Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/XzoBhY5s30HjirIg5Hv4nPlSJ8E.roa
File: XzoBhY5s30HjirIg5Hv4nPlSJ8E.roa (raw, json)
Hash identifier: zvXREqbWK0/Ajt5KP5Zfz4IVu60ly250+MWS9HywxhY=
Subject key identifier: 5F:3A:01:85:8E:6C:DF:41:E3:8A:B2:20:E4:7B:F8:9C:F9:52:27:C1
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A73DCA3DFFBF31C0F97AD50D2BB472C68
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/XzoBhY5s30HjirIg5Hv4nPlSJ8E.roa
Signing time: Fri 08 Sep 2023 08:15:54 +0000
ROA not before: Fri 08 Sep 2023 08:15:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:73:dc:a3:df:fb:f3:1c:0f:97:ad:50:d2:bb:47:2c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 8 08:15:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f3a01858e6cdf41e38ab220e47bf89cf95227c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:08:52:da:ed:d9:8d:56:25:30:47:c6:6a:de:
55:60:4a:cd:8d:d7:5a:df:2c:ea:64:96:73:18:3d:
ab:ea:03:41:f6:aa:b7:17:5c:a2:4a:51:25:54:da:
04:fb:c3:af:97:55:14:ba:4b:1a:b4:74:3f:d8:6b:
51:a1:8a:b0:04:4d:74:ff:57:e8:f8:7c:d1:f3:4f:
e7:5d:71:b2:77:1b:0f:bf:4e:b3:0e:2b:81:ba:9f:
97:36:24:22:4b:c4:4f:a1:db:23:d4:37:69:85:4d:
af:bd:5b:85:a6:e7:6d:38:53:00:93:b9:11:7a:c0:
b1:d4:52:1c:83:ff:5e:be:75:1d:92:df:a8:0f:96:
82:64:de:36:fa:d0:2e:d3:3f:19:b2:9b:7f:f3:02:
3d:4e:93:1b:69:03:a4:a4:86:83:b2:bf:ae:f9:8c:
85:d5:59:f1:f3:2b:fe:f7:8a:bf:d9:3c:b9:28:2b:
f7:3a:b9:bd:be:7a:20:d0:81:0b:1f:71:ef:00:d8:
93:73:8d:d8:13:84:b8:6c:08:f1:0f:fa:72:b8:35:
bb:e8:c9:f0:7a:3f:5c:75:da:0a:96:20:0a:a0:ca:
9c:35:30:a7:15:b2:f4:51:3c:81:13:ab:89:b3:26:
b1:c5:bd:01:ce:4b:88:4a:b8:53:93:bc:49:53:f3:
07:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:3A:01:85:8E:6C:DF:41:E3:8A:B2:20:E4:7B:F8:9C:F9:52:27:C1
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/XzoBhY5s30HjirIg5Hv4nPlSJ8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:05:29:25:65:b4:2d:d4:04:50:a4:d9:28:ca:fb:56:43:af:
1e:76:cf:4a:ce:3e:8e:fb:5d:94:69:48:4e:4d:07:37:87:1d:
1a:4e:7d:88:72:fb:b4:3c:1a:ab:4d:05:cf:5f:5d:a3:e7:9d:
d4:14:0d:08:49:88:c0:6f:36:60:4a:0e:72:9a:05:90:8f:43:
e0:90:5c:f7:00:e1:22:e6:fd:2a:1e:b1:27:a4:bc:19:c8:30:
63:6a:1d:22:96:53:eb:bd:69:d6:a5:4e:06:84:5d:2c:a7:8c:
dd:d2:9f:16:c7:81:0c:29:e6:be:c2:d3:cd:35:a3:ca:b3:3e:
00:70:f2:d9:68:e5:70:5e:3b:98:54:9b:a2:bc:91:22:64:49:
ac:b0:da:42:65:5b:e3:ca:81:a2:dd:59:97:7e:ce:b9:0d:8f:
92:f4:d1:fa:e0:74:50:27:0d:36:8d:b9:05:03:58:ca:e1:f4:
ba:18:ee:f7:14:5e:9e:dd:0c:16:49:41:ab:c1:9a:79:8e:40:
6a:17:a6:6e:c7:81:26:d8:bd:bb:56:1b:01:ef:5d:ce:53:ee:
c4:b8:7d:0f:dd:91:a0:c1:2f:70:ba:dd:50:f5:69:a2:cc:41:
3b:ad:b5:a1:25:f1:6c:55:e0:6f:5c:9b:e9:c5:3e:b6:b9:77:
3c:d7:83:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpz3KPf+/McD5etUNK7RyxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA4MDgxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjNhMDE4NThlNmNkZjQxZTM4YWIyMjBlNDdiZjg5Y2Y5NTIyN2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwhS2u3ZjVYlMEfGat5VYErNjdda
3yzqZJZzGD2r6gNB9qq3F1yiSlElVNoE+8Ovl1UUuksatHQ/2GtRoYqwBE10/1fo
+HzR80/nXXGydxsPv06zDiuBup+XNiQiS8RPodsj1DdphU2vvVuFpudtOFMAk7kR
esCx1FIcg/9evnUdkt+oD5aCZN42+tAu0z8Zspt/8wI9TpMbaQOkpIaDsr+u+YyF
1Vnx8yv+94q/2Ty5KCv3Orm9vnog0IELH3HvANiTc43YE4S4bAjxD/pyuDW76Mnw
ej9cddoKliAKoMqcNTCnFbL0UTyBE6uJsyaxxb0BzkuISrhTk7xJU/MHDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF86AYWObN9B44qyIOR7+Jz5UifBMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvWHpvQmhZNXMzMEhqaXJJZzVIdjRuUGxTSjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFIFKSVltC3UBFCk2SjK
+1ZDrx52z0rOPo77XZRpSE5NBzeHHRpOfYhy+7Q8GqtNBc9fXaPnndQUDQhJiMBv
NmBKDnKaBZCPQ+CQXPcA4SLm/SoesSekvBnIMGNqHSKWU+u9adalTgaEXSynjN3S
nxbHgQwp5r7C0801o8qzPgBw8tlo5XBeO5hUm6K8kSJkSayw2kJlW+PKgaLdWZd+
zrkNj5L00frgdFAnDTaNuQUDWMrh9LoY7vcUXp7dDBZJQavBmnmOQGoXpm7HgSbY
vbtWGwHvXc5T7sS4fQ/dkaDBL3C63VD1aaLMQTuttaEl8WxV4G9cm+nFPra5dzzX
g1U=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:00 2025 by rpki-client