Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Sm7dzcpXNkKHYe5f0jpwgTckZz8.roa
File: Sm7dzcpXNkKHYe5f0jpwgTckZz8.roa (raw, json)
Hash identifier: 1lpjlDhj9EHkiuMl8CVkNWwj7xftPdPEeLMfe8lquIA=
Subject key identifier: 4A:6E:DD:CD:CA:57:36:42:87:61:EE:5F:D2:3A:70:81:37:24:67:3F
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9F9EF82FDDE8AD50EF1E90012FE9A741
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Sm7dzcpXNkKHYe5f0jpwgTckZz8.roa
Signing time: Sat 16 Sep 2023 20:11:50 +0000
ROA not before: Sat 16 Sep 2023 20:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9f:9e:f8:2f:dd:e8:ad:50:ef:1e:90:01:2f:e9:a7:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 16 20:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a6eddcdca5736428761ee5fd23a70813724673f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fc:fd:8b:2d:af:f4:76:c0:cb:da:fc:c1:78:
da:c6:bd:82:b0:49:57:97:50:06:9b:aa:b8:c6:47:
18:4a:d2:ce:12:8b:6d:24:d8:89:37:91:4e:0c:65:
5a:d5:be:f9:4c:46:ab:58:54:e8:50:2c:57:87:07:
3e:1c:c4:48:51:99:ea:1a:31:8b:21:b7:29:d1:a4:
ed:9e:21:a2:e1:93:79:ce:31:c1:90:64:b3:1d:67:
69:d8:55:06:f6:72:2a:ad:2b:f1:14:dd:3d:95:a5:
b1:20:81:81:1f:8b:2f:20:45:48:f6:7b:b4:b4:ad:
16:e4:f5:15:b6:6c:d4:eb:3e:35:37:d6:0c:cf:f3:
71:3a:d7:9a:7d:1e:b3:47:ce:02:67:3f:0c:1d:bf:
04:e5:d0:41:f9:d4:c7:b6:f0:14:ec:c2:4d:fb:0d:
d7:d5:00:f0:31:fe:60:40:da:8d:c4:5a:55:30:a7:
04:cb:39:a8:7a:2a:3d:7e:60:1f:cf:d7:67:17:12:
3f:e9:c3:49:8a:ab:c9:ef:e9:b5:37:55:ba:ad:fe:
b8:6d:f3:32:4c:64:a4:1e:09:79:73:9c:19:d4:93:
37:3d:53:14:fc:47:75:35:c5:ce:14:e5:7d:4f:17:
ca:de:2c:bb:84:07:d2:c4:8d:48:2b:0e:b2:40:ed:
ef:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6E:DD:CD:CA:57:36:42:87:61:EE:5F:D2:3A:70:81:37:24:67:3F
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Sm7dzcpXNkKHYe5f0jpwgTckZz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:d5:82:3f:9f:c7:66:78:90:5c:f8:22:7d:fc:fe:33:86:0c:
1c:69:06:43:4a:da:26:07:06:37:d2:50:36:f7:08:b0:ec:77:
e9:a9:ee:d3:da:73:cd:23:31:a4:81:fd:84:06:4f:aa:ff:27:
1f:6a:ea:bf:80:aa:26:eb:57:4f:6a:57:12:9c:86:b4:e0:88:
8b:e4:c5:23:10:f2:c7:b2:9b:05:71:ec:c7:13:62:c8:58:fa:
02:4f:13:32:21:16:81:c0:c6:94:83:42:6b:46:61:3e:fa:22:
41:85:d0:71:5f:64:1b:bb:9d:8a:64:15:48:fb:90:79:15:36:
88:fe:ce:b2:13:e8:41:3d:a1:63:64:85:0a:d2:19:f0:85:e8:
14:82:39:d7:46:77:36:bb:eb:44:1a:a3:de:06:57:9f:eb:0d:
26:a4:5a:71:cc:ee:b9:bb:be:3e:da:7a:6f:2b:ab:83:c6:05:
84:2c:a8:35:1b:47:9b:d6:13:58:4d:ad:18:2f:ca:cd:c1:5b:
8c:4f:e1:0d:36:be:fe:3d:4d:95:08:7e:b0:6c:bd:80:af:39:
5e:e4:0b:95:31:2f:35:2f:4e:53:d5:72:3c:d4:29:c3:95:29:
17:1f:eb:c6:85:27:04:c2:b7:a6:7f:29:10:dc:c7:ce:f1:e0:
f7:c4:67:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqfnvgv3eitUO8ekAEv6adBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE2MjAxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTZlZGRjZGNhNTczNjQyODc2MWVlNWZkMjNhNzA4MTM3MjQ2NzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvz9iy2v9HbAy9r8wXjaxr2CsElX
l1AGm6q4xkcYStLOEottJNiJN5FODGVa1b75TEarWFToUCxXhwc+HMRIUZnqGjGL
Ibcp0aTtniGi4ZN5zjHBkGSzHWdp2FUG9nIqrSvxFN09laWxIIGBH4svIEVI9nu0
tK0W5PUVtmzU6z41N9YMz/NxOteafR6zR84CZz8MHb8E5dBB+dTHtvAU7MJN+w3X
1QDwMf5gQNqNxFpVMKcEyzmoeio9fmAfz9dnFxI/6cNJiqvJ7+m1N1W6rf64bfMy
TGSkHgl5c5wZ1JM3PVMU/Ed1NcXOFOV9TxfK3iy7hAfSxI1IKw6yQO3vgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEpu3c3KVzZCh2HuX9I6cIE3JGc/MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvU203ZHpjcFhOa0tIWWU1ZjBqcHdnVGNrWno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADPVgj+fx2Z4kFz4In38
/jOGDBxpBkNK2iYHBjfSUDb3CLDsd+mp7tPac80jMaSB/YQGT6r/Jx9q6r+Aqibr
V09qVxKchrTgiIvkxSMQ8seymwVx7McTYshY+gJPEzIhFoHAxpSDQmtGYT76IkGF
0HFfZBu7nYpkFUj7kHkVNoj+zrIT6EE9oWNkhQrSGfCF6BSCOddGdza760Qao94G
V5/rDSakWnHM7rm7vj7aem8rq4PGBYQsqDUbR5vWE1hNrRgvys3BW4xP4Q02vv49
TZUIfrBsvYCvOV7kC5UxLzUvTlPVcjzUKcOVKRcf68aFJwTCt6Z/KRDcx87x4PfE
Zxo=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:01:04 2025 by rpki-client