xf8NVLgs4CueiFKVDjFP4G71wD5w3QkrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDeZ6ujq8lZ44KRZTUc1a7HlG6AMMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTjVucTZPcnlWbmpncEZsTlJ6VnJzZVVib0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHICS+5bwoB1DBXdz923
i6gDm4vUk0IT/ePsLjWp0GV2dSDQAoN0mt4g+f3SkduUwQEE4EkdcysVBO9hQqMZ
OtfcIWyZfCV+u36waLoZAGnvmS/sl3gb0iX5cwMtad9DVJARgl0zkmqCU+7oar/C
lYz2t/xuWmOVkLv/6i4bYJ1y++ESr6JFaYruQDI4vlrIkSyigGwbbqY75hCBf04G
yeKDmGcCO4pA9ef4LMCyQI2QN/L9k7YrgT3CBA7o5LevY4b1vMDl7aIAlpcndKcw
RJSOaesv1rHXYqqFpAeKeQXbUkyPlBD3TvRaMe7GEJgq4C+zMNR6Iaz0U3itJ3Y2
MNE=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:42 2025 by rpki-client