Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/XY2pEmqHzM7Eklr0rrGlzC06V9U.roa
File: XY2pEmqHzM7Eklr0rrGlzC06V9U.roa (raw, json)
Hash identifier: ByUTxMF/dgvYLYvZICRyUR0oZn5ffTryo7HAsaE+v9g=
Subject key identifier: 5D:8D:A9:12:6A:87:CC:CE:C4:92:5A:F4:AE:B1:A5:CC:2D:3A:57:D5
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A58248B76E4CAD5CE57E04B6B0B7517B9
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/XY2pEmqHzM7Eklr0rrGlzC06V9U.roa
Signing time: Sat 02 Sep 2023 23:05:04 +0000
ROA not before: Sat 02 Sep 2023 23:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:5823:d4ea/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:58:24:8b:76:e4:ca:d5:ce:57:e0:4b:6b:0b:75:17:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 23:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d8da9126a87cccec4925af4aeb1a5cc2d3a57d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a0:fc:80:1d:76:fe:df:bb:d4:13:ea:5e:ac:
5f:aa:0c:6a:20:59:d3:e7:65:fe:66:0d:68:0b:c6:
c8:6a:89:1d:67:e4:51:15:30:0e:95:fc:de:d9:ba:
d2:25:8e:d0:72:fd:69:dd:2b:80:78:99:7a:d7:7d:
5d:c9:28:0f:14:e9:0e:6a:b7:07:3d:59:37:8a:36:
bc:3a:89:f2:f5:7a:a0:f5:d4:5f:fd:f3:87:c5:a3:
58:d9:d3:df:ad:a9:c9:92:1d:6a:1e:04:00:be:c0:
83:dd:7f:73:b2:84:2b:8e:86:e8:5e:87:d3:41:eb:
c8:3d:8c:0f:f4:21:2d:9e:c5:b4:3b:e8:b3:8b:82:
5a:18:6f:bc:93:8b:28:52:be:19:7d:d9:60:8a:a1:
9a:f9:76:c2:9e:9a:21:bf:ea:43:4b:7a:c6:64:3b:
78:16:f5:c4:bd:78:6f:45:3f:88:6f:a9:3d:4b:60:
25:fc:b5:15:09:df:e3:d1:74:e1:af:c2:3e:1a:d9:
42:11:9c:44:9d:6b:9e:04:0c:8b:3c:02:63:4f:f1:
af:3a:4a:10:f8:d7:4e:5d:3c:f6:34:88:bc:7a:0e:
70:16:07:3c:90:e7:2b:50:02:0a:4c:6c:3f:72:cc:
74:dd:60:ea:35:74:2a:5c:b2:a7:26:bd:96:d7:99:
94:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8D:A9:12:6A:87:CC:CE:C4:92:5A:F4:AE:B1:A5:CC:2D:3A:57:D5
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/XY2pEmqHzM7Eklr0rrGlzC06V9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:ad:62:b3:79:90:e7:84:a4:14:83:b1:16:53:db:b9:11:8b:
16:be:cf:7b:d6:a6:37:f1:ca:03:fb:51:36:90:27:bd:eb:89:
6b:74:89:05:18:0e:71:26:9c:60:af:94:8e:ac:d5:a6:d4:92:
74:3a:0f:b8:e2:d9:89:e1:97:a5:a5:a6:94:65:89:c7:55:bb:
38:71:a6:75:dd:7d:8b:ad:bf:1d:03:82:89:5d:27:dc:ad:66:
c0:f3:90:76:7f:a0:af:a0:33:eb:4d:26:c6:da:cf:a9:ec:8f:
4c:28:a6:38:45:2c:74:26:a3:42:64:fa:f2:37:c9:ec:97:6f:
9f:a3:94:5e:36:91:b1:71:d5:03:d3:1a:9b:e7:29:0c:d3:9f:
6b:97:04:df:8b:86:99:e0:d3:fa:ae:d9:a2:98:2e:aa:b0:bb:
32:2c:b2:e4:54:34:0d:35:bd:bb:9a:36:a2:bc:fb:5c:02:8b:
93:0e:d7:05:51:b8:c7:da:e9:25:90:43:07:47:0d:27:5f:90:
60:36:2c:2b:a4:1c:36:6f:7a:a7:12:ea:0a:62:1a:04:60:6a:
eb:7d:90:8a:4d:e3:14:c8:df:c6:71:3f:18:4d:04:93:fa:9c:
44:99:f5:0a:5d:1e:a8:f4:eb:f1:cf:0c:a0:81:5a:63:b3:f6:
aa:cf:a5:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpYJIt25MrVzlfgS2sLdRe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMjMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhkYTkxMjZhODdjY2NlYzQ5MjVhZjRhZWIxYTVjYzJkM2E1N2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6D8gB12/t+71BPqXqxfqgxqIFnT
52X+Zg1oC8bIaokdZ+RRFTAOlfze2brSJY7Qcv1p3SuAeJl6131dySgPFOkOarcH
PVk3ija8Oony9Xqg9dRf/fOHxaNY2dPfranJkh1qHgQAvsCD3X9zsoQrjoboXofT
QevIPYwP9CEtnsW0O+izi4JaGG+8k4soUr4ZfdlgiqGa+XbCnpohv+pDS3rGZDt4
FvXEvXhvRT+Ib6k9S2Al/LUVCd/j0XThr8I+GtlCEZxEnWueBAyLPAJjT/GvOkoQ
+NdOXTz2NIi8eg5wFgc8kOcrUAIKTGw/csx03WDqNXQqXLKnJr2W15mUEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF2NqRJqh8zOxJJa9K6xpcwtOlfVMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvWFkycEVtcUh6TTdFa2xyMHJyR2x6QzA2VjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD2tYrN5kOeEpBSDsRZT
27kRixa+z3vWpjfxygP7UTaQJ73riWt0iQUYDnEmnGCvlI6s1abUknQ6D7ji2Ynh
l6WlppRlicdVuzhxpnXdfYutvx0DgoldJ9ytZsDzkHZ/oK+gM+tNJsbaz6nsj0wo
pjhFLHQmo0Jk+vI3yeyXb5+jlF42kbFx1QPTGpvnKQzTn2uXBN+Lhpng0/qu2aKY
LqqwuzIssuRUNA01vbuaNqK8+1wCi5MO1wVRuMfa6SWQQwdHDSdfkGA2LCukHDZv
eqcS6gpiGgRgaut9kIpN4xTI38ZxPxhNBJP6nESZ9QpdHqj06/HPDKCBWmOz9qrP
pdU=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:32:26 2025 by rpki-client