Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/UpmpP43bqHCf0zoRShPUXybdpg4.roa
File: UpmpP43bqHCf0zoRShPUXybdpg4.roa (raw, json)
Hash identifier: 3Z+vKIOFWU00la+NkdD5ZsRFCC09RVXZS3H67vezabs=
Subject key identifier: 52:99:A9:3F:8D:DB:A8:70:9F:D3:3A:11:4A:13:D4:5F:26:DD:A6:0E
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8910BD3254EF150680600CE0BC8214E7
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/UpmpP43bqHCf0zoRShPUXybdpg4.roa
Signing time: Tue 12 Sep 2023 11:04:50 +0000
ROA not before: Tue 12 Sep 2023 11:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64:ffff:0:18a:8910:7c6b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:10:bd:32:54:ef:15:06:80:60:0c:e0:bc:82:14:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 12 11:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5299a93f8ddba8709fd33a114a13d45f26dda60e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:72:c1:b2:a3:fa:9c:10:3e:3b:93:6e:66:cf:
99:1d:ec:ef:8a:d0:10:32:09:f3:7c:07:ce:b5:af:
f3:b6:72:97:17:94:07:7a:71:fc:52:cc:b9:1d:0d:
d2:f4:1e:d7:cb:7b:f0:69:8a:61:ab:a1:01:69:6f:
22:34:9e:c3:7c:ba:cf:b6:6e:d5:76:00:f8:97:f1:
76:db:4d:b2:cc:64:c3:b1:ea:23:2c:f5:6c:8a:fd:
c2:6a:27:99:a8:fd:3d:aa:ed:dd:49:0a:e6:8f:e9:
9d:c7:0b:9f:00:91:19:ea:6d:9d:22:37:17:f7:6e:
36:0a:cf:cc:a4:68:d1:36:74:48:5c:39:2c:3a:cf:
36:f2:e2:65:ba:44:c6:89:c6:82:31:60:9a:cc:1f:
ea:da:5f:f1:67:61:11:57:7e:65:15:e1:b7:4b:98:
e0:f0:7d:1a:e4:cb:17:16:29:5a:a6:9e:f5:6b:b1:
31:c7:ec:a5:08:a5:e8:2c:23:c6:4f:27:32:e1:3d:
be:d4:0b:3e:37:2c:0c:2d:f3:70:cb:00:2f:f9:e0:
cc:d2:dc:b1:33:07:62:57:0b:11:e2:35:d5:da:ff:
c9:4f:2b:bd:a0:bd:94:da:63:cd:ec:bb:96:39:f4:
e0:75:b5:51:7a:b9:b1:fe:4f:b2:46:cc:b0:2d:90:
71:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:99:A9:3F:8D:DB:A8:70:9F:D3:3A:11:4A:13:D4:5F:26:DD:A6:0E
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/UpmpP43bqHCf0zoRShPUXybdpg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:7a:17:02:64:c4:8d:9e:31:89:b0:60:31:e2:68:80:9e:21:
8c:fa:2f:e8:14:01:2e:09:9d:3d:b6:92:13:ed:3c:1c:8e:1b:
a9:34:ff:4e:43:39:d5:5f:6c:46:62:81:7d:6d:6e:8d:5c:48:
94:90:8c:b6:e5:fd:5e:df:30:1a:5c:3c:c5:98:31:6d:64:c4:
4f:7f:c4:20:f9:3f:b0:64:48:4b:f3:64:02:22:91:99:28:66:
55:b3:6d:7f:1b:ac:82:4f:17:32:5c:98:ad:3a:32:ff:05:e2:
31:0a:e3:4c:8a:07:62:ed:54:ac:e6:2f:cb:8d:f8:1b:f1:0e:
d6:be:dc:24:c3:be:6c:0f:af:fe:9f:07:98:ae:a1:03:b3:bd:
e9:fb:c9:23:af:b4:63:ce:4e:31:1d:4f:51:8d:43:88:28:e3:
e5:6b:9e:f9:26:d8:cd:1c:b9:17:17:10:13:05:b1:41:35:ff:
02:63:04:b5:b0:8c:f9:c0:5b:f4:af:ba:0a:3e:cf:20:db:a5:
17:9d:f8:58:5d:7b:5f:97:26:08:20:f5:d7:9a:1b:82:25:23:
b0:92:d9:65:a5:0b:a0:b4:8a:e3:28:84:e7:20:8d:e8:c7:97:
13:5b:17:ed:0d:61:1e:85:1f:3f:2d:85:15:81:75:d1:1a:aa:
a8:93:05:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqJEL0yVO8VBoBgDOC8ghTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEyMTEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjk5YTkzZjhkZGJhODcwOWZkMzNhMTE0YTEzZDQ1ZjI2ZGRhNjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHLBsqP6nBA+O5NuZs+ZHezvitAQ
MgnzfAfOta/ztnKXF5QHenH8Usy5HQ3S9B7Xy3vwaYphq6EBaW8iNJ7DfLrPtm7V
dgD4l/F2202yzGTDseojLPVsiv3CaieZqP09qu3dSQrmj+mdxwufAJEZ6m2dIjcX
9242Cs/MpGjRNnRIXDksOs828uJlukTGicaCMWCazB/q2l/xZ2ERV35lFeG3S5jg
8H0a5MsXFilapp71a7Exx+ylCKXoLCPGTycy4T2+1As+NywMLfNwywAv+eDM0tyx
MwdiVwsR4jXV2v/JTyu9oL2U2mPN7LuWOfTgdbVRermx/k+yRsywLZBxPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFKZqT+N26hwn9M6EUoT1F8m3aYOMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvVXBtcFA0M2JxSENmMHpvUlNoUFVYeWJkcGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAd6FwJkxI2eMYmwYDHi
aICeIYz6L+gUAS4JnT22khPtPByOG6k0/05DOdVfbEZigX1tbo1cSJSQjLbl/V7f
MBpcPMWYMW1kxE9/xCD5P7BkSEvzZAIikZkoZlWzbX8brIJPFzJcmK06Mv8F4jEK
40yKB2LtVKzmL8uN+BvxDta+3CTDvmwPr/6fB5iuoQOzven7ySOvtGPOTjEdT1GN
Q4go4+Vrnvkm2M0cuRcXEBMFsUE1/wJjBLWwjPnAW/Svugo+zyDbpRed+Fhde1+X
Jggg9deaG4IlI7CS2WWlC6C0iuMohOcgjejHlxNbF+0NYR6FHz8thRWBddEaqqiT
BbU=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:33:38 2025 by rpki-client