Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/TCm8OyLK_ZBVAVWffr_xHnNkRxw.roa
File: TCm8OyLK_ZBVAVWffr_xHnNkRxw.roa (raw, json)
Hash identifier: KzkMWMRkA0mTuIVMjIKdesOetqeN2luIMFBD8zehrSo=
Subject key identifier: 4C:29:BC:3B:22:CA:FD:90:55:01:55:9F:7E:BF:F1:1E:73:64:47:1C
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5BD907F538F0320713B4C721972BD6FF
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/TCm8OyLK_ZBVAVWffr_xHnNkRxw.roa
Signing time: Sun 03 Sep 2023 16:21:04 +0000
ROA not before: Sun 03 Sep 2023 16:21:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5b:d9:07:f5:38:f0:32:07:13:b4:c7:21:97:2b:d6:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 16:21:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c29bc3b22cafd905501559f7ebff11e7364471c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:c5:1d:62:5b:03:a5:10:56:b5:8c:7e:bd:
6e:3c:84:b5:de:b1:1f:11:62:a3:e5:fa:6a:1c:27:
bf:c1:19:c5:ed:0a:39:01:d1:fe:4b:e7:57:94:35:
0e:4f:98:20:53:cc:a6:90:3c:ca:53:eb:98:8d:3e:
d5:4e:92:93:33:84:ab:5a:7a:95:1c:2d:15:31:39:
69:5f:fb:b0:06:03:87:a7:17:be:c8:5d:4c:75:3d:
5e:4a:81:73:90:6c:6b:68:79:5b:c1:3e:b0:63:9e:
04:75:f0:85:90:d2:4c:06:47:4b:b7:60:e5:5b:5a:
54:06:4c:15:ed:11:a4:ab:4b:d5:ea:d5:3f:86:8b:
89:d4:3b:c0:65:f7:73:03:6e:fe:0a:6c:f7:94:12:
01:94:a8:f3:b2:fd:f2:d2:31:a9:e7:dc:7f:5a:2c:
a4:98:c1:72:11:28:01:92:cf:69:0a:5c:8f:d9:8a:
01:f6:9c:de:ca:bf:ee:02:e7:9b:ee:7b:c1:db:71:
37:a2:7b:b6:a8:72:de:9d:20:44:92:4f:d8:5a:bc:
4b:24:47:ea:63:b0:3f:b6:19:9f:d1:c9:d9:85:91:
9e:3c:08:4c:c0:28:9d:0b:7f:f3:78:ce:89:20:be:
ea:cf:29:c0:a5:dd:30:d8:a9:40:20:d4:9f:be:b4:
d7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:29:BC:3B:22:CA:FD:90:55:01:55:9F:7E:BF:F1:1E:73:64:47:1C
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/TCm8OyLK_ZBVAVWffr_xHnNkRxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:63:f9:0e:4b:fd:96:93:d0:80:9e:86:b2:09:cc:66:9f:36:
19:f8:70:81:4f:df:19:f3:d2:04:78:4c:0b:7b:b9:87:3c:3c:
24:bc:00:d8:06:44:b9:ed:08:0e:c1:7c:ae:12:6b:08:fd:ef:
d1:4b:e6:dd:37:07:92:2f:fd:bc:06:d9:cc:09:76:a3:90:39:
b9:d2:ba:59:28:48:b5:08:6a:2b:8f:fd:ca:fc:eb:62:90:bd:
f1:97:85:05:13:80:c6:e0:31:05:ff:89:68:63:71:49:2c:96:
c0:1d:ca:29:2e:a4:c6:8d:46:87:11:af:64:86:2e:60:f2:b4:
94:ff:8c:39:f4:d2:1d:05:7e:70:8b:cf:a7:8d:aa:d1:b9:38:
b2:a0:2d:0e:00:ff:03:6d:87:78:e7:88:67:15:4c:20:b7:e5:
27:84:10:cf:4f:2e:13:84:37:f4:d5:cd:3a:65:e0:14:23:3c:
1a:cb:56:f9:0b:62:68:72:7a:5a:5a:b8:5e:67:a6:b9:67:91:
65:c9:37:09:ee:f2:d7:65:9b:dd:f4:95:9e:3e:d0:d7:12:d9:
42:8e:c6:05:f5:3a:cb:11:b5:59:25:d5:e9:2b:15:6a:f3:7e:
b7:ea:c8:cd:0a:8a:44:ce:51:e5:b1:9d:8b:3e:a5:bb:b8:6a:
5c:2b:32:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpb2Qf1OPAyBxO0xyGXK9b/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMTYyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzI5YmMzYjIyY2FmZDkwNTUwMTU1OWY3ZWJmZjExZTczNjQ0NzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojfFHWJbA6UQVrWMfr1uPIS13rEf
EWKj5fpqHCe/wRnF7Qo5AdH+S+dXlDUOT5ggU8ymkDzKU+uYjT7VTpKTM4SrWnqV
HC0VMTlpX/uwBgOHpxe+yF1MdT1eSoFzkGxraHlbwT6wY54EdfCFkNJMBkdLt2Dl
W1pUBkwV7RGkq0vV6tU/houJ1DvAZfdzA27+Cmz3lBIBlKjzsv3y0jGp59x/Wiyk
mMFyESgBks9pClyP2YoB9pzeyr/uAueb7nvB23E3onu2qHLenSBEkk/YWrxLJEfq
Y7A/thmf0cnZhZGePAhMwCidC3/zeM6JIL7qzynApd0w2KlAINSfvrTXVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEwpvDsiyv2QVQFVn36/8R5zZEccMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvVENtOE95TEtfWkJWQVZXZmZyX3hIbk5rUnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHFj+Q5L/ZaT0ICehrIJ
zGafNhn4cIFP3xnz0gR4TAt7uYc8PCS8ANgGRLntCA7BfK4Sawj979FL5t03B5Iv
/bwG2cwJdqOQObnSulkoSLUIaiuP/cr862KQvfGXhQUTgMbgMQX/iWhjcUkslsAd
yikupMaNRocRr2SGLmDytJT/jDn00h0FfnCLz6eNqtG5OLKgLQ4A/wNth3jniGcV
TCC35SeEEM9PLhOEN/TVzTpl4BQjPBrLVvkLYmhyelpauF5nprlnkWXJNwnu8tdl
m930lZ4+0NcS2UKOxgX1OssRtVkl1ekrFWrzfrfqyM0KikTOUeWxnYs+pbu4alwr
Mtg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:32 2025 by rpki-client