Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/NhFVD7FniPTOcMifCgbAPXHzifw.roa
File: NhFVD7FniPTOcMifCgbAPXHzifw.roa (raw, json)
Hash identifier: SWFBkfQs9Q3bRBdNHQDQJxuWmnW+cY54zCWpd1Qq8k0=
Subject key identifier: 36:11:55:0F:B1:67:88:F4:CE:70:C8:9F:0A:06:C0:3D:71:F3:89:FC
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6E486AFC9F36CFA022719494BAFDE7C1
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/NhFVD7FniPTOcMifCgbAPXHzifw.roa
Signing time: Thu 07 Sep 2023 06:15:54 +0000
ROA not before: Thu 07 Sep 2023 06:15:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6e:48:6a:fc:9f:36:cf:a0:22:71:94:94:ba:fd:e7:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 7 06:15:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3611550fb16788f4ce70c89f0a06c03d71f389fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:f2:c3:7b:dc:a0:a9:23:ab:75:48:07:c2:d5:
a0:4c:8b:ac:ff:cd:57:81:a0:6a:e1:41:e0:d5:76:
2d:d0:3b:2c:72:41:60:6f:f7:71:ad:07:d5:15:7d:
2a:39:7c:33:39:9c:80:00:90:8b:be:a5:ad:13:53:
a5:61:ab:78:0b:36:6c:d3:15:04:5b:f5:7a:6f:57:
82:7e:ab:57:ac:3b:18:af:44:5f:57:c6:a3:f1:23:
3b:69:f0:db:e4:98:43:9e:aa:b5:76:45:e4:da:f4:
40:1c:3f:51:b4:38:6e:50:20:db:86:2a:3c:f9:4e:
3d:a6:55:95:d7:78:15:d2:fb:9a:02:7d:03:f4:5a:
17:5a:f6:56:14:da:0b:3b:79:ca:61:7a:4d:9a:63:
68:20:30:4d:1d:9b:ff:8d:fc:f5:e9:ee:78:5f:0a:
7b:25:9f:03:f4:ab:36:c9:fb:51:c9:03:10:bd:e9:
af:af:2d:4a:68:55:5f:f9:eb:23:9e:56:fc:7d:35:
79:4a:f2:b5:ec:b4:8e:d5:2d:37:7e:0e:57:90:a6:
35:0f:3b:54:9d:43:50:b0:18:76:78:11:ec:9d:c1:
2c:9a:03:2d:c1:f3:de:ba:45:8f:46:55:56:8f:d5:
b9:dc:78:47:9a:51:bf:35:82:63:b4:bc:2b:d2:bc:
46:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:11:55:0F:B1:67:88:F4:CE:70:C8:9F:0A:06:C0:3D:71:F3:89:FC
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/NhFVD7FniPTOcMifCgbAPXHzifw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:54:b7:60:6b:c5:0b:7b:53:2d:ab:2c:72:56:33:92:67:80:
d6:2b:c5:c4:6a:33:92:9b:c2:16:bb:e3:cb:2a:03:a4:93:61:
9b:60:33:8e:e2:b9:06:62:40:43:26:16:af:a5:c2:a0:73:b4:
a3:74:06:1c:8b:02:79:3f:6c:3a:b8:03:89:a3:e0:51:18:cf:
1a:c0:90:42:1f:07:10:8f:64:d4:8f:28:52:7e:e4:39:cf:18:
df:c1:88:52:c2:e0:48:bf:0e:80:ae:5d:9e:bc:62:1f:c9:02:
42:04:38:1a:32:48:f3:49:41:18:4c:65:26:0a:db:dd:33:1f:
cb:5b:0b:5c:d2:78:96:76:f0:4a:01:99:14:82:d4:73:34:84:
52:14:47:57:dd:b8:2e:d1:e6:63:6d:95:66:5f:0b:48:bd:2d:
32:5f:7f:e8:25:56:72:72:d3:8b:d6:ba:0f:17:1f:08:92:e0:
1d:38:d6:f1:a6:b2:ed:ae:8e:58:c7:95:10:c8:c8:9f:aa:19:
02:12:62:3a:52:f9:ef:df:28:70:a6:c7:93:40:14:5e:44:9d:
68:b8:36:91:14:cd:92:c6:8f:f1:e7:38:f6:ef:18:38:76:49:
ba:4c:5d:5e:b1:a0:29:c9:8a:99:8c:70:17:75:b8:9c:c2:48:
25:a3:58:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpuSGr8nzbPoCJxlJS6/efBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA3MDYxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjExNTUwZmIxNjc4OGY0Y2U3MGM4OWYwYTA2YzAzZDcxZjM4OWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vLDe9ygqSOrdUgHwtWgTIus/81X
gaBq4UHg1XYt0DssckFgb/dxrQfVFX0qOXwzOZyAAJCLvqWtE1OlYat4CzZs0xUE
W/V6b1eCfqtXrDsYr0RfV8aj8SM7afDb5JhDnqq1dkXk2vRAHD9RtDhuUCDbhio8
+U49plWV13gV0vuaAn0D9FoXWvZWFNoLO3nKYXpNmmNoIDBNHZv/jfz16e54Xwp7
JZ8D9Ks2yftRyQMQvemvry1KaFVf+esjnlb8fTV5SvK17LSO1S03fg5XkKY1DztU
nUNQsBh2eBHsncEsmgMtwfPeukWPRlVWj9W53HhHmlG/NYJjtLwr0rxGlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDYRVQ+xZ4j0znDInwoGwD1x84n8MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTmhGVkQ3Rm5pUFRPY01pZkNnYkFQWEh6aWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABVUt2BrxQt7Uy2rLHJW
M5JngNYrxcRqM5Kbwha748sqA6STYZtgM47iuQZiQEMmFq+lwqBztKN0BhyLAnk/
bDq4A4mj4FEYzxrAkEIfBxCPZNSPKFJ+5DnPGN/BiFLC4Ei/DoCuXZ68Yh/JAkIE
OBoySPNJQRhMZSYK290zH8tbC1zSeJZ28EoBmRSC1HM0hFIUR1fduC7R5mNtlWZf
C0i9LTJff+glVnJy04vWug8XHwiS4B041vGmsu2ujljHlRDIyJ+qGQISYjpS+e/f
KHCmx5NAFF5EnWi4NpEUzZLGj/HnOPbvGDh2SbpMXV6xoCnJipmMcBd1uJzCSCWj
WJQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:53:48 2025 by rpki-client