Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/RI1ihlqdMNRSwQY18bHxa5vwpFQ.roa
File: RI1ihlqdMNRSwQY18bHxa5vwpFQ.roa (raw, json)
Hash identifier: kpJzIoMrfHkVc+P2cEe+KRElzybqGoCe+qzMQHtNZXQ=
Subject key identifier: 44:8D:62:86:5A:9D:30:D4:52:C1:06:35:F1:B1:F1:6B:9B:F0:A4:54
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A872A980D5080560455E0913E83165B42
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/RI1ihlqdMNRSwQY18bHxa5vwpFQ.roa
Signing time: Tue 12 Sep 2023 02:13:50 +0000
ROA not before: Tue 12 Sep 2023 02:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:87:2a:98:0d:50:80:56:04:55:e0:91:3e:83:16:5b:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 12 02:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=448d62865a9d30d452c10635f1b1f16b9bf0a454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f9:22:bd:ae:85:3c:40:a4:21:ee:f1:bb:a6:
90:b8:c2:7b:21:55:9e:49:7a:6e:42:c7:13:3b:83:
f5:65:83:f9:d4:bd:94:e3:9c:00:66:70:f4:d8:99:
ff:b4:44:f3:8d:ad:44:94:dd:8b:2a:b2:18:19:89:
80:7d:b2:fc:5c:8f:62:75:bd:8d:6d:09:94:56:f7:
71:e6:f1:95:f0:04:21:61:3e:9a:90:99:77:6f:46:
51:fe:3c:a4:64:6b:9b:be:41:85:c1:31:34:95:b4:
ce:25:bd:6e:f3:69:a9:3d:b0:eb:77:cf:93:98:2d:
fd:e9:04:99:8a:2a:68:91:88:f0:78:55:b5:4a:ab:
c6:b9:c8:19:36:67:98:02:56:89:73:78:66:a2:71:
68:3b:c4:6f:a4:da:68:fe:de:35:69:1b:85:ef:d8:
45:87:c2:be:ba:85:b1:63:0f:1d:a3:cc:56:61:77:
55:98:73:51:ad:b2:84:d2:60:05:ad:92:da:53:83:
6b:01:c5:aa:45:80:13:e3:34:b5:53:21:b4:06:81:
a0:28:ba:87:f0:0b:72:cc:84:37:1f:3c:9f:76:66:
81:b1:52:54:9a:a3:ce:fe:a4:44:7b:df:15:99:8f:
99:18:19:ab:18:47:5e:92:7f:a7:70:ac:ea:c9:fa:
97:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:8D:62:86:5A:9D:30:D4:52:C1:06:35:F1:B1:F1:6B:9B:F0:A4:54
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/RI1ihlqdMNRSwQY18bHxa5vwpFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:7b:8d:13:e8:35:31:7f:53:c8:7f:18:29:f6:8a:14:99:14:
1c:48:11:d7:f5:6c:cc:d2:4e:5d:11:39:61:81:05:21:27:a1:
80:7d:c8:b1:ab:18:5f:4f:b8:7d:57:94:13:51:6f:fd:5c:c3:
ce:1c:fa:4a:e5:8e:86:cf:10:a4:a3:a6:5b:35:7c:f4:b2:e6:
35:3a:5c:7d:05:3e:a5:df:56:4a:6e:e5:bf:41:ce:31:7d:ae:
bb:e1:2f:42:5e:65:c2:fd:eb:e5:0e:a2:d3:5d:8c:b1:28:71:
4d:9e:cb:54:e2:b1:02:d8:66:44:8a:2f:1e:7f:db:90:c4:0d:
44:1d:20:a0:bb:bd:37:40:b2:2d:c1:45:3c:42:67:f1:1e:8a:
37:7b:3b:f4:27:fc:18:29:84:9f:ac:f2:b4:ce:a2:0a:fb:54:
a5:81:10:f4:79:ed:45:ba:9f:04:d2:92:09:c4:7f:3b:8a:ae:
96:50:18:78:6a:c8:6f:dd:1c:ff:ca:92:44:c2:06:c3:cb:86:
99:bd:be:65:3c:00:e4:a9:0e:11:b2:e8:3d:bc:60:28:83:e1:
50:31:8e:cd:4b:ce:bf:9f:18:58:10:5f:fd:2f:6c:c1:bd:2f:
c6:a3:2c:a0:33:34:f2:66:e4:f8:ed:ec:c4:bd:83:c0:f6:4a:
5c:aa:b8:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqHKpgNUIBWBFXgkT6DFltCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEyMDIxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDhkNjI4NjVhOWQzMGQ0NTJjMTA2MzVmMWIxZjE2YjliZjBhNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPkiva6FPECkIe7xu6aQuMJ7IVWe
SXpuQscTO4P1ZYP51L2U45wAZnD02Jn/tETzja1ElN2LKrIYGYmAfbL8XI9idb2N
bQmUVvdx5vGV8AQhYT6akJl3b0ZR/jykZGubvkGFwTE0lbTOJb1u82mpPbDrd8+T
mC396QSZiipokYjweFW1SqvGucgZNmeYAlaJc3hmonFoO8RvpNpo/t41aRuF79hF
h8K+uoWxYw8do8xWYXdVmHNRrbKE0mAFrZLaU4NrAcWqRYAT4zS1UyG0BoGgKLqH
8AtyzIQ3HzyfdmaBsVJUmqPO/qREe98VmY+ZGBmrGEdekn+ncKzqyfqXOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFESNYoZanTDUUsEGNfGx8Wub8KRUMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvUkkxaWhscWRNTlJTd1FZMThiSHhhNXZ3cEZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAN7jRPoNTF/U8h/GCn2
ihSZFBxIEdf1bMzSTl0ROWGBBSEnoYB9yLGrGF9PuH1XlBNRb/1cw84c+krljobP
EKSjpls1fPSy5jU6XH0FPqXfVkpu5b9BzjF9rrvhL0JeZcL96+UOotNdjLEocU2e
y1TisQLYZkSKLx5/25DEDUQdIKC7vTdAsi3BRTxCZ/Eeijd7O/Qn/BgphJ+s8rTO
ogr7VKWBEPR57UW6nwTSkgnEfzuKrpZQGHhqyG/dHP/KkkTCBsPLhpm9vmU8AOSp
DhGy6D28YCiD4VAxjs1Lzr+fGFgQX/0vbMG9L8ajLKAzNPJm5Pjt7MS9g8D2Slyq
uJY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:14:44 2025 by rpki-client