Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/STFYAsH0Ig2MRnFavzaDafJ_WyY.roa
File: STFYAsH0Ig2MRnFavzaDafJ_WyY.roa (raw, json)
Hash identifier: Na/BK2DWa4JkJ15DYPBPDN2KrqA45fln6imc6ZB1jpE=
Subject key identifier: 49:31:58:02:C1:F4:22:0D:8C:46:71:5A:BF:36:83:69:F2:7F:5B:26
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8C191AC40CC7895D31D906988BB9D35F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/STFYAsH0Ig2MRnFavzaDafJ_WyY.roa
Signing time: Wed 13 Sep 2023 01:12:50 +0000
ROA not before: Wed 13 Sep 2023 01:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8c:19:1a:c4:0c:c7:89:5d:31:d9:06:98:8b:b9:d3:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 01:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49315802c1f4220d8c46715abf368369f27f5b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:20:99:0a:f9:c2:a0:87:b5:45:69:a4:87:32:
bd:5e:48:05:fb:a1:34:65:03:db:e2:4c:7b:9c:37:
13:c0:5e:90:3e:2b:36:51:6a:89:96:f3:50:b3:49:
6b:a5:8f:52:14:6d:e2:bd:00:b4:3b:86:e2:82:c5:
d7:35:a6:1c:be:53:aa:d1:78:b4:86:1a:b8:1d:02:
86:d2:45:4a:27:a8:4e:36:7e:3d:dc:fd:b6:e3:a5:
0a:37:58:2f:5f:0c:05:fb:3f:69:c8:62:2e:dd:06:
1a:c5:94:64:f4:f4:20:b7:a2:67:5b:23:2b:bf:90:
bc:69:dd:fc:a2:1b:74:7b:eb:7f:30:92:ce:6b:3f:
6f:e0:11:78:d5:ad:70:f3:ef:9a:43:0d:93:67:fe:
4b:f4:d9:49:89:ed:ec:41:6d:84:7f:b1:d3:32:72:
37:89:b6:8e:b5:f8:a1:08:76:ae:f2:74:f5:b9:6c:
3e:54:8d:ca:79:a8:74:be:4e:51:bd:bf:16:e3:74:
04:23:eb:de:dd:c9:8b:c4:9a:87:42:91:93:6d:b6:
de:b7:23:b5:a2:8f:95:70:aa:bd:d6:c7:c6:31:32:
02:10:50:cb:ac:99:ff:cf:22:cf:76:66:7e:36:89:
bc:54:c3:d3:b3:c4:d9:ef:65:ff:ec:61:e5:d9:bb:
13:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:31:58:02:C1:F4:22:0D:8C:46:71:5A:BF:36:83:69:F2:7F:5B:26
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/STFYAsH0Ig2MRnFavzaDafJ_WyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:46:2f:fe:f7:27:3e:46:03:a5:5a:26:25:89:02:80:19:c9:
83:4c:62:19:55:37:aa:c3:d3:28:a3:fa:0d:35:48:26:9b:8c:
9d:3f:28:e4:f5:13:57:2d:97:77:40:52:f6:85:64:73:74:19:
b5:ba:98:0a:a5:c7:00:26:40:84:84:ba:20:df:dc:d6:1a:89:
11:16:0a:f7:c7:a7:7a:0b:75:bf:1a:79:cd:10:2d:6a:03:37:
d0:86:e0:6f:6c:8f:09:9a:d2:3e:67:bf:3b:03:d4:f3:50:d2:
34:12:01:79:c4:75:e1:cd:08:2f:e0:d9:b6:73:eb:a6:b8:fb:
53:03:0a:f8:c5:7c:d9:92:df:df:90:c4:88:d8:f4:dc:46:97:
e2:48:22:5e:2b:02:61:6d:68:e6:3b:42:fe:8e:1e:fb:2d:27:
02:d5:60:b6:75:2b:37:52:71:34:2f:02:7d:ca:10:21:c3:a0:
da:1b:b8:f7:d2:8a:65:40:b5:f1:b5:93:12:48:b6:cf:77:2a:
d7:e3:ea:70:e1:bb:6e:e0:cf:88:d5:94:56:b2:cb:1c:4f:55:
64:87:b7:27:e5:17:7f:90:18:34:a3:37:09:7d:1d:4e:9a:30:
07:5d:ab:e6:81:02:c4:9d:37:b1:42:c9:4c:a3:6f:10:fe:c8:
e0:e0:e6:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqMGRrEDMeJXTHZBpiLudNfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMDExMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTMxNTgwMmMxZjQyMjBkOGM0NjcxNWFiZjM2ODM2OWYyN2Y1YjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiCZCvnCoIe1RWmkhzK9XkgF+6E0
ZQPb4kx7nDcTwF6QPis2UWqJlvNQs0lrpY9SFG3ivQC0O4bigsXXNaYcvlOq0Xi0
hhq4HQKG0kVKJ6hONn493P2246UKN1gvXwwF+z9pyGIu3QYaxZRk9PQgt6JnWyMr
v5C8ad38oht0e+t/MJLOaz9v4BF41a1w8++aQw2TZ/5L9NlJie3sQW2Ef7HTMnI3
ibaOtfihCHau8nT1uWw+VI3Keah0vk5Rvb8W43QEI+ve3cmLxJqHQpGTbbbetyO1
oo+VcKq91sfGMTICEFDLrJn/zyLPdmZ+Nom8VMPTs8TZ72X/7GHl2bsTpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEkxWALB9CINjEZxWr82g2nyf1smMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvU1RGWUFzSDBJZzJNUm5GYXZ6YURhZkpfV3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI1GL/73Jz5GA6VaJiWJ
AoAZyYNMYhlVN6rD0yij+g01SCabjJ0/KOT1E1ctl3dAUvaFZHN0GbW6mAqlxwAm
QISEuiDf3NYaiREWCvfHp3oLdb8aec0QLWoDN9CG4G9sjwma0j5nvzsD1PNQ0jQS
AXnEdeHNCC/g2bZz66a4+1MDCvjFfNmS39+QxIjY9NxGl+JIIl4rAmFtaOY7Qv6O
HvstJwLVYLZ1KzdScTQvAn3KECHDoNobuPfSimVAtfG1kxJIts93Ktfj6nDhu27g
z4jVlFayyxxPVWSHtyflF3+QGDSjNwl9HU6aMAddq+aBAsSdN7FCyUyjbxD+yODg
5l0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:16 2025 by rpki-client