Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/NvIHhV7d81QRTGM8TqMjNzBuuB0.roa
File: NvIHhV7d81QRTGM8TqMjNzBuuB0.roa (raw, json)
Hash identifier: uIt3i/KriIFZqDSK3IL3TxvELcJdwu3dKcI3hcqS3Lg=
Subject key identifier: 36:F2:07:85:5E:DD:F3:54:11:4C:63:3C:4E:A3:23:37:30:6E:B8:1D
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8D5B5EE6BDC050438F1962E0CBCFA5C3
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/NvIHhV7d81QRTGM8TqMjNzBuuB0.roa
Signing time: Wed 13 Sep 2023 07:04:50 +0000
ROA not before: Wed 13 Sep 2023 07:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64:ffff:0:18a:8d5a:e65c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:5b:5e:e6:bd:c0:50:43:8f:19:62:e0:cb:cf:a5:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 07:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36f207855eddf354114c633c4ea32337306eb81d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:db:67:a0:d2:78:fb:fc:16:a9:de:e7:f3:12:
d9:b1:df:0d:19:d5:4f:83:43:b1:a6:3b:78:10:7c:
de:93:7f:c6:2f:50:86:b7:a0:f9:d8:cc:ba:9c:c6:
02:15:64:45:e5:b3:7d:9a:19:4a:ae:6c:2b:c7:49:
64:14:19:af:a5:9e:91:7e:aa:91:b8:58:6a:79:56:
e0:ab:65:ba:41:31:4e:48:c6:bd:d4:6c:d3:b1:da:
65:03:af:eb:d2:1e:ca:3e:ae:e1:a4:09:e9:e9:4f:
a3:87:bf:da:66:96:76:ed:95:39:01:7d:7d:4f:02:
80:55:1b:9e:18:1f:f2:bf:e0:af:d2:00:cb:ad:19:
24:4c:aa:45:6f:9c:d0:18:00:c6:56:77:98:df:0d:
9e:2a:5a:a4:ca:23:af:13:b3:86:38:45:da:3c:45:
57:a5:5c:1a:a5:a4:da:08:e3:86:15:10:b6:e0:29:
13:79:f6:ac:cf:16:e3:ea:7f:89:fd:e7:df:c7:fe:
c0:5e:99:db:fd:3d:62:88:c4:6a:aa:4d:57:dd:25:
d4:eb:71:0d:09:9d:b4:01:46:6c:52:6c:3d:bd:72:
a6:e8:81:07:44:68:be:9f:b6:4c:5a:1b:13:a6:4a:
88:3b:98:1c:4c:3f:b6:22:dc:54:ea:1d:26:c9:43:
4d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F2:07:85:5E:DD:F3:54:11:4C:63:3C:4E:A3:23:37:30:6E:B8:1D
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/NvIHhV7d81QRTGM8TqMjNzBuuB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:2f:50:a1:a5:06:59:e1:dc:06:c7:61:0a:8b:f1:20:ea:5f:
a4:95:99:46:2b:56:b0:b4:cc:74:ab:53:2c:9a:9d:8b:4a:87:
25:58:2b:5d:b8:09:e5:73:90:65:5e:18:75:e4:99:94:35:f8:
fe:0f:ce:45:fc:a8:f9:3d:ae:3c:ec:1d:c8:da:e2:52:74:1c:
a0:4c:85:99:f2:a8:cd:55:ce:16:76:d7:36:4e:aa:18:1e:ca:
c8:38:2c:e6:39:cc:26:fe:f7:22:82:fe:c2:30:9d:6d:bb:4c:
23:12:46:6f:70:80:32:5b:f2:a5:6c:db:e0:f9:ea:9c:81:86:
72:12:42:88:a5:0f:47:43:3a:b0:69:4f:f8:92:5b:7c:41:8a:
c9:72:ed:a9:05:c7:73:8f:e4:c0:2d:0a:9b:46:04:23:78:fe:
a1:64:af:fa:71:06:74:93:8e:56:9a:a7:81:d5:a9:69:cc:31:
0a:99:b4:2f:f5:77:7b:6d:60:55:d6:0b:62:31:78:7f:3b:98:
58:95:36:c9:86:8b:46:76:dd:ab:9d:88:62:72:19:8e:5c:68:
a9:e6:1e:1c:38:51:61:31:4a:71:c2:70:2f:55:1a:66:04:7e:
be:91:2d:4c:3d:1f:ae:83:64:f0:36:63:ec:1f:cb:96:b7:10:
3c:5f:8f:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqNW17mvcBQQ48ZYuDLz6XDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMDcwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmYyMDc4NTVlZGRmMzU0MTE0YzYzM2M0ZWEzMjMzNzMwNmViODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidtnoNJ4+/wWqd7n8xLZsd8NGdVP
g0Oxpjt4EHzek3/GL1CGt6D52My6nMYCFWRF5bN9mhlKrmwrx0lkFBmvpZ6RfqqR
uFhqeVbgq2W6QTFOSMa91GzTsdplA6/r0h7KPq7hpAnp6U+jh7/aZpZ27ZU5AX19
TwKAVRueGB/yv+Cv0gDLrRkkTKpFb5zQGADGVneY3w2eKlqkyiOvE7OGOEXaPEVX
pVwapaTaCOOGFRC24CkTefaszxbj6n+J/effx/7AXpnb/T1iiMRqqk1X3SXU63EN
CZ20AUZsUmw9vXKm6IEHRGi+n7ZMWhsTpkqIO5gcTD+2ItxU6h0myUNNrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDbyB4Ve3fNUEUxjPE6jIzcwbrgdMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTnZJSGhWN2Q4MVFSVEdNOFRxTWpOekJ1dUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE8vUKGlBlnh3AbHYQqL
8SDqX6SVmUYrVrC0zHSrUyyanYtKhyVYK124CeVzkGVeGHXkmZQ1+P4PzkX8qPk9
rjzsHcja4lJ0HKBMhZnyqM1VzhZ21zZOqhgeysg4LOY5zCb+9yKC/sIwnW27TCMS
Rm9wgDJb8qVs2+D56pyBhnISQoilD0dDOrBpT/iSW3xBisly7akFx3OP5MAtCptG
BCN4/qFkr/pxBnSTjlaap4HVqWnMMQqZtC/1d3ttYFXWC2IxeH87mFiVNsmGi0Z2
3audiGJyGY5caKnmHhw4UWExSnHCcC9VGmYEfr6RLUw9H66DZPA2Y+wfy5a3EDxf
j/Q=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:09:21 2025 by rpki-client