Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/PfXuVQP-16CI2T6J8S1u5oSi1os.roa
File: PfXuVQP-16CI2T6J8S1u5oSi1os.roa (raw, json)
Hash identifier: 7vg8uyg2oXvWQdDkJ3Hq4JmBSG2U78hI0jxm03MSwwM=
Subject key identifier: 3D:F5:EE:55:03:FE:D7:A0:88:D9:3E:89:F1:2D:6E:E6:84:A2:D6:8B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA4C63E6FC30FD381EF59904D8F217D6F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/PfXuVQP-16CI2T6J8S1u5oSi1os.roa
Signing time: Sun 17 Sep 2023 20:12:50 +0000
ROA not before: Sun 17 Sep 2023 20:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a4:c6:3e:6f:c3:0f:d3:81:ef:59:90:4d:8f:21:7d:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 20:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3df5ee5503fed7a088d93e89f12d6ee684a2d68b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0e:e0:31:c6:ec:b4:c8:db:e0:a4:46:f8:9b:
b8:78:7a:61:fc:1f:de:d6:e2:4f:0e:2a:46:52:ae:
6a:f3:27:00:2f:83:7c:5a:4e:fb:0a:f5:3f:47:1f:
7f:d8:cc:ec:85:5b:bc:06:76:ac:89:e9:e9:c0:2b:
d9:99:82:47:d3:11:f8:db:d9:2d:bf:9e:5b:18:6e:
9b:b9:23:4f:b3:02:cb:0f:81:fa:44:7b:38:7e:c2:
31:a5:9e:49:07:7a:84:62:36:50:d4:ae:c7:be:9d:
be:1e:ab:91:21:0c:e3:81:4f:9b:a9:3c:4b:f0:6b:
f9:92:82:c2:29:10:c1:ac:1b:10:b5:74:e5:90:50:
8a:62:0e:c2:da:db:8a:eb:28:1f:fb:28:51:0e:3a:
f8:ee:50:b0:5b:ff:6f:74:29:d7:f2:15:12:3a:c5:
52:d6:37:66:d6:38:03:d9:71:a4:d0:64:41:c5:96:
88:75:ed:af:9e:93:23:56:7c:de:b2:cd:4f:30:c0:
47:a1:ab:65:04:5b:0c:cc:61:1a:3c:71:34:f7:55:
24:dd:fa:dd:5b:c3:e8:3c:80:d7:f9:e6:bf:0c:00:
8c:f9:24:ce:f8:40:f2:06:ba:85:34:5e:0b:22:9a:
d9:e2:96:0c:a2:a8:bc:b4:de:f1:7c:1e:62:48:ea:
1b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F5:EE:55:03:FE:D7:A0:88:D9:3E:89:F1:2D:6E:E6:84:A2:D6:8B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/PfXuVQP-16CI2T6J8S1u5oSi1os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:b6:13:8b:79:c9:1c:fe:9b:8c:a2:76:13:4e:80:72:3a:fa:
ed:fb:4a:96:e3:ef:6b:e1:66:04:38:8a:25:75:65:b8:0f:b9:
06:aa:b6:6d:71:c2:55:24:a3:f3:58:17:63:09:41:99:1e:4a:
9a:63:d8:fd:7a:ab:5b:bd:d3:01:2e:b3:46:ab:7d:4d:27:06:
a5:da:16:1b:cd:00:a1:7b:16:eb:14:19:1b:1b:52:e6:56:5e:
73:9a:cf:42:3f:7e:fc:b9:12:7f:02:0c:bf:27:54:bf:63:84:
68:06:8c:37:ef:0f:5e:dd:cb:bf:e6:71:f3:99:aa:0f:a0:16:
56:20:70:20:26:7b:02:2c:72:6e:d3:57:5d:f4:03:e6:cd:5f:
e2:94:a6:5d:64:d2:e9:79:6a:1c:c6:fd:a7:57:e8:7c:8c:2a:
94:6e:8d:5a:fb:74:48:49:be:97:bc:39:84:35:5c:7f:ce:c3:
20:d5:4f:85:e5:76:b9:3f:ff:08:76:2a:78:d7:bb:8c:cf:15:
8b:6b:ca:a8:cb:43:f3:81:1b:be:ea:12:22:52:ed:f3:58:5d:
a9:d4:ba:d5:b4:39:95:ee:68:a3:12:8b:ab:96:a1:3b:a4:64:
be:a7:df:cf:d1:09:c1:fd:3f:88:87:a0:dd:ff:49:dc:c7:d6:
86:97:10:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqkxj5vww/Tge9ZkE2PIX1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MjAxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGY1ZWU1NTAzZmVkN2EwODhkOTNlODlmMTJkNmVlNjg0YTJkNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw7gMcbstMjb4KRG+Ju4eHph/B/e
1uJPDipGUq5q8ycAL4N8Wk77CvU/Rx9/2MzshVu8BnasienpwCvZmYJH0xH429kt
v55bGG6buSNPswLLD4H6RHs4fsIxpZ5JB3qEYjZQ1K7Hvp2+HquRIQzjgU+bqTxL
8Gv5koLCKRDBrBsQtXTlkFCKYg7C2tuK6ygf+yhRDjr47lCwW/9vdCnX8hUSOsVS
1jdm1jgD2XGk0GRBxZaIde2vnpMjVnzess1PMMBHoatlBFsMzGEaPHE091Uk3frd
W8PoPIDX+ea/DACM+STO+EDyBrqFNF4LIprZ4pYMoqi8tN7xfB5iSOobqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD317lUD/tegiNk+ifEtbuaEotaLMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvUGZYdVZRUC0xNkNJMlQ2SjhTMXU1b1NpMW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADq2E4t5yRz+m4yidhNO
gHI6+u37Spbj72vhZgQ4iiV1ZbgPuQaqtm1xwlUko/NYF2MJQZkeSppj2P16q1u9
0wEus0arfU0nBqXaFhvNAKF7FusUGRsbUuZWXnOaz0I/fvy5En8CDL8nVL9jhGgG
jDfvD17dy7/mcfOZqg+gFlYgcCAmewIscm7TV130A+bNX+KUpl1k0ul5ahzG/adX
6HyMKpRujVr7dEhJvpe8OYQ1XH/OwyDVT4Xldrk//wh2KnjXu4zPFYtryqjLQ/OB
G77qEiJS7fNYXanUutW0OZXuaKMSi6uWoTukZL6n38/RCcH9P4iHoN3/SdzH1oaX
EEU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:35 2025 by rpki-client