Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bNMGAfJouDLuFeCojoFTawn34rk.roa
File: bNMGAfJouDLuFeCojoFTawn34rk.roa (raw, json)
Hash identifier: m52wzrDDuLf5Y8ijWh7r1A+xmvgknK+aTO15SKGfn80=
Subject key identifier: 6C:D3:06:01:F2:68:B8:32:EE:15:E0:A8:8E:81:53:6B:09:F7:E2:B9
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A85A83DA9594782EFAED1F0F0350995DC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bNMGAfJouDLuFeCojoFTawn34rk.roa
Signing time: Mon 11 Sep 2023 19:11:50 +0000
ROA not before: Mon 11 Sep 2023 19:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:85:a8:3d:a9:59:47:82:ef:ae:d1:f0:f0:35:09:95:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 19:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cd30601f268b832ee15e0a88e81536b09f7e2b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:91:57:fd:03:99:19:91:5e:03:15:e7:79:3d:
da:e8:dc:bc:a4:3f:87:8e:64:e6:18:6a:1e:17:f1:
df:ca:e4:cf:59:29:64:46:86:51:54:07:37:71:87:
14:61:2a:32:c2:f1:13:36:0b:a5:e7:39:20:85:a9:
01:d1:16:f8:13:b7:fb:cc:c2:a5:96:77:c8:94:39:
2f:22:68:77:3a:8f:76:7f:5b:c7:12:0e:da:1a:8d:
68:8f:6b:f6:b7:8e:5c:d9:14:ed:2f:d7:eb:fc:4f:
1b:f3:2f:89:0e:19:65:3c:36:ec:1d:7b:4a:24:76:
dc:6b:84:3d:df:29:58:be:12:4e:35:fe:1b:3f:f8:
59:c2:63:0b:ee:86:7a:61:b9:84:c6:2c:c4:01:b5:
59:76:51:6e:96:39:84:a3:b8:01:ec:6f:32:33:89:
41:96:97:0d:76:05:63:a5:ae:fe:bd:3d:7e:c0:08:
74:c1:ce:fb:34:62:c2:3e:26:ca:d5:65:72:f2:ff:
f4:ba:51:84:f0:03:56:62:43:44:85:40:2d:a5:32:
6d:21:33:e3:23:8e:e6:23:c0:f7:db:db:e8:cf:6a:
72:6b:87:0c:32:7c:0f:c6:0c:cc:06:f8:be:f0:70:
c0:aa:5f:9d:10:2a:93:75:07:8e:30:55:17:eb:da:
74:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D3:06:01:F2:68:B8:32:EE:15:E0:A8:8E:81:53:6B:09:F7:E2:B9
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bNMGAfJouDLuFeCojoFTawn34rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:ce:84:2a:6c:ca:3c:d5:9e:25:59:3a:a8:9c:4b:64:9f:93:
81:2d:3f:43:4c:2a:da:e4:db:45:50:aa:69:f0:e2:73:8a:27:
63:3d:21:e6:38:6b:ef:8c:d2:94:7c:68:ea:27:7e:dd:cd:e6:
2f:4e:ee:38:0b:b9:24:3e:d0:39:0d:eb:55:67:61:c0:36:4c:
56:f7:a0:9d:f3:42:18:79:23:f7:6f:61:9c:45:6c:ad:a3:d6:
6d:a9:db:bc:74:f3:f2:c0:cd:02:95:f9:a2:f8:b6:fc:13:bf:
3a:8e:31:7c:44:0f:37:17:0f:96:a7:91:3a:af:41:1a:fb:e0:
a0:cf:c8:69:6d:8b:57:fc:de:c6:c5:33:3c:db:bd:9b:e4:a2:
77:5a:92:4b:be:ad:38:0d:ce:e4:6d:0a:f7:d8:a2:95:27:39:
b3:0c:55:a8:26:43:d0:c4:d4:67:1d:7d:61:4e:cd:95:58:1e:
9f:b9:a0:5e:6c:6a:94:36:bc:b1:2a:12:65:34:89:b6:50:04:
01:48:18:b7:2c:35:a6:6d:d8:ae:3d:ef:95:89:e4:fc:42:1d:
36:17:da:63:f5:fc:38:14:b9:8b:3e:86:be:58:4b:6f:ec:af:
af:2c:9a:83:81:b7:a4:51:9c:64:e1:69:4b:e0:89:4c:7e:94:
4f:f2:e6:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqFqD2pWUeC767R8PA1CZXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMTkxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2QzMDYwMWYyNjhiODMyZWUxNWUwYTg4ZTgxNTM2YjA5ZjdlMmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZFX/QOZGZFeAxXneT3a6Ny8pD+H
jmTmGGoeF/HfyuTPWSlkRoZRVAc3cYcUYSoywvETNgul5zkghakB0Rb4E7f7zMKl
lnfIlDkvImh3Oo92f1vHEg7aGo1oj2v2t45c2RTtL9fr/E8b8y+JDhllPDbsHXtK
JHbca4Q93ylYvhJONf4bP/hZwmML7oZ6YbmExizEAbVZdlFuljmEo7gB7G8yM4lB
lpcNdgVjpa7+vT1+wAh0wc77NGLCPibK1WVy8v/0ulGE8ANWYkNEhUAtpTJtITPj
I47mI8D329voz2pya4cMMnwPxgzMBvi+8HDAql+dECqTdQeOMFUX69p0xwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGzTBgHyaLgy7hXgqI6BU2sJ9+K5MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvYk5NR0FmSm91REx1RmVDb2pvRlRhd24zNHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACrOhCpsyjzVniVZOqic
S2Sfk4EtP0NMKtrk20VQqmnw4nOKJ2M9IeY4a++M0pR8aOonft3N5i9O7jgLuSQ+
0DkN61VnYcA2TFb3oJ3zQhh5I/dvYZxFbK2j1m2p27x08/LAzQKV+aL4tvwTvzqO
MXxEDzcXD5ankTqvQRr74KDPyGlti1f83sbFMzzbvZvkondakku+rTgNzuRtCvfY
opUnObMMVagmQ9DE1GcdfWFOzZVYHp+5oF5sapQ2vLEqEmU0ibZQBAFIGLcsNaZt
2K4975WJ5PxCHTYX2mP1/DgUuYs+hr5YS2/sr68smoOBt6RRnGThaUvgiUx+lE/y
5kE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:05 2025 by rpki-client