Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/V7cqdkrBfA6zJo8dqnAjJ769DxM.roa
File: V7cqdkrBfA6zJo8dqnAjJ769DxM.roa (raw, json)
Hash identifier: UcCd1hY64yBsCmLzMu06tylu6IXKo13RoYgnQ3hJKgI=
Subject key identifier: 57:B7:2A:76:4A:C1:7C:0E:B3:26:8F:1D:AA:70:23:27:BE:BD:0F:13
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6B3E37D18B571D5E9E07FF35D1ABDD3E
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/V7cqdkrBfA6zJo8dqnAjJ769DxM.roa
Signing time: Wed 06 Sep 2023 16:05:54 +0000
ROA not before: Wed 06 Sep 2023 16:05:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:6b3c:f3e3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6b:3e:37:d1:8b:57:1d:5e:9e:07:ff:35:d1:ab:dd:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 16:05:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57b72a764ac17c0eb3268f1daa702327bebd0f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:30:2b:84:bb:2b:43:54:b2:69:54:41:c8:4c:
a9:29:f6:78:1e:f5:50:bc:31:bd:53:8f:bf:46:36:
37:73:36:e9:bf:c0:3b:ee:ae:e7:aa:a4:96:5d:d1:
b7:ea:a1:7e:ae:7a:e8:39:16:28:c3:6d:18:ae:1b:
e4:0e:c7:5d:98:62:72:13:78:52:6c:fa:1e:c4:4a:
ab:5e:20:de:40:35:45:d1:2a:7b:df:07:8f:e4:6a:
a0:f9:31:c6:04:9b:40:4a:d5:b6:a5:f4:c9:40:05:
21:b1:37:ee:72:9e:e8:b6:70:cc:03:5b:8e:f7:76:
c0:13:57:af:a2:c4:72:4d:cf:29:04:71:5c:cf:7f:
fb:18:9a:3b:06:ae:a0:d9:57:3c:9a:c8:a2:7e:79:
04:63:16:be:9d:f0:8c:96:9d:61:50:b5:b8:01:33:
52:90:a8:9b:56:94:90:99:28:f8:09:b6:0f:15:fd:
b2:cd:a7:4b:f8:92:a8:4c:24:8d:02:94:1a:ca:1e:
6a:01:b0:2e:1f:61:3a:8c:ed:9c:dc:3e:56:42:d1:
4c:4b:98:cf:42:02:2a:d8:05:e6:90:5c:90:34:26:
21:5c:9e:68:ba:8a:58:26:1f:c1:78:a7:9f:f4:df:
a9:3b:f5:22:32:73:cb:6f:86:c9:65:f7:02:c7:85:
7e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B7:2A:76:4A:C1:7C:0E:B3:26:8F:1D:AA:70:23:27:BE:BD:0F:13
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/V7cqdkrBfA6zJo8dqnAjJ769DxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:9c:1f:1f:20:06:bd:2d:c3:27:5f:32:51:96:ac:4f:be:29:
93:4a:81:32:b3:ad:ba:8f:e4:35:5b:bf:ed:31:00:13:f0:16:
b6:ce:a5:9c:3f:96:8f:d9:0a:50:2d:54:5e:c3:3c:aa:b3:e6:
1c:af:24:69:6d:3c:43:53:b3:e9:22:5b:33:ed:42:d4:fe:b9:
f5:2d:34:e1:38:ca:15:f0:d9:4f:5a:c7:f6:cc:ce:84:68:4c:
31:4a:c3:a9:fb:ed:ca:a0:bc:34:a8:5b:2d:da:16:67:b9:61:
c6:78:f2:b6:71:4b:85:78:39:ed:2c:a5:f4:74:1d:b1:79:3e:
bb:d3:a0:90:db:a6:d6:1a:7a:13:6f:d2:5d:d9:57:92:5c:08:
4c:1e:3e:a3:dd:e6:c9:99:5b:fe:70:5e:16:86:4a:e9:41:71:
e6:b5:1a:80:70:4c:3e:7f:db:38:81:e4:00:b0:03:5e:8b:51:
d7:81:82:ce:3b:c0:9d:c4:cf:9d:01:5b:bb:6e:e1:e1:39:86:
7f:3c:b1:54:88:c8:14:5b:37:94:d7:1f:10:52:f1:c1:00:f2:
5b:43:6c:80:86:ba:dd:7f:e9:12:0f:2e:2d:3b:8d:b2:67:b3:
84:65:e5:26:7d:23:eb:46:a7:1b:39:67:18:3b:31:ad:93:8d:
73:03:ec:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYprPjfRi1cdXp4H/zXRq90+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MTYwNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2I3MmE3NjRhYzE3YzBlYjMyNjhmMWRhYTcwMjMyN2JlYmQwZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTArhLsrQ1SyaVRByEypKfZ4HvVQ
vDG9U4+/RjY3czbpv8A77q7nqqSWXdG36qF+rnroORYow20YrhvkDsddmGJyE3hS
bPoexEqrXiDeQDVF0Sp73weP5Gqg+THGBJtAStW2pfTJQAUhsTfucp7otnDMA1uO
93bAE1evosRyTc8pBHFcz3/7GJo7Bq6g2Vc8msiifnkEYxa+nfCMlp1hULW4ATNS
kKibVpSQmSj4CbYPFf2yzadL+JKoTCSNApQayh5qAbAuH2E6jO2c3D5WQtFMS5jP
QgIq2AXmkFyQNCYhXJ5ouopYJh/BeKef9N+pO/UiMnPLb4bJZfcCx4V+gQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFe3KnZKwXwOsyaPHapwIye+vQ8TMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvVjdjcWRrckJmQTZ6Sm84ZHFuQWpKNzY5RHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABecHx8gBr0twydfMlGW
rE++KZNKgTKzrbqP5DVbv+0xABPwFrbOpZw/lo/ZClAtVF7DPKqz5hyvJGltPENT
s+kiWzPtQtT+ufUtNOE4yhXw2U9ax/bMzoRoTDFKw6n77cqgvDSoWy3aFme5YcZ4
8rZxS4V4Oe0spfR0HbF5PrvToJDbptYaehNv0l3ZV5JcCEwePqPd5smZW/5wXhaG
SulBcea1GoBwTD5/2ziB5ACwA16LUdeBgs47wJ3Ez50BW7tu4eE5hn88sVSIyBRb
N5TXHxBS8cEA8ltDbICGut1/6RIPLi07jbJns4Rl5SZ9I+tGpxs5Zxg7Ma2TjXMD
7Eg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:59 2025 by rpki-client