Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/_CBjgcZbkZYo2t-ikgECtxXCylY.roa
File: _CBjgcZbkZYo2t-ikgECtxXCylY.roa (raw, json)
Hash identifier: yrfz01Wm3cDBACpLRApRvyHZ8ZfM1QoyLtXjIeRBhQU=
Subject key identifier: FC:20:63:81:C6:5B:91:96:28:DA:DF:A2:92:01:02:B7:15:C2:CA:56
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A46553770CB381A7CCC5C0D20A5C741DE
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/_CBjgcZbkZYo2t-ikgECtxXCylY.roa
Signing time: Wed 30 Aug 2023 12:05:04 +0000
ROA not before: Wed 30 Aug 2023 12:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:4654:7011/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:55:37:70:cb:38:1a:7c:cc:5c:0d:20:a5:c7:41:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 12:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc206381c65b919628dadfa2920102b715c2ca56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:78:12:5b:07:7a:81:a7:29:01:37:ab:06:fc:
fa:d7:93:4a:9d:32:7c:1d:af:d9:03:74:a6:9b:19:
c7:f6:87:0e:0d:ff:48:59:b2:fa:e6:68:f3:79:f5:
a1:6d:81:c8:86:0c:53:de:d8:9f:a1:a7:8f:d7:7d:
a0:ce:f6:8e:f0:13:c2:11:da:9a:73:72:5b:70:3f:
fc:96:cb:15:e8:e8:5c:f9:f1:1c:1d:2d:25:f8:44:
ca:16:2d:72:0e:b9:b0:dd:52:6c:80:82:5a:2b:7f:
40:a5:a2:1a:c8:52:74:e5:a2:c7:af:e5:50:78:f7:
6d:82:41:13:79:ce:b0:82:f6:57:a7:eb:34:ee:1d:
68:bf:64:f1:84:72:22:ae:39:b5:f3:d6:55:86:34:
b9:09:3c:0f:27:62:d2:df:b0:18:23:b2:4d:c7:a7:
c0:9b:16:e3:83:be:d3:ff:43:d6:9e:2f:55:e1:48:
2d:cb:52:f5:f5:51:a0:d7:5d:c4:92:8c:00:a3:17:
4b:46:36:b7:be:4b:6d:a7:d2:8f:c4:90:4e:b9:ac:
dc:9b:ab:c1:36:11:d5:71:ea:24:44:1f:ef:5a:92:
d6:20:14:71:90:13:62:34:e8:b1:99:a3:ba:e5:cb:
62:8d:b6:bc:a0:ca:8f:ee:4c:30:27:96:f9:48:bc:
ae:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:20:63:81:C6:5B:91:96:28:DA:DF:A2:92:01:02:B7:15:C2:CA:56
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/_CBjgcZbkZYo2t-ikgECtxXCylY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:0a:14:c7:ee:8f:0e:b8:44:01:22:df:cd:31:7b:d5:ee:b2:
34:60:05:58:dd:b0:e5:2b:41:e3:2b:bc:6f:4b:06:c5:2b:00:
f4:a7:4a:87:c7:0d:eb:69:ea:4d:bc:f4:9f:af:42:0f:98:96:
92:89:f5:89:07:92:45:15:45:e3:fb:23:82:90:f7:79:92:8d:
9f:6f:0d:ab:68:49:44:58:3a:ed:75:b3:f4:d1:ed:4f:5e:db:
e6:48:ba:45:cd:d8:24:ef:3a:c7:a5:93:d1:06:58:9d:d6:d6:
d1:9c:bb:99:ec:17:fd:ac:f2:22:c3:9c:2c:c6:d7:a1:d0:2e:
65:e2:f5:1e:14:0f:7a:e8:67:66:68:ec:37:a4:a0:7c:14:04:
36:94:76:09:91:bc:ef:ee:b5:db:59:4d:b2:91:ed:ae:51:e1:
5e:e2:9c:73:b1:5f:5c:36:5b:b5:95:cb:39:a1:f9:af:17:6a:
99:ae:7d:6c:a4:41:4d:6d:f9:66:58:7b:b0:b0:89:38:79:21:
bb:eb:8e:8c:ec:40:8a:7e:7c:69:90:a2:49:7f:b8:54:29:65:
2a:f6:46:9b:00:79:7d:cc:89:cd:05:ec:b5:51:d7:7f:bc:8a:
fc:2b:04:ad:3f:93:fc:3b:02:30:08:e0:52:4f:e8:5d:26:df:
65:18:91:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpGVTdwyzgafMxcDSClx0HeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMTIwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzIwNjM4MWM2NWI5MTk2MjhkYWRmYTI5MjAxMDJiNzE1YzJjYTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9XgSWwd6gacpATerBvz615NKnTJ8
Ha/ZA3SmmxnH9ocODf9IWbL65mjzefWhbYHIhgxT3tifoaeP132gzvaO8BPCEdqa
c3JbcD/8lssV6Ohc+fEcHS0l+ETKFi1yDrmw3VJsgIJaK39ApaIayFJ05aLHr+VQ
ePdtgkETec6wgvZXp+s07h1ov2TxhHIirjm189ZVhjS5CTwPJ2LS37AYI7JNx6fA
mxbjg77T/0PWni9V4Ugty1L19VGg113EkowAoxdLRja3vkttp9KPxJBOuazcm6vB
NhHVceokRB/vWpLWIBRxkBNiNOixmaO65ctijba8oMqP7kwwJ5b5SLyuzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPwgY4HGW5GWKNrfopIBArcVwspWMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvX0NCamdjWmJrWllvMnQtaWtnRUN0eFhDeWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABUKFMfujw64RAEi380x
e9XusjRgBVjdsOUrQeMrvG9LBsUrAPSnSofHDetp6k289J+vQg+YlpKJ9YkHkkUV
ReP7I4KQ93mSjZ9vDatoSURYOu11s/TR7U9e2+ZIukXN2CTvOselk9EGWJ3W1tGc
u5nsF/2s8iLDnCzG16HQLmXi9R4UD3roZ2Zo7DekoHwUBDaUdgmRvO/utdtZTbKR
7a5R4V7inHOxX1w2W7WVyzmh+a8XapmufWykQU1t+WZYe7CwiTh5IbvrjozsQIp+
fGmQokl/uFQpZSr2RpsAeX3Mic0F7LVR13+8ivwrBK0/k/w7AjAI4FJP6F0m32UY
kVQ=
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:13:35 2025 by rpki-client