Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/O8cxZnDL8Jx0cXTfwM0QXnObEYc.roa
File: O8cxZnDL8Jx0cXTfwM0QXnObEYc.roa (raw, json)
Hash identifier: E2s0fGCtWopfxnWvZuhmAdPKXzclXAIqJvHih382OsQ=
Subject key identifier: 3B:C7:31:66:70:CB:F0:9C:74:71:74:DF:C0:CD:10:5E:73:9B:11:87
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7F7116498289783E6D661E86D4E77A33
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/O8cxZnDL8Jx0cXTfwM0QXnObEYc.roa
Signing time: Sun 10 Sep 2023 14:13:52 +0000
ROA not before: Sun 10 Sep 2023 14:13:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7f:71:16:49:82:89:78:3e:6d:66:1e:86:d4:e7:7a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 10 14:13:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bc7316670cbf09c747174dfc0cd105e739b1187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9a:e0:38:94:b9:4c:da:d8:eb:42:4e:f8:2a:
78:f3:ec:a7:fd:f6:e8:29:f0:9f:5c:0f:fd:3d:9d:
3b:1b:23:f4:39:b1:b6:b1:87:c7:72:66:30:c8:1d:
05:e5:af:c2:fa:82:2f:4c:25:1a:f8:eb:65:e2:f7:
41:80:ce:b1:9a:13:71:45:00:85:71:a2:c8:9a:5a:
4f:fd:20:a0:ce:13:3c:de:ab:ab:8c:2e:3d:40:07:
22:3e:f1:1f:67:b3:90:11:80:d0:cf:b0:42:6e:dd:
b4:cb:e9:e1:f1:66:f6:6e:b6:6f:fe:3a:be:7b:86:
48:5d:e2:00:f8:3f:ee:b6:12:a3:d7:6a:bb:ff:5c:
7b:7f:fe:b4:05:cb:b2:ce:69:d3:cf:c4:6a:6c:9a:
39:21:79:e5:20:ac:18:8f:05:67:56:99:1d:05:be:
66:38:19:53:c9:6f:8c:3f:c4:e1:f7:f7:aa:84:77:
6a:5a:dc:30:0e:3c:22:3e:41:ce:8c:b6:56:84:d6:
83:f8:bd:11:c4:c4:42:36:1f:0e:60:e4:ad:d1:9a:
26:4e:70:c1:8e:42:f9:04:8d:6e:60:c7:f4:55:fb:
c8:c5:bc:b3:80:76:19:b1:1e:96:7a:2d:ba:d3:b1:
e9:0f:3f:83:81:f0:54:cf:19:8d:06:6e:1b:12:2e:
ef:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C7:31:66:70:CB:F0:9C:74:71:74:DF:C0:CD:10:5E:73:9B:11:87
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/O8cxZnDL8Jx0cXTfwM0QXnObEYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:79:d0:fc:85:31:09:aa:2f:1a:22:81:ae:ad:31:be:1a:93:
62:f0:51:d3:80:9a:8c:0c:a0:76:aa:07:05:8d:2e:1e:a6:e7:
85:1b:8d:45:81:24:86:36:1a:65:b1:96:b8:74:c8:14:d0:36:
20:c4:4c:ec:10:d0:46:4b:2c:83:e8:e9:f5:ab:cf:56:ac:c3:
22:12:dc:b6:73:97:eb:47:c0:d7:06:35:0d:a4:35:c3:bb:bd:
57:72:d7:37:81:09:49:0f:4f:b7:df:cb:96:36:35:3f:50:bd:
47:10:85:69:ab:76:37:89:24:a8:76:13:cd:19:fd:6a:f7:6f:
07:b1:af:22:49:3c:f0:79:ec:fa:7c:d7:59:61:21:62:11:20:
57:d5:92:fd:1e:64:3a:9c:67:78:f0:aa:9a:1b:c6:55:07:86:
5f:8a:5f:66:b3:95:84:7b:69:ce:6c:03:ce:ca:62:88:8e:d3:
61:12:49:af:1b:84:87:c7:fd:94:6d:33:4b:06:c6:d1:54:1e:
3e:de:f4:9e:ce:6c:e5:c9:af:ce:7e:e2:15:cd:7a:b3:e3:1a:
43:56:4b:fe:9f:9d:0d:09:38:32:d2:91:cf:35:48:11:db:eb:
b3:5b:2a:c1:8c:f0:c7:aa:e2:52:1f:8c:65:3c:f0:fa:e0:e8:
f2:1f:89:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp/cRZJgol4Pm1mHobU53ozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEwMTQxMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM3MzE2NjcwY2JmMDljNzQ3MTc0ZGZjMGNkMTA1ZTczOWIxMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZrgOJS5TNrY60JO+Cp48+yn/fbo
KfCfXA/9PZ07GyP0ObG2sYfHcmYwyB0F5a/C+oIvTCUa+Otl4vdBgM6xmhNxRQCF
caLImlpP/SCgzhM83qurjC49QAciPvEfZ7OQEYDQz7BCbt20y+nh8Wb2brZv/jq+
e4ZIXeIA+D/uthKj12q7/1x7f/60BcuyzmnTz8RqbJo5IXnlIKwYjwVnVpkdBb5m
OBlTyW+MP8Th9/eqhHdqWtwwDjwiPkHOjLZWhNaD+L0RxMRCNh8OYOSt0ZomTnDB
jkL5BI1uYMf0VfvIxbyzgHYZsR6Wei2607HpDz+DgfBUzxmNBm4bEi7vRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDvHMWZwy/CcdHF038DNEF5zmxGHMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTzhjeFpuREw4SngwY1hUZndNMFFYbk9iRVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGN50PyFMQmqLxoiga6t
Mb4ak2LwUdOAmowMoHaqBwWNLh6m54UbjUWBJIY2GmWxlrh0yBTQNiDETOwQ0EZL
LIPo6fWrz1aswyIS3LZzl+tHwNcGNQ2kNcO7vVdy1zeBCUkPT7ffy5Y2NT9QvUcQ
hWmrdjeJJKh2E80Z/Wr3bwexryJJPPB57Pp811lhIWIRIFfVkv0eZDqcZ3jwqpob
xlUHhl+KX2azlYR7ac5sA87KYoiO02ESSa8bhIfH/ZRtM0sGxtFUHj7e9J7ObOXJ
r85+4hXNerPjGkNWS/6fnQ0JODLSkc81SBHb67NbKsGM8Meq4lIfjGU88Prg6PIf
iXg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:19 2025 by rpki-client