Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/XYxaj4dFtdRG8sB-pxB7hZS1ZEA.roa
File: XYxaj4dFtdRG8sB-pxB7hZS1ZEA.roa (raw, json)
Hash identifier: hgEx3xQZI5HhtFtBvjivNiyghqAjqB1EvAZeaBmEgo4=
Subject key identifier: 5D:8C:5A:8F:87:45:B5:D4:46:F2:C0:7E:A7:10:7B:85:94:B5:64:40
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A86BBD003EEB7F7C5DE0CAC47BE0BDA53
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/XYxaj4dFtdRG8sB-pxB7hZS1ZEA.roa
Signing time: Tue 12 Sep 2023 00:12:50 +0000
ROA not before: Tue 12 Sep 2023 00:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:86:bb:d0:03:ee:b7:f7:c5:de:0c:ac:47:be:0b:da:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 12 00:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d8c5a8f8745b5d446f2c07ea7107b8594b56440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b9:2b:17:87:13:1d:74:f7:80:5e:46:0c:6d:
44:34:cf:0c:58:e3:3e:07:dc:c1:84:7d:f8:f5:92:
a3:04:67:74:08:f9:99:a9:bb:9a:4f:84:26:da:e3:
fb:0a:59:38:05:80:38:16:ae:c2:23:ff:59:0f:e3:
f8:cb:3c:7b:b4:0f:d8:cf:d1:e4:8a:c3:61:4c:9f:
d4:c5:55:ef:85:5f:00:6a:01:a9:1f:c8:e5:e3:ea:
18:ef:d4:11:b1:1f:4c:8d:60:a0:43:45:ec:97:27:
e4:74:7f:be:6a:e9:0f:dc:21:46:d7:c9:b3:bb:ee:
4c:45:71:d2:79:3a:00:69:cf:41:fd:96:53:bd:10:
8f:39:67:c2:6c:ef:49:fc:63:c2:52:25:0f:09:e3:
23:93:43:a9:51:dd:f4:66:e8:4d:be:4d:78:a7:f7:
1b:50:63:91:3e:66:1e:c5:7b:13:03:2b:ee:fb:6d:
7a:4f:65:67:42:87:f5:a2:b5:61:f7:5e:65:e2:f8:
52:72:89:46:ed:19:bd:6d:3f:2a:0d:9e:46:95:25:
cc:17:56:f1:c4:c0:9b:d5:35:86:76:f9:67:57:ea:
b2:2b:ed:0e:7b:0f:60:44:2b:11:fc:db:16:8d:95:
8a:08:e2:34:ba:87:9a:87:ba:d0:5d:be:bf:3b:08:
dc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8C:5A:8F:87:45:B5:D4:46:F2:C0:7E:A7:10:7B:85:94:B5:64:40
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/XYxaj4dFtdRG8sB-pxB7hZS1ZEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:7c:33:a7:3e:7d:42:9f:ab:fe:79:9a:0c:b1:21:a9:bf:08:
46:c5:6b:0f:83:90:59:9e:b5:e7:71:7b:43:29:1c:4f:30:4a:
84:65:9a:d4:18:d2:55:01:e0:50:57:30:54:3a:40:b7:d7:bb:
08:d0:a5:0a:16:be:ad:7a:af:38:1c:62:c6:3f:ac:92:b6:a2:
ee:0f:2b:24:4d:40:da:01:e4:00:24:b9:39:72:62:83:7e:e2:
00:01:50:ff:b1:e6:44:3f:23:08:93:b6:43:64:30:6d:e1:3b:
9f:0b:ae:1e:8d:52:2e:83:20:7f:aa:3d:1b:0b:64:bd:d3:ff:
33:d1:c4:d4:c2:56:22:47:50:ad:7f:12:b5:78:1a:f7:69:d3:
87:b0:25:b3:d5:01:51:44:13:12:1b:16:59:e1:62:0a:46:89:
60:86:73:12:4b:10:4a:fc:e2:5b:fd:26:b3:05:77:7c:5d:dc:
79:e4:95:59:12:81:ee:7b:b8:a2:e5:3e:d6:43:a9:6e:8c:83:
ee:b4:8e:ad:d3:60:10:4d:97:f0:f8:37:18:b0:92:a0:1f:b7:
65:a8:9e:f6:75:a4:9f:0e:0c:6e:38:66:dc:f1:34:84:b9:5c:
a9:99:00:27:25:bd:27:42:4b:99:66:5c:4a:26:1f:79:ef:94:
9b:db:13:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqGu9AD7rf3xd4MrEe+C9pTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEyMDAxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhjNWE4Zjg3NDViNWQ0NDZmMmMwN2VhNzEwN2I4NTk0YjU2NDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbkrF4cTHXT3gF5GDG1ENM8MWOM+
B9zBhH349ZKjBGd0CPmZqbuaT4Qm2uP7Clk4BYA4Fq7CI/9ZD+P4yzx7tA/Yz9Hk
isNhTJ/UxVXvhV8AagGpH8jl4+oY79QRsR9MjWCgQ0XslyfkdH++aukP3CFG18mz
u+5MRXHSeToAac9B/ZZTvRCPOWfCbO9J/GPCUiUPCeMjk0OpUd30ZuhNvk14p/cb
UGORPmYexXsTAyvu+216T2VnQof1orVh915l4vhScolG7Rm9bT8qDZ5GlSXMF1bx
xMCb1TWGdvlnV+qyK+0Oew9gRCsR/NsWjZWKCOI0uoeah7rQXb6/OwjcrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF2MWo+HRbXURvLAfqcQe4WUtWRAMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvWFl4YWo0ZEZ0ZFJHOHNCLXB4QjdoWlMxWkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGR8M6c+fUKfq/55mgyx
Iam/CEbFaw+DkFmetedxe0MpHE8wSoRlmtQY0lUB4FBXMFQ6QLfXuwjQpQoWvq16
rzgcYsY/rJK2ou4PKyRNQNoB5AAkuTlyYoN+4gABUP+x5kQ/IwiTtkNkMG3hO58L
rh6NUi6DIH+qPRsLZL3T/zPRxNTCViJHUK1/ErV4Gvdp04ewJbPVAVFEExIbFlnh
YgpGiWCGcxJLEEr84lv9JrMFd3xd3HnklVkSge57uKLlPtZDqW6Mg+60jq3TYBBN
l/D4NxiwkqAft2WonvZ1pJ8ODG44ZtzxNIS5XKmZACclvSdCS5lmXEomH3nvlJvb
E6c=
-----END CERTIFICATE-----
Generated at Mon Feb 3 14:52:47 2025 by rpki-client