Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Rdwu9OCa6_Mj9ei-uLVVdAJ-MDs.roa
File: Rdwu9OCa6_Mj9ei-uLVVdAJ-MDs.roa (raw, json)
Hash identifier: 3YFDDWbEcN/5ZTkF3WSznE6VuGI9qjTdEoZbr0JT5MA=
Subject key identifier: 45:DC:2E:F4:E0:9A:EB:F3:23:F5:E8:BE:B8:B5:55:74:02:7E:30:3B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA82DD35E6EB35DCBB5C945256B4AA3B4
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Rdwu9OCa6_Mj9ei-uLVVdAJ-MDs.roa
Signing time: Mon 18 Sep 2023 12:04:50 +0000
ROA not before: Mon 18 Sep 2023 12:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:a82d:93ba/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:2d:d3:5e:6e:b3:5d:cb:b5:c9:45:25:6b:4a:a3:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 18 12:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45dc2ef4e09aebf323f5e8beb8b55574027e303b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bc:0a:20:a3:15:74:69:e5:c7:6f:87:b4:a2:
a0:cf:e5:f1:f3:22:b3:27:3a:56:f0:bd:1f:a8:24:
63:d1:ce:1a:bd:7a:e6:2f:66:50:13:b1:e0:6b:cf:
4a:6a:8d:9d:bf:2d:7a:df:0c:0f:6d:5a:18:bc:57:
21:fd:96:7c:12:20:c5:3a:ac:03:80:6a:3b:d2:cf:
7c:f6:c9:9d:aa:3a:c2:8e:82:c8:03:a0:3b:2a:cc:
ad:d5:9b:19:b6:3d:47:b1:81:d7:05:4d:32:48:3a:
bb:cc:ba:57:cf:d9:5b:d3:83:94:b0:36:da:63:29:
ff:74:9c:5f:d9:f4:d9:b9:cc:70:d8:bc:03:06:d1:
8c:6a:c6:11:17:ad:32:48:66:70:3c:b9:68:d6:5d:
76:7d:ac:fd:11:a4:d8:ca:54:f9:9c:36:46:11:aa:
c2:44:a9:66:21:27:e0:f7:f0:4f:c7:e4:0b:e1:4b:
9a:f1:58:09:28:a3:a0:4a:f2:f9:9b:50:80:fb:6c:
b1:be:d2:0f:40:c9:6a:fe:8c:b0:53:4d:c5:12:bb:
e7:da:d0:71:de:03:98:46:e5:45:00:0a:b8:dd:16:
4d:e4:7e:cd:59:51:39:26:cf:5b:d1:fd:b0:de:7a:
92:b8:03:1c:96:13:08:01:19:53:15:d6:e7:30:52:
d0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:DC:2E:F4:E0:9A:EB:F3:23:F5:E8:BE:B8:B5:55:74:02:7E:30:3B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Rdwu9OCa6_Mj9ei-uLVVdAJ-MDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:c8:76:e4:c8:e1:8c:8f:13:b8:f3:a9:2a:75:4f:d7:2b:7a:
40:aa:de:74:17:dd:cb:81:33:e4:60:70:86:6f:93:34:31:1a:
38:b3:17:fc:c6:21:35:4d:a3:e5:f9:86:1f:45:26:6f:2e:c0:
24:0f:07:da:f5:f3:05:e7:dc:7c:bb:50:90:34:3a:7d:4e:5e:
2e:91:fb:51:31:af:8f:18:ac:0e:18:83:31:1f:75:e6:24:27:
47:fd:26:37:e1:89:e2:44:62:89:56:46:53:58:c2:e6:10:4a:
46:c7:7d:77:ae:60:86:fa:73:0b:0e:07:78:e7:bc:2f:17:5f:
1f:e2:52:c5:8c:76:e0:3e:85:da:0f:4d:c1:96:92:64:a9:ac:
59:c0:3f:38:38:34:1d:b8:c2:dd:fe:7a:6d:24:61:7b:c6:76:
e7:1f:7f:8a:1b:34:26:7a:6a:99:ba:92:dc:01:09:85:fe:91:
5f:a3:5f:73:40:48:9e:bb:fb:88:39:24:54:c8:a9:87:02:3e:
7c:e7:5f:ce:b6:80:15:26:e5:3b:8d:e0:ca:8d:a9:4e:9f:e5:
c3:dc:f4:69:df:4e:fa:1a:35:a2:e4:59:1e:e5:be:30:18:92:
1a:88:c0:98:1a:f9:89:f7:ce:3f:3c:7e:9b:01:ec:f2:db:91:
90:82:4b:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqoLdNebrNdy7XJRSVrSqO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE4MTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWRjMmVmNGUwOWFlYmYzMjNmNWU4YmViOGI1NTU3NDAyN2UzMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirwKIKMVdGnlx2+HtKKgz+Xx8yKz
JzpW8L0fqCRj0c4avXrmL2ZQE7Hga89Kao2dvy163wwPbVoYvFch/ZZ8EiDFOqwD
gGo70s989smdqjrCjoLIA6A7Ksyt1ZsZtj1HsYHXBU0ySDq7zLpXz9lb04OUsDba
Yyn/dJxf2fTZucxw2LwDBtGMasYRF60ySGZwPLlo1l12faz9EaTYylT5nDZGEarC
RKlmISfg9/BPx+QL4Uua8VgJKKOgSvL5m1CA+2yxvtIPQMlq/oywU03FErvn2tBx
3gOYRuVFAAq43RZN5H7NWVE5Js9b0f2w3nqSuAMclhMIARlTFdbnMFLQjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEXcLvTgmuvzI/Xovri1VXQCfjA7MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvUmR3dTlPQ2E2X01qOWVpLXVMVlZkQUotTURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACLIduTI4YyPE7jzqSp1
T9crekCq3nQX3cuBM+RgcIZvkzQxGjizF/zGITVNo+X5hh9FJm8uwCQPB9r18wXn
3Hy7UJA0On1OXi6R+1Exr48YrA4YgzEfdeYkJ0f9JjfhieJEYolWRlNYwuYQSkbH
fXeuYIb6cwsOB3jnvC8XXx/iUsWMduA+hdoPTcGWkmSprFnAPzg4NB24wt3+em0k
YXvGducff4obNCZ6apm6ktwBCYX+kV+jX3NASJ67+4g5JFTIqYcCPnznX862gBUm
5TuN4MqNqU6f5cPc9GnfTvoaNaLkWR7lvjAYkhqIwJga+Yn3zj88fpsB7PLbkZCC
S5Q=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:55 2025 by rpki-client