Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/U2QoDhuJcIzFrQsWm1c0YJSaSaw.roa
File: U2QoDhuJcIzFrQsWm1c0YJSaSaw.roa (raw, json)
Hash identifier: DkKE0LOqsl69m9hbck8Zm1LvkpRIyJppQTUBOO9Ns18=
Subject key identifier: 53:64:28:0E:1B:89:70:8C:C5:AD:0B:16:9B:57:34:60:94:9A:49:AC
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA4FC4261FF9D11B9BDDB2501A27FEA9E
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/U2QoDhuJcIzFrQsWm1c0YJSaSaw.roa
Signing time: Sun 17 Sep 2023 21:11:50 +0000
ROA not before: Sun 17 Sep 2023 21:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a4:fc:42:61:ff:9d:11:b9:bd:db:25:01:a2:7f:ea:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 21:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5364280e1b89708cc5ad0b169b573460949a49ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2e:1a:f1:6b:b4:29:25:7a:a9:35:10:af:1b:
39:a2:ef:f9:f2:d5:dc:24:e6:7e:2a:46:71:12:5b:
e4:5f:c1:0b:ea:20:b6:f4:54:c3:ad:e3:4a:01:c7:
32:ec:2d:b1:f2:61:8a:e3:b9:fb:44:98:bd:3a:99:
fd:62:d9:cb:b9:84:8a:e1:aa:e2:df:aa:ad:44:f9:
57:4a:2e:53:61:2c:aa:71:4a:b1:bd:c8:0c:d1:7c:
78:dd:20:ea:6f:b3:a8:a9:6a:c2:f7:a2:ab:57:e7:
38:ab:8f:38:ed:1f:52:dc:d2:71:bf:82:66:2d:76:
cb:a7:42:ae:18:b3:ee:e4:97:3d:2f:3a:29:48:cc:
99:b7:98:10:74:88:34:fa:06:78:2d:57:a5:6a:73:
7c:23:3a:5d:74:de:e2:4d:a3:43:a5:94:ec:7a:4e:
24:15:20:6a:61:97:da:9d:e8:21:a8:4a:c2:09:27:
0a:ca:53:44:60:a2:06:ee:0a:b3:ad:3a:48:53:fb:
97:c8:5f:29:05:70:87:6f:44:66:24:86:d1:6b:9e:
6e:a9:1d:48:ba:57:10:51:2b:8d:e4:3b:e1:0f:19:
3a:e1:0d:2c:9a:c8:88:00:e5:b3:84:16:3f:83:3d:
ff:03:f3:0e:21:5f:0c:7f:77:03:e8:12:7a:47:51:
b9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:64:28:0E:1B:89:70:8C:C5:AD:0B:16:9B:57:34:60:94:9A:49:AC
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/U2QoDhuJcIzFrQsWm1c0YJSaSaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:7f:2b:ed:13:8c:d8:79:b0:aa:76:8c:67:cc:8d:57:88:0f:
fc:19:b2:89:b1:ee:71:dc:c6:7d:07:b5:9b:f2:21:8b:98:2e:
ed:9f:66:6c:19:5e:a7:a6:91:82:7d:58:56:3f:5c:04:60:2f:
7f:c5:0d:9e:50:a2:3d:fd:8a:7d:ec:f4:f3:19:09:d5:09:54:
ed:90:f3:2e:e4:2c:d4:9d:c1:cf:ad:74:c3:b6:4b:74:48:6b:
90:49:ba:56:01:22:ed:91:7f:c1:91:15:2f:16:45:48:1f:48:
93:ff:74:8b:1b:9b:ed:b3:fd:de:c8:ad:cb:d7:46:ae:7c:78:
f7:82:6b:54:1f:c9:0c:2b:b0:f6:cd:cb:5b:3f:07:6f:6b:d5:
84:68:69:70:38:72:36:74:18:d7:9d:e1:f6:b3:9e:a1:80:a3:
b8:23:08:c0:4a:f4:05:15:fc:aa:85:60:b7:bf:e1:68:07:06:
79:e6:51:ca:b7:16:1b:1f:52:b2:20:24:99:fd:4f:d7:59:86:
e1:e9:d8:41:e1:cc:5a:5c:bf:56:a1:80:c4:bb:8b:69:46:8a:
f6:27:13:9a:ba:a5:b2:7b:f1:f0:8d:c7:b7:db:f9:2d:2a:2e:
2d:29:82:cb:db:cb:26:0c:31:52:ca:31:22:5b:fb:fb:21:49:
4a:03:28:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqk/EJh/50Rub3bJQGif+qeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MjExMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzY0MjgwZTFiODk3MDhjYzVhZDBiMTY5YjU3MzQ2MDk0OWE0OWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqy4a8Wu0KSV6qTUQrxs5ou/58tXc
JOZ+KkZxElvkX8EL6iC29FTDreNKAccy7C2x8mGK47n7RJi9Opn9YtnLuYSK4ari
36qtRPlXSi5TYSyqcUqxvcgM0Xx43SDqb7OoqWrC96KrV+c4q4847R9S3NJxv4Jm
LXbLp0KuGLPu5Jc9LzopSMyZt5gQdIg0+gZ4LVelanN8IzpddN7iTaNDpZTsek4k
FSBqYZfaneghqErCCScKylNEYKIG7gqzrTpIU/uXyF8pBXCHb0RmJIbRa55uqR1I
ulcQUSuN5DvhDxk64Q0smsiIAOWzhBY/gz3/A/MOIV8Mf3cD6BJ6R1G5WQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFNkKA4biXCMxa0LFptXNGCUmkmsMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvVTJRb0RodUpjSXpGclFzV20xYzBZSlNhU2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFB/K+0TjNh5sKp2jGfM
jVeID/wZsomx7nHcxn0HtZvyIYuYLu2fZmwZXqemkYJ9WFY/XARgL3/FDZ5Qoj39
in3s9PMZCdUJVO2Q8y7kLNSdwc+tdMO2S3RIa5BJulYBIu2Rf8GRFS8WRUgfSJP/
dIsbm+2z/d7IrcvXRq58ePeCa1QfyQwrsPbNy1s/B29r1YRoaXA4cjZ0GNed4faz
nqGAo7gjCMBK9AUV/KqFYLe/4WgHBnnmUcq3FhsfUrIgJJn9T9dZhuHp2EHhzFpc
v1ahgMS7i2lGivYnE5q6pbJ78fCNx7fb+S0qLi0pgsvbyyYMMVLKMSJb+/shSUoD
KLo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:34 2025 by rpki-client