Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/UVmgssz-vqsIssDiAaiYEb6oFaE.roa
File: UVmgssz-vqsIssDiAaiYEb6oFaE.roa (raw, json)
Hash identifier: 2lCFSSZ0vllI5Rx/kMlQxy7U7lScXeV8iuzRHfniAX4=
Subject key identifier: 51:59:A0:B2:CC:FE:BE:AB:08:B2:C0:E2:01:A8:98:11:BE:A8:15:A1
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA79145904BB889524F682395011CE7CE
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/UVmgssz-vqsIssDiAaiYEb6oFaE.roa
Signing time: Mon 18 Sep 2023 09:13:50 +0000
ROA not before: Mon 18 Sep 2023 09:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:91:45:90:4b:b8:89:52:4f:68:23:95:01:1c:e7:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 18 09:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5159a0b2ccfebeab08b2c0e201a89811bea815a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:24:00:24:5c:43:18:4e:f1:3f:4e:23:45:30:
42:22:78:d5:f1:cb:28:63:e4:d9:27:1b:ad:40:33:
91:25:ee:15:26:92:76:43:6f:15:34:1d:f9:35:bc:
fe:ab:67:52:82:d7:fc:2f:4a:a2:86:92:e6:0a:75:
a4:39:5c:00:e8:c7:2a:02:08:af:89:c7:e2:02:54:
34:48:36:d1:88:bd:28:20:15:c6:a8:16:30:2c:13:
51:c2:9a:b0:19:31:26:ee:b7:06:b9:34:ac:fd:3f:
57:43:f3:c8:3e:6d:d4:4f:2d:53:ac:1f:74:26:a6:
14:3b:77:c7:eb:bf:58:94:23:fc:a3:27:9e:f2:89:
31:38:76:bd:20:13:b4:71:1b:02:85:af:b5:a9:82:
c1:d5:6a:8e:f6:6c:fc:c1:1d:f7:e0:f7:cf:51:1b:
3d:d4:f6:f7:69:a9:21:bd:0e:e6:2d:c3:d3:7a:72:
28:7a:2a:b3:3d:e7:3e:af:20:95:61:26:2b:49:be:
8e:8e:3f:30:f8:cf:ab:cf:c1:57:a4:5a:fd:5d:a2:
f1:73:13:ec:45:f7:01:27:3f:79:a4:17:2a:24:76:
e5:c5:aa:01:f7:00:2e:9c:4c:b9:96:ce:02:8b:1c:
bd:98:94:d5:2a:da:32:a9:40:6e:c4:79:0d:7e:a7:
f0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:59:A0:B2:CC:FE:BE:AB:08:B2:C0:E2:01:A8:98:11:BE:A8:15:A1
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/UVmgssz-vqsIssDiAaiYEb6oFaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:c1:34:ad:41:b7:40:80:b7:19:2c:b5:c9:b2:31:2f:ab:29:
7b:23:b0:aa:d7:f3:92:03:d0:bd:4b:3d:88:92:1d:b3:55:3d:
b4:2d:eb:7d:d3:a4:8a:29:5d:fb:57:71:a8:2b:49:be:31:d9:
6f:94:da:2e:38:ea:ae:53:5d:5c:44:aa:b2:7a:af:48:8e:39:
8a:3c:79:7c:eb:56:46:ad:bd:0b:1f:52:44:89:e4:60:ff:51:
3f:6d:f5:30:cd:48:97:44:e8:75:48:7e:1b:b3:93:23:d1:cc:
e2:68:97:99:52:3c:92:bf:4f:e5:9e:c1:24:f2:17:d0:e0:44:
4c:c3:ba:74:df:30:ab:ad:00:a3:a6:38:61:aa:d1:6f:fc:cb:
09:2d:23:f0:af:91:29:5d:76:e7:d4:96:31:0a:85:4d:42:7a:
12:f6:fc:0c:03:ef:2f:67:a2:bb:c8:42:bb:34:d1:d2:58:62:
e8:b8:8d:0c:53:e1:09:46:e0:67:ff:8f:8b:9a:60:e5:9f:98:
ef:17:fd:20:6d:99:e5:ba:30:8c:62:11:7f:94:ee:c8:12:90:
5d:af:8a:3c:6b:45:90:73:e9:8d:e9:5a:c4:05:07:20:a6:5f:
d3:4d:1c:4e:d7:b9:be:63:1c:64:57:aa:25:ec:bf:31:df:28:
fe:bf:e6:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqnkUWQS7iJUk9oI5UBHOfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE4MDkxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTU5YTBiMmNjZmViZWFiMDhiMmMwZTIwMWE4OTgxMWJlYTgxNWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCQAJFxDGE7xP04jRTBCInjV8cso
Y+TZJxutQDORJe4VJpJ2Q28VNB35Nbz+q2dSgtf8L0qihpLmCnWkOVwA6McqAgiv
icfiAlQ0SDbRiL0oIBXGqBYwLBNRwpqwGTEm7rcGuTSs/T9XQ/PIPm3UTy1TrB90
JqYUO3fH679YlCP8oyee8okxOHa9IBO0cRsCha+1qYLB1WqO9mz8wR334PfPURs9
1Pb3aakhvQ7mLcPTenIoeiqzPec+ryCVYSYrSb6Ojj8w+M+rz8FXpFr9XaLxcxPs
RfcBJz95pBcqJHblxaoB9wAunEy5ls4Cixy9mJTVKtoyqUBuxHkNfqfwXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFFZoLLM/r6rCLLA4gGomBG+qBWhMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvVVZtZ3Nzei12cXNJc3NEaUFhaVlFYjZvRmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGPBNK1Bt0CAtxkstcmy
MS+rKXsjsKrX85ID0L1LPYiSHbNVPbQt633TpIopXftXcagrSb4x2W+U2i446q5T
XVxEqrJ6r0iOOYo8eXzrVkatvQsfUkSJ5GD/UT9t9TDNSJdE6HVIfhuzkyPRzOJo
l5lSPJK/T+WewSTyF9DgREzDunTfMKutAKOmOGGq0W/8ywktI/CvkSlddufUljEK
hU1CehL2/AwD7y9norvIQrs00dJYYui4jQxT4QlG4Gf/j4uaYOWfmO8X/SBtmeW6
MIxiEX+U7sgSkF2vijxrRZBz6Y3pWsQFByCmX9NNHE7Xub5jHGRXqiXsvzHfKP6/
5hQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:52 2025 by rpki-client