Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Ww7rWuRy0FH3knp8fNOIUAlxIqw.roa
File: Ww7rWuRy0FH3knp8fNOIUAlxIqw.roa (raw, json)
Hash identifier: D9OftguHHkoiLtLchxr6r0nOtQDh/gdrywcIFW6s8iE=
Subject key identifier: 5B:0E:EB:5A:E4:72:D0:51:F7:92:7A:7C:7C:D3:88:50:09:71:22:AC
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4B459003A858A461B4B46DF3D65DCEFF
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Ww7rWuRy0FH3knp8fNOIUAlxIqw.roa
Signing time: Thu 31 Aug 2023 11:06:04 +0000
ROA not before: Thu 31 Aug 2023 11:06:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:4b44:e3ef/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:45:90:03:a8:58:a4:61:b4:b4:6d:f3:d6:5d:ce:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 11:06:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b0eeb5ae472d051f7927a7c7cd38850097122ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:57:14:51:a8:66:3e:58:d5:17:5b:e4:7e:ce:
ee:d3:0d:a6:28:11:7d:c8:cd:78:73:31:61:cc:dc:
12:2c:a6:9b:76:a7:05:17:be:43:11:40:cb:9c:3c:
9c:27:f1:64:d4:3f:ae:d6:34:90:06:58:26:25:b8:
98:4c:8b:22:a4:62:3a:de:b4:e6:ed:d6:1f:e4:0a:
39:df:a4:fe:8a:7e:56:9f:24:d8:6c:8f:74:97:0f:
44:9c:4f:e2:d1:9f:1b:88:21:47:a4:c5:e3:bc:ff:
10:37:bb:20:ba:95:e1:70:b9:c1:07:5f:c9:d4:47:
ac:0e:ec:38:14:86:9f:36:73:c0:97:cb:48:87:e2:
b0:8a:4f:a6:d1:27:98:fe:61:4f:47:d3:4f:a7:e4:
45:ea:ea:17:9e:8a:22:25:3e:1d:31:59:e5:47:d9:
05:33:7e:8a:74:5d:88:41:02:29:2f:f8:6c:08:03:
53:90:17:2e:95:3f:e5:94:1c:22:2e:ff:41:2f:2d:
8e:a0:d2:b1:a3:e4:5b:7f:94:bb:c7:84:95:6d:19:
a3:3b:7d:cd:a6:45:93:9f:b6:a6:e9:6c:31:21:d8:
bb:d7:f9:71:ae:f2:1c:db:4d:26:68:26:9a:b9:66:
d5:e1:a2:f7:0b:bb:b9:01:74:3c:5b:fb:da:ff:9f:
9e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:0E:EB:5A:E4:72:D0:51:F7:92:7A:7C:7C:D3:88:50:09:71:22:AC
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Ww7rWuRy0FH3knp8fNOIUAlxIqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:ed:6f:10:07:6b:34:76:16:69:9d:5d:b8:c2:75:f6:a3:b7:
84:e0:d4:2c:75:8c:06:00:d4:40:15:cc:6f:d6:eb:13:4e:8e:
7e:a6:c8:95:3f:84:7a:f6:79:89:a9:e9:a5:c2:e7:4c:25:2c:
6b:3d:02:c7:6f:ff:1a:3b:aa:80:4c:0b:e5:77:41:be:e7:97:
e8:cc:8c:4a:97:a1:0f:fd:53:5c:a8:b8:2d:16:3a:e8:2b:00:
5d:8e:c2:44:00:c7:b2:10:39:49:7b:9d:b4:fb:d1:57:fd:41:
16:bf:c6:9e:79:6e:9a:7d:bb:90:ba:f6:13:02:02:3e:5f:91:
27:2d:bc:62:97:09:27:fe:07:7d:a5:78:d3:fb:31:3d:07:99:
84:13:0f:86:95:37:eb:ce:d1:20:ca:2b:83:f8:8e:c4:f1:aa:
32:b6:36:a2:16:91:4d:72:3b:8f:7d:2b:a8:14:1f:bb:38:2a:
28:b2:96:23:27:0d:1d:6a:8d:2f:7d:49:19:7b:75:f7:e5:ee:
6c:27:c0:b9:2e:0a:be:97:a1:e1:77:93:43:5a:1c:a8:55:3f:
56:39:3b:d3:85:7e:33:4d:7f:c8:90:66:ab:f7:ee:4c:a1:0a:
ac:25:64:a5:29:1c:7f:35:5d:50:dd:ac:63:57:f1:23:17:b2:
90:9d:07:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpLRZADqFikYbS0bfPWXc7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMTEwNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjBlZWI1YWU0NzJkMDUxZjc5MjdhN2M3Y2QzODg1MDA5NzEyMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolcUUahmPljVF1vkfs7u0w2mKBF9
yM14czFhzNwSLKabdqcFF75DEUDLnDycJ/Fk1D+u1jSQBlgmJbiYTIsipGI63rTm
7dYf5Ao536T+in5WnyTYbI90lw9EnE/i0Z8biCFHpMXjvP8QN7sgupXhcLnBB1/J
1EesDuw4FIafNnPAl8tIh+Kwik+m0SeY/mFPR9NPp+RF6uoXnooiJT4dMVnlR9kF
M36KdF2IQQIpL/hsCANTkBculT/llBwiLv9BLy2OoNKxo+Rbf5S7x4SVbRmjO33N
pkWTn7am6WwxIdi71/lxrvIc200maCaauWbV4aL3C7u5AXQ8W/va/5+eVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFsO61rkctBR95J6fHzTiFAJcSKsMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvV3c3cld1UnkwRkgza25wOGZOT0lVQWx4SXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFjtbxAHazR2FmmdXbjC
dfajt4Tg1Cx1jAYA1EAVzG/W6xNOjn6myJU/hHr2eYmp6aXC50wlLGs9Asdv/xo7
qoBMC+V3Qb7nl+jMjEqXoQ/9U1youC0WOugrAF2OwkQAx7IQOUl7nbT70Vf9QRa/
xp55bpp9u5C69hMCAj5fkSctvGKXCSf+B32leNP7MT0HmYQTD4aVN+vO0SDKK4P4
jsTxqjK2NqIWkU1yO499K6gUH7s4KiiyliMnDR1qjS99SRl7dffl7mwnwLkuCr6X
oeF3k0NaHKhVP1Y5O9OFfjNNf8iQZqv37kyhCqwlZKUpHH81XVDdrGNX8SMXspCd
B7A=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:41:50 2025 by rpki-client