Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/_YUI0Cmq8mNcO7G4XVDihylfLHk.roa
File: _YUI0Cmq8mNcO7G4XVDihylfLHk.roa (raw, json)
Hash identifier: 2FiUH7jKa4B3720da7oKEwYRi7pfgyIleHJf7lvkRdQ=
Subject key identifier: FD:85:08:D0:29:AA:F2:63:5C:3B:B1:B8:5D:50:E2:87:29:5F:2C:79
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A70A2D576588A0D81D1D3071BABC26CC4
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/_YUI0Cmq8mNcO7G4XVDihylfLHk.roa
Signing time: Thu 07 Sep 2023 17:13:54 +0000
ROA not before: Thu 07 Sep 2023 17:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:70:a2:d5:76:58:8a:0d:81:d1:d3:07:1b:ab:c2:6c:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 7 17:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd8508d029aaf2635c3bb1b85d50e287295f2c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6e:e7:73:3c:d5:9d:21:c2:0f:ab:f1:ec:d7:
9a:e8:f9:2e:bf:b4:93:10:b6:66:f2:3f:2b:10:44:
9a:8a:20:73:80:a0:98:1d:6c:2f:c1:e6:73:11:bc:
ba:27:e7:3e:5b:3b:e8:ad:28:1b:9a:96:a2:f5:67:
e7:69:2b:10:3d:49:8a:7d:c3:17:5b:d9:ae:2e:d6:
6e:bb:c6:24:d3:a3:69:79:14:62:91:3e:12:05:a2:
0e:c6:59:61:77:a7:06:78:ef:bd:2c:16:e0:14:37:
b5:ce:1f:1b:c7:98:41:e2:85:2b:0c:18:e5:32:fb:
84:86:a7:e9:77:6c:08:7c:67:26:73:e3:91:fc:ad:
ac:82:27:a1:c7:62:4f:db:c7:00:85:d7:e0:66:4b:
ba:80:fa:d0:28:4d:ca:03:55:e5:3e:ee:6c:97:7b:
30:07:45:b0:a7:f9:61:98:17:7e:3f:26:28:28:ee:
67:ab:40:aa:fc:92:df:69:1d:0e:47:1b:fb:31:e6:
44:bb:16:4d:13:14:a6:ff:0c:3a:ce:26:1c:a1:64:
db:17:08:e3:69:c1:c7:75:3d:9f:29:bb:8d:36:aa:
e0:35:c7:d2:98:29:1a:9e:0d:c7:1e:0b:4e:fe:45:
5b:06:ac:5b:e8:06:68:01:01:b5:82:a8:e1:0c:74:
0d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:85:08:D0:29:AA:F2:63:5C:3B:B1:B8:5D:50:E2:87:29:5F:2C:79
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/_YUI0Cmq8mNcO7G4XVDihylfLHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:ab:ff:e2:f0:4a:0d:d1:b7:b5:de:72:42:ae:c6:ba:fd:ba:
bc:82:50:b1:bc:19:f9:7d:6b:02:a4:06:95:a1:c0:d5:3e:b1:
ed:cc:2a:a3:e2:87:32:98:85:64:56:6b:43:00:0f:b7:99:8f:
ca:b9:d7:5a:be:10:16:b2:7d:e1:f5:d6:8e:37:dd:79:1d:dc:
88:80:43:5d:92:49:24:95:d1:3c:f2:a4:d3:94:d0:34:b6:95:
8b:c0:21:e2:10:42:54:03:f4:63:c3:76:ef:22:24:59:f2:67:
56:01:0a:cd:08:de:ad:e4:db:9d:9c:27:00:d1:aa:9d:e7:5b:
ed:41:2b:39:9b:ec:b3:21:4e:6f:fc:75:60:93:4b:d8:da:4d:
32:76:d2:eb:68:51:bc:17:0f:79:de:5a:2c:42:f7:21:9d:9d:
df:fb:28:5f:09:72:17:d0:d4:d7:e8:d9:15:d4:80:1a:cd:37:
dc:a0:fb:19:63:0b:92:d1:db:52:ed:93:5d:8d:c8:34:42:16:
6a:33:7b:9a:8e:08:5d:ae:84:33:c6:33:40:0f:d6:eb:af:20:
02:21:63:66:95:91:1e:5c:1c:3e:76:1f:bc:e0:3a:03:8d:b7:
29:5e:80:75:32:6b:26:39:35:0c:85:a3:88:34:f3:f9:70:5c:
2a:1f:77:22
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpwotV2WIoNgdHTBxurwmzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA3MTcxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDg1MDhkMDI5YWFmMjYzNWMzYmIxYjg1ZDUwZTI4NzI5NWYyYzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW7nczzVnSHCD6vx7Nea6Pkuv7ST
ELZm8j8rEESaiiBzgKCYHWwvweZzEby6J+c+WzvorSgbmpai9WfnaSsQPUmKfcMX
W9muLtZuu8Yk06NpeRRikT4SBaIOxllhd6cGeO+9LBbgFDe1zh8bx5hB4oUrDBjl
MvuEhqfpd2wIfGcmc+OR/K2sgiehx2JP28cAhdfgZku6gPrQKE3KA1XlPu5sl3sw
B0Wwp/lhmBd+PyYoKO5nq0Cq/JLfaR0ORxv7MeZEuxZNExSm/ww6ziYcoWTbFwjj
acHHdT2fKbuNNqrgNcfSmCkang3HHgtO/kVbBqxb6AZoAQG1gqjhDHQNDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP2FCNApqvJjXDuxuF1Q4ocpXyx5MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvX1lVSTBDbXE4bU5jTzdHNFhWRGloeWxmTEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJur/+LwSg3Rt7XeckKu
xrr9uryCULG8Gfl9awKkBpWhwNU+se3MKqPihzKYhWRWa0MAD7eZj8q511q+EBay
feH11o433Xkd3IiAQ12SSSSV0TzypNOU0DS2lYvAIeIQQlQD9GPDdu8iJFnyZ1YB
Cs0I3q3k252cJwDRqp3nW+1BKzmb7LMhTm/8dWCTS9jaTTJ20utoUbwXD3neWixC
9yGdnd/7KF8JchfQ1Nfo2RXUgBrNN9yg+xljC5LR21Ltk12NyDRCFmoze5qOCF2u
hDPGM0AP1uuvIAIhY2aVkR5cHD52H7zgOgONtylegHUyayY5NQyFo4g08/lwXCof
dyI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:14 2025 by rpki-client