Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/SdcVqPrHTBjSe3tChu6HtGzhHho.roa
File: SdcVqPrHTBjSe3tChu6HtGzhHho.roa (raw, json)
Hash identifier: JSnc2Yfev5+aNMm9Rwu7S04557nQgPjsu+xGyg/6sqk=
Subject key identifier: 49:D7:15:A8:FA:C7:4C:18:D2:7B:7B:42:86:EE:87:B4:6C:E1:1E:1A
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4B7C7E5BC1C0F7EAADB75C368B0DE612
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/SdcVqPrHTBjSe3tChu6HtGzhHho.roa
Signing time: Thu 31 Aug 2023 12:06:04 +0000
ROA not before: Thu 31 Aug 2023 12:06:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:4b7b:b85e/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:7c:7e:5b:c1:c0:f7:ea:ad:b7:5c:36:8b:0d:e6:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 12:06:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49d715a8fac74c18d27b7b4286ee87b46ce11e1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9b:43:d3:e5:89:4c:07:af:5e:9c:67:4e:87:
ab:96:96:79:88:bc:b0:c3:98:15:cd:1c:d1:dd:0e:
ae:a9:9d:bd:16:84:24:bf:14:f8:f4:51:46:2d:b8:
8b:9e:50:b2:be:33:1c:4a:c3:c0:54:ce:ff:aa:cd:
5d:15:38:f7:49:d0:c8:bc:5e:22:7b:3e:26:78:60:
fa:ee:69:a7:39:cb:b0:9b:6f:c8:73:62:f1:fd:b9:
be:31:6b:24:f9:19:a0:27:1c:06:ad:00:b7:2f:54:
cb:c1:95:c7:96:0a:39:bf:7a:b2:59:c2:a9:79:84:
a5:31:84:08:1c:2a:4a:6d:7e:44:89:d1:e2:25:40:
82:f8:f2:61:dc:71:e3:6f:68:d9:93:b6:5e:b8:4b:
19:f2:60:91:83:9f:b8:0d:30:fb:38:70:3d:83:dd:
28:cf:ad:0a:43:c9:24:37:72:8b:cb:e4:22:1f:ee:
6a:65:ac:cf:2e:18:43:7e:55:32:d5:33:84:34:b0:
fc:c4:89:61:08:a0:23:27:b0:5e:a2:cd:0b:82:35:
43:4f:2d:d5:3c:8d:02:e6:4b:15:e2:c1:e4:ac:3b:
f6:82:c2:e6:c9:35:81:9f:50:4c:48:c1:bc:7e:c6:
71:0c:37:af:0e:b5:93:ea:c8:00:0e:ac:7a:79:53:
b4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D7:15:A8:FA:C7:4C:18:D2:7B:7B:42:86:EE:87:B4:6C:E1:1E:1A
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/SdcVqPrHTBjSe3tChu6HtGzhHho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:1d:d9:f6:1e:26:6c:44:db:0f:39:c5:8e:f9:86:78:a7:1b:
a6:0f:ef:54:2c:d5:01:d1:1b:42:2b:0c:0c:05:1a:f0:84:a4:
e6:06:86:2c:29:1a:2c:f5:fc:6b:04:ca:e2:90:22:a2:d5:32:
15:66:00:9a:2f:0e:12:c9:41:dd:c5:2a:61:84:a8:3d:9b:4e:
d5:78:4e:17:ee:3c:20:a9:d4:88:de:33:77:57:29:5e:ab:14:
2c:91:b9:f1:6e:20:52:fe:3f:60:fc:cd:71:39:2a:bc:57:18:
58:57:a0:85:e8:ab:8f:f2:aa:28:70:96:f3:93:88:3a:83:e0:
5f:7e:c5:b8:d1:3a:98:3d:c1:70:b6:ac:c3:0f:eb:b2:ae:7e:
60:2f:e8:79:3f:31:db:93:e0:d5:8d:8c:99:f9:56:27:59:e8:
2f:78:9e:8b:cf:55:84:45:88:6f:8a:95:59:e5:96:6f:af:17:
f5:36:1d:40:f6:34:72:08:dd:8d:86:b5:08:80:66:0c:9a:fa:
51:5d:01:e5:f4:ea:63:a8:96:5c:00:c4:03:2c:61:5e:99:90:
ab:ca:3f:17:f5:d8:db:66:7b:ef:b9:e6:21:45:c2:2a:f2:73:
12:4a:f7:82:69:67:80:ad:fd:4c:1c:5f:58:c5:9e:fc:92:83:
67:8c:9b:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpLfH5bwcD36q23XDaLDeYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMTIwNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWQ3MTVhOGZhYzc0YzE4ZDI3YjdiNDI4NmVlODdiNDZjZTExZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJtD0+WJTAevXpxnToerlpZ5iLyw
w5gVzRzR3Q6uqZ29FoQkvxT49FFGLbiLnlCyvjMcSsPAVM7/qs1dFTj3SdDIvF4i
ez4meGD67mmnOcuwm2/Ic2Lx/bm+MWsk+RmgJxwGrQC3L1TLwZXHlgo5v3qyWcKp
eYSlMYQIHCpKbX5EidHiJUCC+PJh3HHjb2jZk7ZeuEsZ8mCRg5+4DTD7OHA9g90o
z60KQ8kkN3KLy+QiH+5qZazPLhhDflUy1TOENLD8xIlhCKAjJ7Beos0LgjVDTy3V
PI0C5ksV4sHkrDv2gsLmyTWBn1BMSMG8fsZxDDevDrWT6sgADqx6eVO0HQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEnXFaj6x0wY0nt7Qobuh7Rs4R4aMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvU2RjVnFQckhUQmpTZTN0Q2h1Nkh0R3poSGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKcd2fYeJmxE2w85xY75
hninG6YP71Qs1QHRG0IrDAwFGvCEpOYGhiwpGiz1/GsEyuKQIqLVMhVmAJovDhLJ
Qd3FKmGEqD2bTtV4ThfuPCCp1IjeM3dXKV6rFCyRufFuIFL+P2D8zXE5KrxXGFhX
oIXoq4/yqihwlvOTiDqD4F9+xbjROpg9wXC2rMMP67KufmAv6Hk/MduT4NWNjJn5
VidZ6C94novPVYRFiG+KlVnllm+vF/U2HUD2NHII3Y2GtQiAZgya+lFdAeX06mOo
llwAxAMsYV6ZkKvKPxf12Ntme++55iFFwirycxJK94JpZ4Ct/UwcX1jFnvySg2eM
m40=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:28 2025 by rpki-client