Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bTRm-h8ERoyeD7cYj5-IiG6SF9c.roa
File: bTRm-h8ERoyeD7cYj5-IiG6SF9c.roa (raw, json)
Hash identifier: cAnTkpMQelolOLuVFxsZIqaHNRhls1Hcqnj1jRt+TWU=
Subject key identifier: 6D:34:66:FA:1F:04:46:8C:9E:0F:B7:18:8F:9F:88:88:6E:92:17:D7
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4C2C45E9FE4C4A1E68A2B39011521562
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bTRm-h8ERoyeD7cYj5-IiG6SF9c.roa
Signing time: Thu 31 Aug 2023 15:18:04 +0000
ROA not before: Thu 31 Aug 2023 15:18:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4c:2c:45:e9:fe:4c:4a:1e:68:a2:b3:90:11:52:15:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 15:18:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d3466fa1f04468c9e0fb7188f9f88886e9217d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e8:6b:df:57:99:bb:7c:70:10:3e:d1:80:6b:
19:ee:20:a3:de:23:c0:3a:d6:cb:e4:e0:0c:86:b1:
d4:c0:66:b0:70:74:fe:13:d9:b2:a9:e6:0e:31:99:
ad:6f:14:b8:a5:f2:1b:55:ad:0c:ed:25:bb:3d:e6:
7d:7c:f5:14:5d:11:da:8d:0e:06:03:c6:3c:8b:74:
20:84:3d:11:a4:83:56:03:ec:6b:4a:f5:83:24:04:
d2:32:af:9a:bf:d8:6c:9a:ea:cf:6f:e7:32:54:3d:
f4:f3:bf:c9:d4:30:22:11:12:48:7b:39:63:39:7c:
4d:8e:ed:17:d5:d0:b3:72:42:1c:fe:5a:a6:73:af:
e5:14:b7:71:bb:20:c9:2c:f7:f2:41:05:18:3c:b7:
ff:e9:43:27:27:34:cb:04:f7:9f:42:23:09:51:90:
8d:56:f3:47:09:11:68:72:b2:cc:a0:c7:c3:48:c0:
53:9f:77:8d:7e:7e:fe:32:4b:0f:a1:fe:75:16:59:
4b:54:d3:ba:b8:ab:e0:e3:b2:22:12:1f:b7:5c:ad:
e8:c6:bf:31:7b:c4:4c:7b:bc:9f:16:e5:44:85:19:
52:ff:ef:b7:64:a6:27:7d:d7:63:da:4e:5d:37:05:
c2:f3:3e:30:c5:e7:36:3b:99:ab:bc:05:43:7b:96:
9c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:34:66:FA:1F:04:46:8C:9E:0F:B7:18:8F:9F:88:88:6E:92:17:D7
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bTRm-h8ERoyeD7cYj5-IiG6SF9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:50:c5:46:6e:5d:04:7a:93:ee:f2:0e:fe:a3:0d:20:41:74:
32:df:e9:07:28:f4:1c:b4:ce:6c:5d:ff:7b:11:43:8e:4e:f3:
05:fc:97:1d:ee:29:f7:b9:d5:e8:a8:00:25:23:ea:49:5d:f2:
71:ed:d9:d0:cc:37:9b:56:85:a0:ca:9d:d9:9f:0b:1a:41:3b:
0b:9b:e7:17:d5:d9:c0:51:e9:a3:85:9d:cd:4b:44:fc:c8:bb:
d8:66:27:2d:6c:6e:fd:6d:4f:dc:e3:b6:f9:a9:31:48:c4:13:
fd:c0:8a:90:38:57:30:cf:31:5c:f3:6c:d1:00:7c:3b:9e:d3:
42:72:20:ae:39:b6:28:b1:a1:fd:df:9e:7f:dc:66:e2:5a:26:
af:c8:88:7c:b5:bd:72:ff:24:74:7d:15:cf:bc:85:80:c5:c6:
80:83:84:03:2d:a6:6a:b3:50:1e:dc:90:5f:d0:b7:7c:64:00:
89:6d:2e:82:52:e0:ae:9d:ff:c8:55:3f:d6:39:26:98:37:dd:
48:e8:20:e3:eb:31:12:0d:a2:40:7b:9f:8a:c6:8b:1c:ea:41:
c3:50:c7:c9:6c:2b:6f:65:12:9e:1a:c6:6d:9d:3e:1e:0f:52:
18:58:a1:ed:d4:17:44:c0:e7:a7:97:5b:3c:7b:d4:2a:93:0b:
f2:46:36:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpMLEXp/kxKHmiis5ARUhViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMTUxODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDM0NjZmYTFmMDQ0NjhjOWUwZmI3MTg4ZjlmODg4ODZlOTIxN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOhr31eZu3xwED7RgGsZ7iCj3iPA
OtbL5OAMhrHUwGawcHT+E9myqeYOMZmtbxS4pfIbVa0M7SW7PeZ9fPUUXRHajQ4G
A8Y8i3QghD0RpINWA+xrSvWDJATSMq+av9hsmurPb+cyVD3087/J1DAiERJIezlj
OXxNju0X1dCzckIc/lqmc6/lFLdxuyDJLPfyQQUYPLf/6UMnJzTLBPefQiMJUZCN
VvNHCRFocrLMoMfDSMBTn3eNfn7+MksPof51FllLVNO6uKvg47IiEh+3XK3oxr8x
e8RMe7yfFuVEhRlS/++3ZKYnfddj2k5dNwXC8z4wxec2O5mrvAVDe5acrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG00ZvofBEaMng+3GI+fiIhukhfXMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvYlRSbS1oOEVSb3llRDdjWWo1LUlpRzZTRjljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADRQxUZuXQR6k+7yDv6j
DSBBdDLf6Qco9By0zmxd/3sRQ45O8wX8lx3uKfe51eioACUj6kld8nHt2dDMN5tW
haDKndmfCxpBOwub5xfV2cBR6aOFnc1LRPzIu9hmJy1sbv1tT9zjtvmpMUjEE/3A
ipA4VzDPMVzzbNEAfDue00JyIK45tiixof3fnn/cZuJaJq/IiHy1vXL/JHR9Fc+8
hYDFxoCDhAMtpmqzUB7ckF/Qt3xkAIltLoJS4K6d/8hVP9Y5Jpg33UjoIOPrMRIN
okB7n4rGixzqQcNQx8lsK29lEp4axm2dPh4PUhhYoe3UF0TA56eXWzx71CqTC/JG
Nqc=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:40:04 2025 by rpki-client