Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/O5EPqjxjLUFVbKUcQvwQ7FAXM7I.roa
File: O5EPqjxjLUFVbKUcQvwQ7FAXM7I.roa (raw, json)
Hash identifier: 5yZ3VkFQ/jm2xv6iiguUSF2vItngHxe32NGztda2BLg=
Subject key identifier: 3B:91:0F:AA:3C:63:2D:41:55:6C:A5:1C:42:FC:10:EC:50:17:33:B2
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A657A4AD50F9D5343097C35F0045C8749
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/O5EPqjxjLUFVbKUcQvwQ7FAXM7I.roa
Signing time: Tue 05 Sep 2023 13:13:47 +0000
ROA not before: Tue 05 Sep 2023 13:13:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:7a:4a:d5:0f:9d:53:43:09:7c:35:f0:04:5c:87:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 13:13:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b910faa3c632d41556ca51c42fc10ec501733b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fc:41:08:ed:df:00:1a:f5:4f:66:f2:bb:6b:
c4:e5:a7:16:ca:3a:16:43:11:21:ed:bb:44:1c:76:
55:cb:e1:33:d0:c8:e5:87:64:8a:1e:7d:6b:18:68:
ca:42:39:7f:34:7f:5d:87:0c:58:45:c5:ef:49:92:
f5:38:94:35:84:7f:24:97:58:6a:e9:21:77:b2:cd:
ff:aa:f7:ba:a8:20:2d:e3:e5:e6:44:f9:2f:c2:1b:
bb:1a:e8:26:3d:ad:a3:e1:ff:85:89:81:17:76:b7:
42:f0:6a:9b:a3:2a:57:d1:14:9e:95:f6:9d:28:c9:
e5:43:d8:c1:33:c3:70:68:e9:af:85:9c:3d:58:b1:
44:c8:de:74:9b:a9:48:71:4d:ad:d7:73:0a:ce:c2:
35:b6:d9:66:17:89:33:34:2a:27:f7:f9:e2:dd:ee:
b8:8f:69:ff:67:89:90:6d:df:ee:7e:bf:ef:53:c7:
8f:69:13:5d:28:5d:e5:ba:a3:9e:5e:6e:d2:eb:f1:
92:7f:08:a7:15:28:45:73:db:20:fd:60:ee:ad:6b:
d0:72:b0:d3:06:55:02:19:65:df:ca:6f:c1:07:81:
59:bf:36:8c:6b:63:19:b3:5f:92:24:ba:ac:27:6e:
31:04:f6:3e:55:86:7a:fd:fd:97:d3:73:25:96:f2:
2d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:91:0F:AA:3C:63:2D:41:55:6C:A5:1C:42:FC:10:EC:50:17:33:B2
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/O5EPqjxjLUFVbKUcQvwQ7FAXM7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:c0:5b:41:c8:0a:d0:d9:96:ae:68:97:d4:e8:e4:51:06:1d:
1e:7c:4c:27:21:58:3e:a7:28:6d:16:59:25:7b:00:83:08:75:
4e:6b:7e:c1:c2:38:4c:91:98:c5:e2:4d:76:eb:ef:d7:a4:39:
4c:3f:84:d5:d1:5c:c0:55:03:09:65:76:15:8e:d8:3e:49:91:
37:9e:12:a3:d5:5e:81:f2:70:9d:63:2d:ba:0d:0c:ef:44:4e:
95:ab:7b:5a:2f:b2:83:63:b4:54:e5:07:dd:b6:a0:89:9c:0f:
9a:f2:5e:17:ec:20:0b:63:eb:73:15:f8:d6:fa:5f:84:f3:8c:
86:20:7b:1d:16:6d:a5:09:7c:2c:8f:f4:08:a9:b9:39:a4:11:
82:26:c2:be:33:0f:44:e4:0b:d7:e3:70:ba:24:44:5d:eb:72:
cf:94:cb:59:56:64:92:70:7f:4c:80:c7:2b:bc:cd:cd:c0:48:
ac:06:a1:2f:ab:a7:b5:86:59:d4:28:23:e4:30:ae:61:74:da:
67:77:18:ce:3d:ff:64:fa:be:d2:34:83:31:4b:70:5a:ac:a0:
1f:29:15:66:df:74:e3:b9:c8:4d:2c:12:9f:a7:f3:85:47:2e:
66:b8:fc:10:19:6c:65:7d:28:db:53:e5:1c:b9:5d:5a:eb:53:
d7:c1:ef:7d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYplekrVD51TQwl8NfAEXIdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MTMxMzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjkxMGZhYTNjNjMyZDQxNTU2Y2E1MWM0MmZjMTBlYzUwMTczM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/xBCO3fABr1T2byu2vE5acWyjoW
QxEh7btEHHZVy+Ez0Mjlh2SKHn1rGGjKQjl/NH9dhwxYRcXvSZL1OJQ1hH8kl1hq
6SF3ss3/qve6qCAt4+XmRPkvwhu7GugmPa2j4f+FiYEXdrdC8GqboypX0RSelfad
KMnlQ9jBM8NwaOmvhZw9WLFEyN50m6lIcU2t13MKzsI1ttlmF4kzNCon9/ni3e64
j2n/Z4mQbd/ufr/vU8ePaRNdKF3luqOeXm7S6/GSfwinFShFc9sg/WDurWvQcrDT
BlUCGWXfym/BB4FZvzaMa2MZs1+SJLqsJ24xBPY+VYZ6/f2X03MllvIt6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDuRD6o8Yy1BVWylHEL8EOxQFzOyMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTzVFUHFqeGpMVUZWYktVY1F2d1E3RkFYTTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFzAW0HICtDZlq5ol9To
5FEGHR58TCchWD6nKG0WWSV7AIMIdU5rfsHCOEyRmMXiTXbr79ekOUw/hNXRXMBV
AwlldhWO2D5JkTeeEqPVXoHycJ1jLboNDO9ETpWre1ovsoNjtFTlB922oImcD5ry
XhfsIAtj63MV+Nb6X4TzjIYgex0WbaUJfCyP9AipuTmkEYImwr4zD0TkC9fjcLok
RF3rcs+Uy1lWZJJwf0yAxyu8zc3ASKwGoS+rp7WGWdQoI+QwrmF02md3GM49/2T6
vtI0gzFLcFqsoB8pFWbfdOO5yE0sEp+n84VHLma4/BAZbGV9KNtT5Ry5XVrrU9fB
730=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:31 2025 by rpki-client