Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/T18zGqmbnG4B_u8yhPXQnbXjn_Y.roa
File: T18zGqmbnG4B_u8yhPXQnbXjn_Y.roa (raw, json)
Hash identifier: HBQ1hiyY5Q/smmOkRTbMyGKj6d7qqRQQf7ObH8+T44g=
Subject key identifier: 4F:5F:33:1A:A9:9B:9C:6E:01:FE:EF:32:84:F5:D0:9D:B5:E3:9F:F6
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A82DF14DB68A80378874F6EB05ED33A02
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/T18zGqmbnG4B_u8yhPXQnbXjn_Y.roa
Signing time: Mon 11 Sep 2023 06:12:52 +0000
ROA not before: Mon 11 Sep 2023 06:12:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:82:df:14:db:68:a8:03:78:87:4f:6e:b0:5e:d3:3a:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 06:12:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f5f331aa99b9c6e01feef3284f5d09db5e39ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:96:14:6e:27:72:71:8f:76:1d:c0:1b:87:a7:
34:18:17:81:db:5c:ac:7d:41:9f:6d:24:46:cc:7d:
50:59:a7:14:fa:a6:01:07:63:96:b2:2a:10:2c:bd:
f8:b1:34:aa:fe:59:5f:17:11:01:30:c7:a5:5c:76:
05:27:f0:2e:02:ad:a1:ff:34:06:ef:5f:70:c3:3f:
84:86:9b:b3:c5:b4:34:16:1e:51:28:13:d4:1b:57:
a0:4c:1d:f1:83:9a:42:b0:d4:ab:0e:16:04:10:a0:
e8:3f:38:d9:c8:52:f6:a3:7e:ad:46:7b:4f:7a:23:
92:82:b7:1f:71:ff:7f:c7:ef:19:28:02:17:79:cf:
81:e1:f2:22:32:ab:d1:af:75:bf:41:e9:8b:6f:c6:
27:ea:86:93:10:96:55:e4:d7:a1:5c:a2:85:9f:7f:
34:94:dc:3d:15:bc:02:f5:95:79:2b:39:fa:19:90:
db:3c:9e:49:13:a2:15:47:44:13:9a:d9:56:3d:a9:
47:7a:5c:8e:13:0e:f2:59:3f:34:ed:12:cd:40:77:
fa:5e:fd:17:d6:4a:5e:dc:91:54:98:c3:cd:2e:04:
d8:3f:0c:1f:3b:75:a4:71:e0:05:11:a6:87:7a:4c:
da:2c:53:04:e2:0c:2a:8f:a2:20:de:97:c4:30:83:
04:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:5F:33:1A:A9:9B:9C:6E:01:FE:EF:32:84:F5:D0:9D:B5:E3:9F:F6
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/T18zGqmbnG4B_u8yhPXQnbXjn_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:e1:19:52:f0:67:36:81:4d:df:a3:7a:40:80:62:60:c7:f9:
aa:3f:41:8f:4c:ff:96:00:39:c8:2d:ce:41:56:d0:24:d2:9e:
b2:9e:1a:2e:f5:ac:c6:d6:2f:92:7b:6b:d6:d9:2c:f4:58:30:
30:75:df:18:50:41:4f:d6:78:3a:4a:88:9a:5b:d3:9a:bb:b5:
5b:b0:d0:3a:63:82:05:8c:42:00:15:ee:bf:80:bc:53:0c:10:
8f:e0:26:ee:28:59:e9:5e:74:95:2f:d9:ef:22:da:c5:5f:eb:
24:e7:a7:69:a8:3f:f5:68:7b:5c:6b:57:e4:67:8c:08:f4:fe:
c8:0b:90:c5:de:e2:24:0e:9b:b3:27:93:cc:a5:a0:06:c0:16:
a3:a5:a8:40:61:86:08:a7:63:d3:66:e9:f0:24:d0:97:4c:cf:
8b:ca:4f:59:e5:0c:5a:cd:d5:8f:72:2e:82:6c:e0:cc:6b:97:
40:4c:ab:f2:ff:02:8b:e5:35:1d:f1:6f:85:50:46:12:36:90:
e7:cf:06:6d:ea:d9:ff:ff:39:5e:a6:42:9c:68:9f:9d:ae:76:
19:42:e8:83:c9:9f:4c:1a:2f:45:82:3b:7a:ca:46:95:6f:e7:
68:38:d4:4a:32:a9:b2:cf:ea:5a:38:d2:51:ce:ec:62:d9:68:
82:7b:49:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqC3xTbaKgDeIdPbrBe0zoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMDYxMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjVmMzMxYWE5OWI5YzZlMDFmZWVmMzI4NGY1ZDA5ZGI1ZTM5ZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpYUbidycY92HcAbh6c0GBeB21ys
fUGfbSRGzH1QWacU+qYBB2OWsioQLL34sTSq/llfFxEBMMelXHYFJ/AuAq2h/zQG
719wwz+EhpuzxbQ0Fh5RKBPUG1egTB3xg5pCsNSrDhYEEKDoPzjZyFL2o36tRntP
eiOSgrcfcf9/x+8ZKAIXec+B4fIiMqvRr3W/QemLb8Yn6oaTEJZV5NehXKKFn380
lNw9FbwC9ZV5Kzn6GZDbPJ5JE6IVR0QTmtlWPalHelyOEw7yWT807RLNQHf6Xv0X
1kpe3JFUmMPNLgTYPwwfO3WkceAFEaaHekzaLFME4gwqj6Ig3pfEMIMErQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE9fMxqpm5xuAf7vMoT10J2145/2MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvVDE4ekdxbWJuRzRCX3U4eWhQWFFuYlhqbl9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFzhGVLwZzaBTd+jekCA
YmDH+ao/QY9M/5YAOcgtzkFW0CTSnrKeGi71rMbWL5J7a9bZLPRYMDB13xhQQU/W
eDpKiJpb05q7tVuw0DpjggWMQgAV7r+AvFMMEI/gJu4oWeledJUv2e8i2sVf6yTn
p2moP/Voe1xrV+RnjAj0/sgLkMXe4iQOm7Mnk8yloAbAFqOlqEBhhginY9Nm6fAk
0JdMz4vKT1nlDFrN1Y9yLoJs4Mxrl0BMq/L/AovlNR3xb4VQRhI2kOfPBm3q2f//
OV6mQpxon52udhlC6IPJn0waL0WCO3rKRpVv52g41EoyqbLP6lo40lHO7GLZaIJ7
Sdw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:05 2025 by rpki-client