Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/YV3rI0A9-ul78JWFB2pQlA9-wBg.roa
File: YV3rI0A9-ul78JWFB2pQlA9-wBg.roa (raw, json)
Hash identifier: 5KLlAAhdt/xBY4e4xDtOY66IawR98bCZ/VYze6OHgx4=
Subject key identifier: 61:5D:EB:23:40:3D:FA:E9:7B:F0:95:85:07:6A:50:94:0F:7E:C0:18
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5F7B06A1A7FC6A941C9CAB5E2BF686A9
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/YV3rI0A9-ul78JWFB2pQlA9-wBg.roa
Signing time: Mon 04 Sep 2023 09:16:52 +0000
ROA not before: Mon 04 Sep 2023 09:16:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:7b:06:a1:a7:fc:6a:94:1c:9c:ab:5e:2b:f6:86:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 09:16:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=615deb23403dfae97bf09585076a50940f7ec018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9b:1f:12:65:cc:bc:24:e6:dc:07:7a:7c:30:
a4:0d:63:72:38:a1:48:9d:86:44:11:ba:ca:0b:44:
e2:2e:d2:c8:33:1c:42:71:84:0b:c6:11:c7:7d:42:
e5:ab:24:7f:8f:9d:73:96:aa:87:fb:cd:35:aa:01:
fa:5b:d3:00:93:b5:02:9d:e3:f4:6b:0c:19:88:8a:
69:cc:69:c1:dd:72:b9:a8:7d:93:9c:74:d5:03:dd:
b2:52:cd:cf:00:fa:59:b2:7e:bb:09:ab:25:06:97:
67:10:7a:82:d8:18:53:ec:f9:c5:44:6d:fa:bc:6c:
c9:04:4b:11:97:7a:1e:29:fb:67:bb:c6:e8:cd:8a:
67:c2:37:51:b2:fb:7a:ef:4f:ad:8f:e9:0c:57:1f:
e6:d9:85:56:8e:9e:48:36:e6:68:22:57:9d:e1:e8:
18:69:16:f6:fe:72:39:82:fc:00:37:9b:b1:4d:43:
05:f2:dd:c7:2b:e0:95:ec:54:41:5f:6c:87:7e:44:
d0:11:87:a4:cc:17:1f:34:af:10:58:90:84:18:83:
50:76:27:34:ff:30:d1:3a:09:2e:8d:80:ce:4f:12:
97:47:72:d1:a8:11:d0:e4:0c:e2:bc:6b:9c:6d:98:
15:ba:32:63:70:88:cf:09:bf:56:e6:cf:e8:4d:5b:
41:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:5D:EB:23:40:3D:FA:E9:7B:F0:95:85:07:6A:50:94:0F:7E:C0:18
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/YV3rI0A9-ul78JWFB2pQlA9-wBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:4b:a7:fe:f8:64:a9:40:34:a2:57:69:d7:e6:c9:5c:34:70:
88:f1:00:6f:e9:92:68:73:d9:f9:d2:a7:f3:fd:7d:7f:a6:1f:
67:68:8a:46:7c:bc:01:46:64:82:d9:96:5f:43:06:65:a4:8e:
9a:f7:b2:02:50:d1:90:42:05:b4:6e:f0:28:a8:76:96:97:af:
fb:49:3d:5e:61:11:57:ac:4f:a8:7e:bd:97:25:00:11:6b:f5:
02:57:12:8d:1f:6b:a9:4c:01:52:ab:1d:1d:da:e8:d6:88:7e:
f3:4b:f2:f8:29:66:60:65:75:3e:c8:f3:d0:eb:d8:fa:1f:fa:
bc:2d:d1:7e:4f:55:3c:04:d8:8b:b5:18:22:da:45:33:dd:3a:
40:4c:53:7a:32:2b:5c:5d:4b:5c:e5:aa:59:d9:d1:83:4b:6d:
84:63:dd:70:b8:b7:74:ba:71:d7:37:72:11:b1:94:c7:bd:e8:
c3:0d:02:13:ec:a9:7b:48:72:64:5b:f8:d7:5d:ff:67:85:a2:
c4:87:fd:d7:ab:4c:ac:14:c3:d5:70:77:fb:18:92:08:8d:ac:
54:d7:30:21:f5:80:c2:e4:79:ad:36:60:71:ca:f1:14:b7:ce:
0f:47:44:b4:df:47:8b:fb:45:57:e0:73:3b:cc:9e:02:10:59:
d6:47:33:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpfewahp/xqlBycq14r9oapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MDkxNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTVkZWIyMzQwM2RmYWU5N2JmMDk1ODUwNzZhNTA5NDBmN2VjMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5sfEmXMvCTm3Ad6fDCkDWNyOKFI
nYZEEbrKC0TiLtLIMxxCcYQLxhHHfULlqyR/j51zlqqH+801qgH6W9MAk7UCneP0
awwZiIppzGnB3XK5qH2TnHTVA92yUs3PAPpZsn67CaslBpdnEHqC2BhT7PnFRG36
vGzJBEsRl3oeKftnu8bozYpnwjdRsvt670+tj+kMVx/m2YVWjp5INuZoIled4egY
aRb2/nI5gvwAN5uxTUMF8t3HK+CV7FRBX2yHfkTQEYekzBcfNK8QWJCEGINQdic0
/zDROgkujYDOTxKXR3LRqBHQ5AzivGucbZgVujJjcIjPCb9W5s/oTVtBlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGFd6yNAPfrpe/CVhQdqUJQPfsAYMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvWVYzckkwQTktdWw3OEpXRkIycFFsQTktd0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACxLp/74ZKlANKJXadfm
yVw0cIjxAG/pkmhz2fnSp/P9fX+mH2doikZ8vAFGZILZll9DBmWkjpr3sgJQ0ZBC
BbRu8CiodpaXr/tJPV5hEVesT6h+vZclABFr9QJXEo0fa6lMAVKrHR3a6NaIfvNL
8vgpZmBldT7I89Dr2Pof+rwt0X5PVTwE2Iu1GCLaRTPdOkBMU3oyK1xdS1zlqlnZ
0YNLbYRj3XC4t3S6cdc3chGxlMe96MMNAhPsqXtIcmRb+Ndd/2eFosSH/derTKwU
w9Vwd/sYkgiNrFTXMCH1gMLkea02YHHK8RS3zg9HRLTfR4v7RVfgczvMngIQWdZH
M2U=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:16:17 2025 by rpki-client