Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/QlUzYUNrpWQgnNkG2HGIN97snck.roa
File: QlUzYUNrpWQgnNkG2HGIN97snck.roa (raw, json)
Hash identifier: fCJDioi2IAA3ilYx12tVnJ7LM44uzDwAQCVxJm08G6k=
Subject key identifier: 42:55:33:61:43:6B:A5:64:20:9C:D9:06:D8:71:88:37:DE:EC:9D:C9
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8505470CA84A7EF1DE31B749E21999FF
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/QlUzYUNrpWQgnNkG2HGIN97snck.roa
Signing time: Mon 11 Sep 2023 16:13:50 +0000
ROA not before: Mon 11 Sep 2023 16:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:85:05:47:0c:a8:4a:7e:f1:de:31:b7:49:e2:19:99:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 16:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42553361436ba564209cd906d8718837deec9dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7d:c5:a9:e6:59:b2:37:48:dd:ad:b8:6c:2c:
8d:d7:56:92:22:1e:dc:9e:4c:30:4e:a2:6c:3f:bc:
fe:34:20:0e:fa:dc:6f:92:5c:f2:89:7d:33:95:56:
67:6a:f5:41:c5:e4:c9:c2:e5:f6:7a:ac:49:64:00:
ac:40:a9:6f:48:71:a6:06:c9:d3:99:68:e5:25:0f:
74:d4:94:bf:85:67:cf:22:67:00:7c:88:36:cd:07:
66:3f:66:0c:43:70:e3:95:3c:b0:c3:6b:d9:97:23:
69:48:cc:24:61:9d:9f:09:40:80:fc:85:6c:ee:4f:
3d:7f:92:83:fb:53:47:02:d3:a9:83:8b:52:86:be:
58:ef:91:dc:fc:cf:71:12:ad:9a:f1:f5:63:3e:66:
5a:11:1a:98:88:ff:f0:3e:27:92:14:af:19:08:2b:
88:e6:71:ad:95:07:b8:43:ff:c8:86:eb:e7:5d:da:
7e:11:16:5c:3f:da:3a:6f:67:18:f5:b0:e9:b3:19:
cd:44:a1:ce:ca:50:b6:0b:c4:a8:88:1f:fc:45:3c:
1c:11:bb:8e:27:f2:4e:a8:78:a8:62:ac:a8:5d:2f:
ed:87:ea:00:30:73:58:12:aa:19:d4:91:22:c1:7f:
f6:1e:f6:b5:2c:83:44:4e:59:7d:8a:d7:60:1e:76:
11:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:55:33:61:43:6B:A5:64:20:9C:D9:06:D8:71:88:37:DE:EC:9D:C9
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/QlUzYUNrpWQgnNkG2HGIN97snck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:c1:5d:7b:a6:b1:c1:fc:60:e5:1f:3a:7a:3c:00:5a:40:f2:
5b:80:13:c4:6b:aa:f3:08:26:49:18:72:37:22:b5:ba:d3:ba:
13:e1:b5:f1:10:e2:0a:e7:a7:6a:69:46:de:bb:be:08:96:70:
9a:ee:b2:91:df:17:ad:3a:45:1f:48:28:f7:7f:b6:2e:13:0e:
be:cf:63:41:be:35:ee:bb:a0:9e:82:a1:54:a5:a9:2e:f7:03:
17:6f:7a:b6:ad:cb:22:e5:d9:b6:55:e0:94:83:8b:f9:1f:c4:
8f:f3:82:24:e6:ae:e7:08:80:95:cc:46:de:f3:9f:69:d1:eb:
34:bc:4a:71:08:b5:6d:9e:39:47:b2:3a:75:65:2e:18:07:81:
09:14:10:43:16:72:09:3b:8a:fa:6a:6f:6f:b6:f9:f3:f4:04:
67:9b:39:75:97:72:23:2e:d2:e2:81:7c:e9:d0:c5:6a:69:1f:
08:4e:72:6d:24:80:e9:3f:29:6d:d6:aa:15:29:13:56:bf:f8:
42:e2:a1:b5:d7:14:af:d0:d6:ba:0f:d6:7f:17:e0:58:1f:98:
78:64:da:f2:41:c3:6c:8e:0d:f9:37:2f:18:8f:f9:0d:1b:e3:
47:b4:5a:f9:16:3d:8b:f2:18:bc:af:1a:89:bb:a8:ab:4e:c5:
91:f8:55:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqFBUcMqEp+8d4xt0niGZn/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMTYxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjU1MzM2MTQzNmJhNTY0MjA5Y2Q5MDZkODcxODgzN2RlZWM5ZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX3FqeZZsjdI3a24bCyN11aSIh7c
nkwwTqJsP7z+NCAO+txvklzyiX0zlVZnavVBxeTJwuX2eqxJZACsQKlvSHGmBsnT
mWjlJQ901JS/hWfPImcAfIg2zQdmP2YMQ3DjlTyww2vZlyNpSMwkYZ2fCUCA/IVs
7k89f5KD+1NHAtOpg4tShr5Y75Hc/M9xEq2a8fVjPmZaERqYiP/wPieSFK8ZCCuI
5nGtlQe4Q//IhuvnXdp+ERZcP9o6b2cY9bDpsxnNRKHOylC2C8SoiB/8RTwcEbuO
J/JOqHioYqyoXS/th+oAMHNYEqoZ1JEiwX/2Hva1LINETll9itdgHnYRBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEJVM2FDa6VkIJzZBthxiDfe7J3JMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvUWxVellVTnJwV1Fnbk5rRzJIR0lOOTdzbmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC/BXXumscH8YOUfOno8
AFpA8luAE8RrqvMIJkkYcjcitbrTuhPhtfEQ4grnp2ppRt67vgiWcJruspHfF606
RR9IKPd/ti4TDr7PY0G+Ne67oJ6CoVSlqS73AxdveratyyLl2bZV4JSDi/kfxI/z
giTmrucIgJXMRt7zn2nR6zS8SnEItW2eOUeyOnVlLhgHgQkUEEMWcgk7ivpqb2+2
+fP0BGebOXWXciMu0uKBfOnQxWppHwhOcm0kgOk/KW3WqhUpE1a/+ELiobXXFK/Q
1roP1n8X4FgfmHhk2vJBw2yODfk3LxiP+Q0b40e0WvkWPYvyGLyvGom7qKtOxZH4
VU4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:37 2025 by rpki-client