Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/SqhPnpazbMnF6rNzQzxLXz1i-5g.roa
File: SqhPnpazbMnF6rNzQzxLXz1i-5g.roa (raw, json)
Hash identifier: SLOct13FBXzZFhP4kjcPR+BvKM2/ehCiGNLox8mra+s=
Subject key identifier: 4A:A8:4F:9E:96:B3:6C:C9:C5:EA:B3:73:43:3C:4B:5F:3D:62:FB:98
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4581DFE87818F616AE44D1B20EC2AB8F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/SqhPnpazbMnF6rNzQzxLXz1i-5g.roa
Signing time: Wed 30 Aug 2023 08:14:13 +0000
ROA not before: Wed 30 Aug 2023 08:14:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:4581:2aa5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:81:df:e8:78:18:f6:16:ae:44:d1:b2:0e:c2:ab:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 08:14:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4aa84f9e96b36cc9c5eab373433c4b5f3d62fb98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ec:c9:98:75:cb:6d:31:60:72:69:c3:50:a1:
50:a3:cc:5b:7d:f6:df:3e:20:f6:0c:0d:60:74:f8:
f6:2f:12:96:99:d5:1d:be:df:10:ce:7b:e3:9b:9a:
60:72:42:5e:13:fe:52:51:14:07:41:95:06:1d:8b:
e6:ae:69:b9:a8:82:66:e2:e9:a0:e1:49:e9:cb:fb:
18:d4:6b:6f:31:e0:35:20:53:d1:d6:12:53:09:06:
2b:4b:18:93:fd:ed:c8:ef:da:d0:2b:d8:0b:30:ab:
cd:be:05:b4:ea:8c:9e:bd:fc:e6:4c:64:88:19:40:
17:05:59:7e:5d:1e:c0:0f:4a:c9:e3:49:b2:fc:d3:
dc:31:08:6a:97:31:1c:87:3e:7a:11:5b:be:e1:a4:
70:24:31:b3:61:40:09:8e:4c:c5:32:37:26:32:6d:
b5:6d:c7:eb:6b:7a:15:f0:1a:3e:4b:bd:7f:ce:4a:
cc:d7:bf:21:6c:93:ed:e6:13:42:ed:ad:92:e3:e6:
e0:34:f2:dd:44:70:ba:0e:5c:cf:9f:5f:70:24:d7:
35:a8:7e:ef:56:d3:a7:cf:1f:09:4c:b2:fd:94:f9:
8e:44:c8:6b:48:01:07:e1:20:f0:56:ab:79:46:00:
49:25:9b:3d:23:40:c0:a8:0d:8d:5f:e6:4a:db:c0:
b4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A8:4F:9E:96:B3:6C:C9:C5:EA:B3:73:43:3C:4B:5F:3D:62:FB:98
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/SqhPnpazbMnF6rNzQzxLXz1i-5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:e8:b9:23:81:7a:13:c0:82:5f:e9:85:a6:d7:82:07:28:a0:
cb:33:22:39:96:c2:05:7e:0e:8d:3e:41:fc:dd:37:38:55:c5:
c5:32:52:fb:19:15:c1:4b:23:40:01:86:1a:7e:26:53:df:39:
5d:8f:62:37:62:96:49:36:61:71:8d:97:53:70:0c:8b:78:f6:
05:5c:50:6d:40:4a:2c:5b:2e:e2:7f:fe:f8:20:0a:29:ea:45:
b3:b5:85:2a:39:0a:cf:a4:5a:f8:9a:a5:22:97:8f:2c:27:3e:
ab:96:ce:cc:ab:6b:79:b3:6d:90:23:15:55:2a:a0:76:74:d8:
34:75:da:87:e5:21:61:76:9c:d6:e0:e3:20:13:49:94:69:f1:
76:40:e9:61:49:a5:04:35:df:00:2b:80:ca:57:7d:3a:84:81:
5c:9f:a6:bd:12:e0:00:73:af:a5:78:35:f3:1e:84:25:94:f5:
29:dc:be:e0:da:d1:3c:b0:5b:f2:00:e6:09:45:df:a1:9b:49:
fd:13:3c:0d:2e:50:c9:03:40:34:6e:da:ce:88:a9:22:f2:ca:
ee:1d:9e:34:c2:39:b6:fa:93:f7:18:ca:6a:88:86:34:80:3c:
ce:20:78:06:0c:cc:88:f7:c9:9f:48:5f:14:05:c9:b7:c2:da:
8b:ca:31:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpFgd/oeBj2Fq5E0bIOwquPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMDgxNDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWE4NGY5ZTk2YjM2Y2M5YzVlYWIzNzM0MzNjNGI1ZjNkNjJmYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOzJmHXLbTFgcmnDUKFQo8xbffbf
PiD2DA1gdPj2LxKWmdUdvt8Qznvjm5pgckJeE/5SURQHQZUGHYvmrmm5qIJm4umg
4Unpy/sY1GtvMeA1IFPR1hJTCQYrSxiT/e3I79rQK9gLMKvNvgW06oyevfzmTGSI
GUAXBVl+XR7AD0rJ40my/NPcMQhqlzEchz56EVu+4aRwJDGzYUAJjkzFMjcmMm21
bcfra3oV8Bo+S71/zkrM178hbJPt5hNC7a2S4+bgNPLdRHC6DlzPn19wJNc1qH7v
VtOnzx8JTLL9lPmORMhrSAEH4SDwVqt5RgBJJZs9I0DAqA2NX+ZK28C0UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEqoT56Ws2zJxeqzc0M8S189YvuYMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvU3FoUG5wYXpiTW5GNnJOelF6eExYejFpLTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIbouSOBehPAgl/phabX
ggcooMszIjmWwgV+Do0+QfzdNzhVxcUyUvsZFcFLI0ABhhp+JlPfOV2PYjdilkk2
YXGNl1NwDIt49gVcUG1ASixbLuJ//vggCinqRbO1hSo5Cs+kWviapSKXjywnPquW
zsyra3mzbZAjFVUqoHZ02DR12oflIWF2nNbg4yATSZRp8XZA6WFJpQQ13wArgMpX
fTqEgVyfpr0S4ABzr6V4NfMehCWU9SncvuDa0TywW/IA5glF36GbSf0TPA0uUMkD
QDRu2s6IqSLyyu4dnjTCObb6k/cYymqIhjSAPM4geAYMzIj3yZ9IXxQFybfC2ovK
MeI=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:17:03 2025 by rpki-client