Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/YgYMYsGkzKMEC8AReU-GG_X-Nuw.roa
File: YgYMYsGkzKMEC8AReU-GG_X-Nuw.roa (raw, json)
Hash identifier: f6msxbjPZmEEeLcAIlAYogx7lC/n1tYJWH+UL5TumRQ=
Subject key identifier: 62:06:0C:62:C1:A4:CC:A3:04:0B:C0:11:79:4F:86:1B:F5:FE:36:EC
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4BEC2FD73184991487684D0EE9066100
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/YgYMYsGkzKMEC8AReU-GG_X-Nuw.roa
Signing time: Thu 31 Aug 2023 14:08:04 +0000
ROA not before: Thu 31 Aug 2023 14:08:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:4bec:1348/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:ec:2f:d7:31:84:99:14:87:68:4d:0e:e9:06:61:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 14:08:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62060c62c1a4cca3040bc011794f861bf5fe36ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0b:a9:0a:f1:b6:62:b6:7a:04:b2:a0:e6:aa:
e1:a6:3f:a3:6e:e6:9a:79:0f:1d:f8:c1:06:98:e0:
06:a5:b0:89:6a:80:4c:41:43:27:eb:e7:36:e6:5c:
58:2d:b9:d7:0e:20:9d:39:4b:a5:dc:49:db:a5:b4:
b3:87:f8:55:99:70:f4:80:d2:92:a1:37:69:94:84:
52:89:95:7d:1d:6f:30:1a:6a:7e:16:95:d2:1b:52:
79:5c:55:3a:b7:d3:4f:ff:8b:2b:b7:ce:42:21:21:
83:d1:d0:84:7f:76:59:4c:fd:c9:f2:2b:e3:6b:05:
72:ec:ba:0a:75:eb:d5:6b:39:1f:aa:5d:85:a2:18:
0f:44:49:be:e8:0c:25:38:a9:d2:23:1e:3a:c9:ef:
25:9f:04:61:51:90:3b:aa:b8:46:27:db:25:f0:50:
a1:68:7f:58:05:c9:06:a0:5f:56:0a:0d:70:22:f2:
c0:1b:d8:94:98:68:f5:61:60:d0:ee:13:17:13:fd:
a7:49:ca:c6:e1:e8:13:49:b6:80:cc:a9:f0:0a:a9:
73:17:19:35:95:e7:4c:e3:2e:80:11:c5:c1:03:31:
22:e8:a1:93:99:a1:40:57:ed:e0:48:d5:3f:6a:b7:
39:6f:0f:ac:07:d2:ae:10:2f:49:0f:89:74:8d:b0:
28:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:06:0C:62:C1:A4:CC:A3:04:0B:C0:11:79:4F:86:1B:F5:FE:36:EC
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/YgYMYsGkzKMEC8AReU-GG_X-Nuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:3a:09:20:d4:d5:b2:ee:bf:a7:40:2b:eb:08:10:d8:1e:6b:
f1:71:fc:a4:0d:97:12:0f:3b:7f:aa:d7:da:55:ab:9f:be:fa:
4e:36:ed:4d:9b:94:f6:09:c0:9f:98:b6:53:c3:c3:02:44:a1:
f6:e6:64:99:9d:45:d7:5a:d2:cf:04:84:8b:cf:9b:96:a8:1d:
41:56:2c:c8:92:d5:11:b4:30:9a:91:9c:a8:06:b0:b2:b8:6f:
fe:0f:87:96:fc:00:76:69:99:35:84:ab:8f:ff:9a:ea:8e:6a:
f3:03:83:b0:19:1f:60:56:bc:dc:2c:3e:33:4f:64:0f:4d:12:
38:19:f3:4d:1f:53:9a:94:4b:66:71:97:ea:58:17:ba:e2:19:
88:ea:a5:f4:5d:56:16:97:48:30:84:8a:f1:b8:8e:28:8f:de:
e6:52:64:66:4a:f3:a6:d0:2f:60:f3:21:a4:90:a2:8a:79:98:
7b:c8:31:e1:4f:0a:eb:2d:2f:b1:ba:96:e2:82:ec:c2:0e:13:
37:0d:85:cb:9c:99:c9:b4:17:74:43:8a:86:de:9d:90:95:0f:
ef:9c:15:bb:2c:40:7d:ec:de:d7:e7:5f:36:a3:4a:18:d3:28:
04:26:47:58:38:23:df:e4:6a:20:f2:6a:0a:1d:71:4c:9d:28:
9f:2e:4e:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpL7C/XMYSZFIdoTQ7pBmEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMTQwODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjA2MGM2MmMxYTRjY2EzMDQwYmMwMTE3OTRmODYxYmY1ZmUzNmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwupCvG2YrZ6BLKg5qrhpj+jbuaa
eQ8d+MEGmOAGpbCJaoBMQUMn6+c25lxYLbnXDiCdOUul3EnbpbSzh/hVmXD0gNKS
oTdplIRSiZV9HW8wGmp+FpXSG1J5XFU6t9NP/4srt85CISGD0dCEf3ZZTP3J8ivj
awVy7LoKdevVazkfql2FohgPREm+6AwlOKnSIx46ye8lnwRhUZA7qrhGJ9sl8FCh
aH9YBckGoF9WCg1wIvLAG9iUmGj1YWDQ7hMXE/2nScrG4egTSbaAzKnwCqlzFxk1
ledM4y6AEcXBAzEi6KGTmaFAV+3gSNU/arc5bw+sB9KuEC9JD4l0jbAoVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGIGDGLBpMyjBAvAEXlPhhv1/jbsMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvWWdZTVlzR2t6S01FQzhBUmVVLUdHX1gtTnV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFg6CSDU1bLuv6dAK+sI
ENgea/Fx/KQNlxIPO3+q19pVq5+++k427U2blPYJwJ+YtlPDwwJEofbmZJmdRdda
0s8EhIvPm5aoHUFWLMiS1RG0MJqRnKgGsLK4b/4Ph5b8AHZpmTWEq4//muqOavMD
g7AZH2BWvNwsPjNPZA9NEjgZ800fU5qUS2Zxl+pYF7riGYjqpfRdVhaXSDCEivG4
jiiP3uZSZGZK86bQL2DzIaSQoop5mHvIMeFPCustL7G6luKC7MIOEzcNhcucmcm0
F3RDiobenZCVD++cFbssQH3s3tfnXzajShjTKAQmR1g4I9/kaiDyagodcUydKJ8u
Tg4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:56 2025 by rpki-client