Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Wf2dKD4D6HFdTh8S3vDuy8Eys7E.roa
File: Wf2dKD4D6HFdTh8S3vDuy8Eys7E.roa (raw, json)
Hash identifier: CjWxsJPJ096jtB7Rphy/52fsd11nvGRJahpQci6huaA=
Subject key identifier: 59:FD:9D:28:3E:03:E8:71:5D:4E:1F:12:DE:F0:EE:CB:C1:32:B3:B1
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5447C639F27BC72485926AD7163BCCB7
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Wf2dKD4D6HFdTh8S3vDuy8Eys7E.roa
Signing time: Sat 02 Sep 2023 05:05:04 +0000
ROA not before: Sat 02 Sep 2023 05:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:5447:70c6/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:54:47:c6:39:f2:7b:c7:24:85:92:6a:d7:16:3b:cc:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 05:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59fd9d283e03e8715d4e1f12def0eecbc132b3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c2:c5:d2:d8:54:2c:24:84:e1:8d:7c:a9:d3:
3b:60:b6:45:f1:18:21:18:85:34:49:9b:2b:a0:35:
7f:ee:d8:10:70:e3:91:bc:8b:c1:6f:48:01:17:f7:
45:82:32:3d:0a:67:5c:96:ff:ba:dd:c1:b1:ae:11:
9f:eb:29:5f:f6:95:99:c1:44:89:91:60:2c:7a:13:
38:74:96:99:30:75:79:9a:2c:20:39:3f:1a:69:22:
fe:77:09:60:40:4f:ca:82:3b:b7:1e:ef:40:2a:2c:
6d:d0:22:5d:cd:f9:f1:c4:ff:c8:70:be:9b:97:22:
a1:aa:16:15:9c:3a:80:f9:a7:04:3a:fd:1d:93:97:
58:e7:59:7b:67:9d:b3:17:d4:2d:37:a3:9c:db:83:
90:24:d9:37:8e:d2:32:de:34:09:68:eb:63:38:78:
c9:fe:b4:bd:3b:f7:0d:48:13:4b:ba:c1:5c:3d:b7:
7a:cf:93:6e:7f:f1:51:71:e0:72:20:94:9d:0b:75:
57:22:99:aa:ff:85:de:ca:5e:2c:76:9a:c5:ba:52:
3c:e2:79:7b:14:08:ef:d1:97:83:2b:df:52:a8:1e:
6a:af:43:c7:67:45:73:32:01:98:29:71:47:3a:79:
9d:41:bd:9f:6e:7b:14:fd:d0:ce:85:5b:44:ff:27:
c3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:FD:9D:28:3E:03:E8:71:5D:4E:1F:12:DE:F0:EE:CB:C1:32:B3:B1
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Wf2dKD4D6HFdTh8S3vDuy8Eys7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:26:34:ba:52:6f:bd:f5:b0:49:24:63:cb:a7:b4:7d:59:ea:
6d:8a:c9:fd:12:c4:49:53:54:15:be:f5:b4:45:dd:e2:4d:c0:
d7:c8:2f:48:c8:d0:ef:d2:33:b5:fd:a8:0d:45:77:7c:b8:72:
41:97:fe:32:0c:ca:18:3c:c3:bb:b7:39:94:52:f1:2f:32:8f:
82:c3:22:6d:87:e9:17:bb:e2:6e:eb:8d:63:24:7a:cb:c8:0c:
22:78:ac:83:7c:9c:55:b5:f0:63:d5:12:a9:cd:0e:26:ff:6b:
42:8d:df:1c:e0:4b:de:6f:5c:a4:27:ef:ec:d9:e6:6d:28:da:
6d:7f:aa:0e:ab:a2:6b:9c:b6:d2:9a:2f:b9:5c:92:c6:6c:09:
be:1c:41:55:43:c3:60:2f:29:a9:80:e0:18:de:a6:82:bb:cf:
ba:75:69:4e:ad:91:ea:b7:70:2a:f6:ec:3c:fb:ec:a8:6c:7b:
0c:98:ff:7f:f6:05:89:6e:58:29:0e:07:f3:ea:c9:79:9b:46:
d3:2a:ce:bc:06:0c:c0:a9:85:24:ab:be:bf:15:c5:f0:4b:b6:
56:cb:a9:c2:a3:af:e5:67:26:53:62:5e:27:1b:37:c5:51:b3:
6e:ed:88:4c:c1:d7:1d:0b:3b:b9:d1:70:53:fc:15:e1:9a:44:
c6:51:ca:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpUR8Y58nvHJIWSatcWO8y3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMDUwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZkOWQyODNlMDNlODcxNWQ0ZTFmMTJkZWYwZWVjYmMxMzJiM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsLF0thULCSE4Y18qdM7YLZF8Rgh
GIU0SZsroDV/7tgQcOORvIvBb0gBF/dFgjI9Cmdclv+63cGxrhGf6ylf9pWZwUSJ
kWAsehM4dJaZMHV5miwgOT8aaSL+dwlgQE/Kgju3Hu9AKixt0CJdzfnxxP/IcL6b
lyKhqhYVnDqA+acEOv0dk5dY51l7Z52zF9QtN6Oc24OQJNk3jtIy3jQJaOtjOHjJ
/rS9O/cNSBNLusFcPbd6z5Nuf/FRceByIJSdC3VXIpmq/4Xeyl4sdprFulI84nl7
FAjv0ZeDK99SqB5qr0PHZ0VzMgGYKXFHOnmdQb2fbnsU/dDOhVtE/yfDtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFn9nSg+A+hxXU4fEt7w7svBMrOxMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvV2YyZEtENEQ2SEZkVGg4UzN2RHV5OEV5czdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA4mNLpSb731sEkkY8un
tH1Z6m2Kyf0SxElTVBW+9bRF3eJNwNfIL0jI0O/SM7X9qA1Fd3y4ckGX/jIMyhg8
w7u3OZRS8S8yj4LDIm2H6Re74m7rjWMkesvIDCJ4rIN8nFW18GPVEqnNDib/a0KN
3xzgS95vXKQn7+zZ5m0o2m1/qg6romucttKaL7lcksZsCb4cQVVDw2AvKamA4Bje
poK7z7p1aU6tkeq3cCr27Dz77KhsewyY/3/2BYluWCkOB/PqyXmbRtMqzrwGDMCp
hSSrvr8VxfBLtlbLqcKjr+VnJlNiXicbN8VRs27tiEzB1x0LO7nRcFP8FeGaRMZR
yiA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:31:23 2025 by rpki-client