Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/a96pVD7ZSdcVafJtccWZCuYG088.roa
File: a96pVD7ZSdcVafJtccWZCuYG088.roa (raw, json)
Hash identifier: 4E/zW4xlbczUmQykbNyJlSm+FOLzTwGWw86gplSYMUM=
Subject key identifier: 6B:DE:A9:54:3E:D9:49:D7:15:69:F2:6D:71:C5:99:0A:E6:06:D3:CF
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6731BE9274A26C8BD4C4E5EA72955651
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/a96pVD7ZSdcVafJtccWZCuYG088.roa
Signing time: Tue 05 Sep 2023 21:13:47 +0000
ROA not before: Tue 05 Sep 2023 21:13:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:67:31:be:92:74:a2:6c:8b:d4:c4:e5:ea:72:95:56:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 21:13:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bdea9543ed949d71569f26d71c5990ae606d3cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:37:b8:77:9b:6f:df:c1:43:66:34:f7:14:e7:
95:63:aa:ff:3f:09:ef:84:d1:85:92:cc:04:b5:e2:
4c:e8:c6:5a:a9:10:83:e6:9e:ef:4b:fa:35:44:ca:
7e:f6:19:39:ae:1c:37:47:09:b5:2f:a6:d2:f2:15:
4d:c5:a3:ae:fc:55:10:da:df:57:80:4e:02:38:60:
23:4a:12:0d:ab:29:fb:58:82:5c:5c:ee:9e:7f:17:
0e:c1:e2:f3:08:59:1d:f2:de:2a:74:e0:fa:bd:d0:
f0:b9:bc:9a:d2:87:c2:a3:e8:78:c0:72:59:89:3d:
ce:51:4b:12:51:58:8d:2e:1f:4e:a4:f7:29:10:70:
9f:90:f9:10:e8:4d:7a:1f:be:1b:c2:dc:19:ec:1e:
ce:94:df:f7:90:81:b6:b6:7f:86:57:83:85:ff:aa:
49:54:fd:8d:bd:f3:a4:23:88:54:ba:92:4b:71:b7:
3a:4d:54:c9:b3:7c:4e:c8:f4:8f:12:29:4b:54:13:
c5:d6:9a:70:27:f3:18:ad:d1:bd:dd:b8:39:35:f4:
c8:a5:35:8d:ef:0d:7d:a2:d3:f8:e7:94:43:60:8e:
31:65:9f:44:3c:09:a6:fe:2d:47:75:eb:7f:4f:7c:
2a:96:f6:dd:cf:5d:f2:5c:f5:49:01:ac:95:0a:87:
2d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:DE:A9:54:3E:D9:49:D7:15:69:F2:6D:71:C5:99:0A:E6:06:D3:CF
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/a96pVD7ZSdcVafJtccWZCuYG088.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:84:ce:82:58:f7:9f:44:aa:7d:86:40:85:05:fe:a6:f1:74:
17:44:7b:52:f6:1f:db:8a:44:0e:25:97:8a:7d:f8:2c:a9:74:
d1:0b:33:0a:a9:60:b2:be:b0:ac:26:2d:40:ce:be:25:dd:7c:
49:ef:c2:7c:fd:9c:5f:c7:fb:75:5c:f0:32:fe:56:c7:32:d3:
7e:06:1d:61:45:34:ca:ea:77:ef:e7:96:c0:29:dd:4a:44:37:
49:af:98:bd:6f:7d:5e:2c:68:c3:cb:14:b7:c8:5e:1d:94:ed:
55:06:59:62:86:92:12:4e:3d:ba:c5:66:22:1a:2a:9b:1f:9f:
cf:c4:35:4c:f7:f6:44:aa:0b:64:14:02:f0:b4:6a:63:0f:17:
a2:92:0a:c7:51:00:85:50:11:ad:5d:32:9c:1e:b0:60:2e:2c:
e9:fc:08:14:bb:2b:12:d8:44:a2:fa:f0:b5:56:86:67:a4:1c:
9f:3c:31:1c:e5:06:28:a2:19:c0:d7:a3:5e:09:49:d0:d4:26:
d7:c4:6e:7d:9b:17:b7:aa:f6:cf:ca:e4:dd:d4:67:9c:57:86:
9a:4a:85:76:15:eb:31:ae:60:d5:0a:2e:b9:d7:e9:c7:5c:83:
a6:19:54:31:43:c6:1d:32:b5:9f:51:ae:f0:4f:0d:40:0b:50:
b2:79:11:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpnMb6SdKJsi9TE5epylVZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MjExMzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmRlYTk1NDNlZDk0OWQ3MTU2OWYyNmQ3MWM1OTkwYWU2MDZkM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTe4d5tv38FDZjT3FOeVY6r/Pwnv
hNGFkswEteJM6MZaqRCD5p7vS/o1RMp+9hk5rhw3Rwm1L6bS8hVNxaOu/FUQ2t9X
gE4COGAjShINqyn7WIJcXO6efxcOweLzCFkd8t4qdOD6vdDwubya0ofCo+h4wHJZ
iT3OUUsSUViNLh9OpPcpEHCfkPkQ6E16H74bwtwZ7B7OlN/3kIG2tn+GV4OF/6pJ
VP2NvfOkI4hUupJLcbc6TVTJs3xOyPSPEilLVBPF1ppwJ/MYrdG93bg5NfTIpTWN
7w19otP455RDYI4xZZ9EPAmm/i1Hdet/T3wqlvbdz13yXPVJAayVCoctiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGveqVQ+2UnXFWnybXHFmQrmBtPPMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvYTk2cFZEN1pTZGNWYWZKdGNjV1pDdVlHMDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABOEzoJY959Eqn2GQIUF
/qbxdBdEe1L2H9uKRA4ll4p9+CypdNELMwqpYLK+sKwmLUDOviXdfEnvwnz9nF/H
+3Vc8DL+Vscy034GHWFFNMrqd+/nlsAp3UpEN0mvmL1vfV4saMPLFLfIXh2U7VUG
WWKGkhJOPbrFZiIaKpsfn8/ENUz39kSqC2QUAvC0amMPF6KSCsdRAIVQEa1dMpwe
sGAuLOn8CBS7KxLYRKL68LVWhmekHJ88MRzlBiiiGcDXo14JSdDUJtfEbn2bF7eq
9s/K5N3UZ5xXhppKhXYV6zGuYNUKLrnX6cdcg6YZVDFDxh0ytZ9RrvBPDUALULJ5
EaY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:21 2025 by rpki-client