Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/NJUyQ-bhdJkhNiu_vpgVhU0YWIY.roa
File: NJUyQ-bhdJkhNiu_vpgVhU0YWIY.roa (raw, json)
Hash identifier: GFDI+ZuxKWWg6mTAVzfCqBKNmpuVgWvYhPQlgpUfn+Q=
Subject key identifier: 34:95:32:43:E6:E1:74:99:21:36:2B:BF:BE:98:15:85:4D:18:58:86
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4FD21CCE1BB64DEDD53327D015F0E1A5
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/NJUyQ-bhdJkhNiu_vpgVhU0YWIY.roa
Signing time: Fri 01 Sep 2023 08:18:04 +0000
ROA not before: Fri 01 Sep 2023 08:18:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:d2:1c:ce:1b:b6:4d:ed:d5:33:27:d0:15:f0:e1:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 08:18:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34953243e6e1749921362bbfbe9815854d185886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1c:4d:f9:b6:7b:bd:87:84:44:9c:f9:ed:95:
2e:6d:cd:3a:56:c1:cd:86:01:51:b5:f4:c2:cc:1c:
85:5a:77:f5:30:ef:42:e3:ec:51:aa:ed:13:22:61:
8f:38:ee:b6:5c:1f:49:9a:13:fb:19:9a:6c:f8:a7:
a3:cd:fa:9b:c1:a8:5e:62:26:cb:be:fd:34:dc:de:
b1:50:49:16:92:3c:d2:0d:23:25:27:f1:a7:bc:1b:
51:93:44:22:92:36:d5:a4:5b:5e:66:a7:37:7f:1e:
ce:5c:94:6f:d5:3f:76:81:1e:6f:cf:f9:ad:7d:d7:
10:1f:b2:cd:3e:6a:9f:6f:ba:08:5a:db:89:0a:b1:
65:68:f9:20:55:dd:e3:c4:44:d8:11:d3:cb:13:10:
33:bb:56:9e:90:3c:e3:79:eb:4e:ad:68:29:e6:f0:
a9:55:1b:df:b1:32:fc:d1:99:9c:80:64:35:f2:5e:
19:37:1b:92:cb:e8:e3:bf:64:38:f2:0d:be:ef:fa:
67:9f:78:b9:11:2a:f0:16:cd:23:c7:f1:ef:cc:15:
9b:b5:a9:42:18:74:e6:e0:62:be:5a:14:c3:41:d0:
22:30:2a:b9:bc:21:7b:38:c0:b1:b1:d7:e7:1b:bd:
94:4c:19:0e:ee:c9:f4:4a:e2:fc:98:6f:a2:71:14:
cf:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:95:32:43:E6:E1:74:99:21:36:2B:BF:BE:98:15:85:4D:18:58:86
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/NJUyQ-bhdJkhNiu_vpgVhU0YWIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:24:93:3e:f9:2b:27:2b:fa:f1:36:25:3b:d9:4d:a4:e1:ea:
ba:fd:85:2d:cf:88:8d:74:36:36:64:6a:18:54:5c:7c:fa:f8:
57:c4:11:f3:ff:0d:03:49:bf:b4:4e:7b:66:0e:99:cc:d0:b5:
06:b0:a9:95:83:f1:ca:f7:d2:56:3a:1f:8a:a0:b0:b9:58:70:
92:0c:09:2f:9f:2f:2b:e0:27:8b:ee:fc:8e:d9:08:13:9b:63:
b2:98:4e:41:1d:ab:05:4a:b9:90:08:49:f3:19:e1:21:15:ae:
69:a4:f9:8e:7d:1a:08:e3:d9:ae:f0:5f:2a:33:55:c6:88:ac:
1a:df:6b:bd:a5:3f:f2:7d:aa:65:cd:2c:f6:07:43:2d:5c:22:
2c:48:14:1a:1d:f7:e8:83:e1:99:4c:47:e3:af:37:8e:a3:21:
43:72:4e:16:d6:be:dd:f2:5c:10:32:ce:89:09:45:41:74:73:
70:cf:86:bf:82:91:f8:66:15:af:fc:14:fa:91:6e:1b:ed:b4:
61:17:32:60:d8:ef:17:f3:05:de:fc:e5:0b:56:f5:65:f5:63:
51:2d:4b:4f:72:d2:5c:8c:47:8a:66:ad:01:65:a3:e9:d0:32:
b9:16:6d:10:40:b0:3b:ed:7c:36:5d:90:4a:18:33:87:08:f3:
67:ef:28:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpP0hzOG7ZN7dUzJ9AV8OGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMDgxODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDk1MzI0M2U2ZTE3NDk5MjEzNjJiYmZiZTk4MTU4NTRkMTg1ODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRxN+bZ7vYeERJz57ZUubc06VsHN
hgFRtfTCzByFWnf1MO9C4+xRqu0TImGPOO62XB9JmhP7GZps+KejzfqbwaheYibL
vv003N6xUEkWkjzSDSMlJ/GnvBtRk0QikjbVpFteZqc3fx7OXJRv1T92gR5vz/mt
fdcQH7LNPmqfb7oIWtuJCrFlaPkgVd3jxETYEdPLExAzu1aekDzjeetOrWgp5vCp
VRvfsTL80ZmcgGQ18l4ZNxuSy+jjv2Q48g2+7/pnn3i5ESrwFs0jx/HvzBWbtalC
GHTm4GK+WhTDQdAiMCq5vCF7OMCxsdfnG72UTBkO7sn0SuL8mG+icRTPgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDSVMkPm4XSZITYrv76YFYVNGFiGMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTkpVeVEtYmhkSmtoTml1X3ZwZ1ZoVTBZV0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH0kkz75Kycr+vE2JTvZ
TaTh6rr9hS3PiI10NjZkahhUXHz6+FfEEfP/DQNJv7ROe2YOmczQtQawqZWD8cr3
0lY6H4qgsLlYcJIMCS+fLyvgJ4vu/I7ZCBObY7KYTkEdqwVKuZAISfMZ4SEVrmmk
+Y59Ggjj2a7wXyozVcaIrBrfa72lP/J9qmXNLPYHQy1cIixIFBod9+iD4ZlMR+Ov
N46jIUNyThbWvt3yXBAyzokJRUF0c3DPhr+CkfhmFa/8FPqRbhvttGEXMmDY7xfz
Bd785QtW9WX1Y1EtS09y0lyMR4pmrQFlo+nQMrkWbRBAsDvtfDZdkEoYM4cI82fv
KGY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:44 2025 by rpki-client