Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/SyfAcIOtjtobwQ8vMdl-XTHyGSQ.roa
File: SyfAcIOtjtobwQ8vMdl-XTHyGSQ.roa (raw, json)
Hash identifier: lGVk9HEsGGMfVHwQKqPQY1JhHSrL47z3pegsI0fnCeI=
Subject key identifier: 4B:27:C0:70:83:AD:8E:DA:1B:C1:0F:2F:31:D9:7E:5D:31:F2:19:24
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9A438228C1E29D74042143A3D67C5A3F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/SyfAcIOtjtobwQ8vMdl-XTHyGSQ.roa
Signing time: Fri 15 Sep 2023 19:13:50 +0000
ROA not before: Fri 15 Sep 2023 19:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9a:43:82:28:c1:e2:9d:74:04:21:43:a3:d6:7c:5a:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 15 19:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b27c07083ad8eda1bc10f2f31d97e5d31f21924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f0:74:e0:42:4a:1f:12:a8:51:69:83:46:03:
e2:74:3d:c0:f6:bc:71:28:d1:53:0a:e2:76:e0:44:
f4:21:37:fb:df:81:17:8a:01:d2:17:8d:d7:89:c3:
3b:f8:67:da:07:68:14:7a:01:b9:33:c6:4b:52:76:
1c:20:cd:84:b0:bf:47:68:00:8e:48:15:9c:81:09:
c7:0e:65:81:42:1e:38:96:54:fc:47:0f:16:98:3e:
fa:f7:1f:08:72:22:fe:82:c8:b0:09:f2:91:eb:d9:
7c:c9:e0:89:4d:78:e1:07:c6:08:bc:f2:9d:72:e4:
f4:db:f4:60:9d:74:54:64:c4:ae:aa:a0:85:b6:4f:
32:a2:22:74:2f:e1:97:12:28:b3:e2:ac:c1:c7:b5:
69:08:9d:38:3e:53:5e:72:08:e2:36:a2:80:bf:38:
85:ef:ce:0f:18:17:d5:39:1a:a1:3d:cf:a0:d9:ce:
d8:7a:5c:87:89:5b:5e:8a:ea:9c:8c:94:fa:38:fb:
ba:56:76:5b:06:c7:44:90:94:15:18:d3:bc:5e:13:
52:c5:77:29:ca:21:91:31:7f:98:87:4e:72:8b:50:
79:a8:9f:39:41:62:91:1d:9b:d9:20:f7:68:0a:8e:
0a:82:65:d7:ca:04:95:85:55:f9:9b:ce:e3:fb:9f:
50:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:27:C0:70:83:AD:8E:DA:1B:C1:0F:2F:31:D9:7E:5D:31:F2:19:24
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/SyfAcIOtjtobwQ8vMdl-XTHyGSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:7e:75:a9:99:86:c0:6c:12:41:10:14:d9:9f:a9:51:00:ac:
24:85:50:30:5d:67:16:ea:19:79:8b:c7:85:e9:8c:37:56:21:
aa:00:06:7b:b6:72:b7:80:37:f2:ee:96:b8:dc:87:43:9d:7c:
40:ba:3f:18:84:ce:c5:c4:77:98:6a:88:c3:3a:61:ae:2c:96:
ea:a5:ec:07:dc:95:42:4b:d9:11:84:09:31:e3:21:5e:ba:df:
cd:90:e5:cb:cc:08:0f:5d:aa:ee:13:67:49:81:f0:a6:8f:27:
c0:93:88:16:a4:b0:20:ce:b7:01:3a:09:bd:2b:d0:30:9b:6d:
4d:1b:f8:76:be:2c:d2:d9:ff:87:da:96:9a:1c:3e:7e:25:07:
45:6c:6f:6c:7d:cd:eb:8f:31:23:7a:6f:7c:66:82:98:3a:a3:
6c:b9:06:19:f8:cb:7d:b7:32:ce:ab:87:14:62:b7:49:d7:00:
e5:db:53:33:5a:7f:fc:5e:e7:c9:87:2e:39:77:99:f8:13:fc:
1a:e1:8d:90:68:0a:b4:78:6d:01:7a:55:6b:f6:d8:24:49:af:
7b:d4:92:94:93:0f:05:eb:76:91:fa:f0:7b:39:75:f8:bb:c5:
35:18:93:3f:20:e9:f3:7d:80:94:a7:e0:f5:e1:01:32:9b:cd:
99:3e:00:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqaQ4IoweKddAQhQ6PWfFo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE1MTkxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjI3YzA3MDgzYWQ4ZWRhMWJjMTBmMmYzMWQ5N2U1ZDMxZjIxOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfB04EJKHxKoUWmDRgPidD3A9rxx
KNFTCuJ24ET0ITf734EXigHSF43XicM7+GfaB2gUegG5M8ZLUnYcIM2EsL9HaACO
SBWcgQnHDmWBQh44llT8Rw8WmD769x8IciL+gsiwCfKR69l8yeCJTXjhB8YIvPKd
cuT02/RgnXRUZMSuqqCFtk8yoiJ0L+GXEiiz4qzBx7VpCJ04PlNecgjiNqKAvziF
784PGBfVORqhPc+g2c7YelyHiVteiuqcjJT6OPu6VnZbBsdEkJQVGNO8XhNSxXcp
yiGRMX+Yh05yi1B5qJ85QWKRHZvZIPdoCo4KgmXXygSVhVX5m87j+59Q4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEsnwHCDrY7aG8EPLzHZfl0x8hkkMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvU3lmQWNJT3RqdG9id1E4dk1kbC1YVEh5R1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGB+damZhsBsEkEQFNmf
qVEArCSFUDBdZxbqGXmLx4XpjDdWIaoABnu2creAN/Lulrjch0OdfEC6PxiEzsXE
d5hqiMM6Ya4sluql7AfclUJL2RGECTHjIV66382Q5cvMCA9dqu4TZ0mB8KaPJ8CT
iBaksCDOtwE6Cb0r0DCbbU0b+Ha+LNLZ/4falpocPn4lB0Vsb2x9zeuPMSN6b3xm
gpg6o2y5Bhn4y323Ms6rhxRit0nXAOXbUzNaf/xe58mHLjl3mfgT/BrhjZBoCrR4
bQF6VWv22CRJr3vUkpSTDwXrdpH68Hs5dfi7xTUYkz8g6fN9gJSn4PXhATKbzZk+
AGQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:43 2025 by rpki-client