Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/aVHxM4XQrt05mQuQkg34RGKndXY.roa
File: aVHxM4XQrt05mQuQkg34RGKndXY.roa (raw, json)
Hash identifier: QmFfTh4aNJTmYQutx2LZGA3ySsVPH/88c4rSCtfcA0w=
Subject key identifier: 69:51:F1:33:85:D0:AE:DD:39:99:0B:90:92:0D:F8:44:62:A7:75:76
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A69916B816117FC6E70BCCC8910E41BBD
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/aVHxM4XQrt05mQuQkg34RGKndXY.roa
Signing time: Wed 06 Sep 2023 08:17:32 +0000
ROA not before: Wed 06 Sep 2023 08:17:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:91:6b:81:61:17:fc:6e:70:bc:cc:89:10:e4:1b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 08:17:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6951f13385d0aedd39990b90920df84462a77576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c2:0e:3b:54:f3:d0:d5:0c:3c:95:19:ab:6b:
36:b9:a4:be:ba:9d:91:e9:3d:cc:59:d0:79:3c:db:
1b:47:76:36:37:b6:65:14:5b:b2:59:cd:f0:e7:d1:
5a:f2:6e:54:09:9d:af:f9:e3:d9:81:70:4f:56:4a:
0a:f9:ca:1d:0a:3f:a3:d0:41:b0:86:a7:f8:47:61:
61:2c:25:a9:c4:2a:cd:e8:91:54:df:14:8d:c6:be:
2a:67:0a:fd:99:17:0c:f5:df:83:5a:5b:e0:16:2f:
83:b8:69:d9:98:9c:7d:ca:7b:30:5f:af:ed:0f:38:
c9:79:70:af:f7:e0:6d:72:fa:87:f3:28:74:a6:4d:
a0:a0:32:5f:46:4d:4c:75:01:b2:d4:9c:06:d8:08:
df:a0:13:5a:a6:75:18:63:24:77:4b:63:b8:8a:6d:
e5:7f:52:7d:75:82:e4:88:37:98:51:86:91:31:4c:
c3:1d:92:66:c2:07:f1:54:09:fb:58:f5:05:b2:7b:
85:11:24:f2:d5:5e:88:89:bd:00:14:33:17:d2:77:
7d:76:c7:36:fc:38:e4:66:26:58:a5:50:00:b0:8c:
87:fe:32:da:f0:11:44:ba:c3:2f:27:d6:6c:94:54:
4e:ef:5a:d3:11:f8:f1:8c:5c:91:2d:2f:5c:cb:36:
00:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:51:F1:33:85:D0:AE:DD:39:99:0B:90:92:0D:F8:44:62:A7:75:76
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/aVHxM4XQrt05mQuQkg34RGKndXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:d2:9f:f6:85:84:20:39:b0:08:26:1e:1c:15:17:2a:f8:de:
a3:39:5e:a2:df:de:7e:4e:ad:50:30:1c:21:81:22:59:a0:eb:
1e:5f:43:c3:76:d2:62:07:6e:47:f8:1c:b7:9a:b8:39:a3:4d:
82:b3:54:d9:36:94:9a:5b:55:51:fa:90:40:64:b8:51:75:3b:
cc:07:a2:48:08:50:e4:04:ae:b9:3b:0c:c8:0b:a0:f8:4c:7c:
ba:5b:c5:f2:86:fc:6f:5a:cb:5f:79:9f:43:88:c6:9f:5d:a9:
48:86:8b:22:46:13:25:33:64:74:fa:d4:99:e9:27:8f:0b:63:
86:da:c7:58:98:37:24:a8:ab:bd:45:b2:a9:0b:49:85:39:62:
19:45:4d:08:6f:fe:2e:48:e7:d8:a2:77:a9:50:2f:a1:62:1f:
fe:c2:1f:a2:83:9a:eb:4f:5c:a6:4b:8e:58:cb:18:06:fe:bc:
88:90:db:5e:fb:c0:ef:bb:cf:21:d1:37:05:30:da:04:b2:12:
d6:1f:13:a7:0d:25:bc:ce:e8:30:5f:a2:49:c6:b5:9a:73:b9:
29:10:97:5d:f4:38:38:bf:7c:1f:13:3e:46:45:35:04:4c:78:
7c:74:cf:83:00:28:cc:75:91:74:78:49:35:30:1b:c5:85:de:
bf:16:e6:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYppkWuBYRf8bnC8zIkQ5Bu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MDgxNzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTUxZjEzMzg1ZDBhZWRkMzk5OTBiOTA5MjBkZjg0NDYyYTc3NTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMIOO1Tz0NUMPJUZq2s2uaS+up2R
6T3MWdB5PNsbR3Y2N7ZlFFuyWc3w59Fa8m5UCZ2v+ePZgXBPVkoK+codCj+j0EGw
hqf4R2FhLCWpxCrN6JFU3xSNxr4qZwr9mRcM9d+DWlvgFi+DuGnZmJx9ynswX6/t
DzjJeXCv9+BtcvqH8yh0pk2goDJfRk1MdQGy1JwG2AjfoBNapnUYYyR3S2O4im3l
f1J9dYLkiDeYUYaRMUzDHZJmwgfxVAn7WPUFsnuFESTy1V6Iib0AFDMX0nd9dsc2
/DjkZiZYpVAAsIyH/jLa8BFEusMvJ9ZslFRO71rTEfjxjFyRLS9cyzYAqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGlR8TOF0K7dOZkLkJIN+ERip3V2MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvYVZIeE00WFFydDA1bVF1UWtnMzRSR0tuZFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA7Sn/aFhCA5sAgmHhwV
Fyr43qM5XqLf3n5OrVAwHCGBIlmg6x5fQ8N20mIHbkf4HLeauDmjTYKzVNk2lJpb
VVH6kEBkuFF1O8wHokgIUOQErrk7DMgLoPhMfLpbxfKG/G9ay195n0OIxp9dqUiG
iyJGEyUzZHT61JnpJ48LY4bax1iYNySoq71FsqkLSYU5YhlFTQhv/i5I59iid6lQ
L6FiH/7CH6KDmutPXKZLjljLGAb+vIiQ2177wO+7zyHRNwUw2gSyEtYfE6cNJbzO
6DBfoknGtZpzuSkQl130ODi/fB8TPkZFNQRMeHx0z4MAKMx1kXR4STUwG8WF3r8W
5oE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:37 2025 by rpki-client