Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bsAxpZq--Kp60RGRsJjeXy5a6z0.roa
File: bsAxpZq--Kp60RGRsJjeXy5a6z0.roa (raw, json)
Hash identifier: AgVV1+RMZnuZD4g4bkv33iM1umdxgEfJpHrTK/pIJzU=
Subject key identifier: 6E:C0:31:A5:9A:BE:F8:AA:7A:D1:11:91:B0:98:DE:5F:2E:5A:EB:3D
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8B06723DF53A58E74BCED5145D1A689F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bsAxpZq--Kp60RGRsJjeXy5a6z0.roa
Signing time: Tue 12 Sep 2023 20:12:50 +0000
ROA not before: Tue 12 Sep 2023 20:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8b:06:72:3d:f5:3a:58:e7:4b:ce:d5:14:5d:1a:68:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 12 20:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ec031a59abef8aa7ad11191b098de5f2e5aeb3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9c:b7:52:ba:94:d0:f7:ee:bb:6c:3c:7f:70:
d1:1d:39:a2:72:7f:ae:35:09:88:25:36:60:71:3d:
21:8d:88:d2:48:e4:81:49:a1:f2:a2:7e:fb:ff:0c:
ce:d5:2c:d0:05:bb:31:82:84:a3:8c:ca:a1:fe:1c:
ca:ec:45:78:04:0c:e4:fa:27:04:9d:b4:1f:36:7c:
42:44:6b:10:f8:72:97:46:65:57:43:a0:10:5c:15:
a8:0d:cf:12:14:32:8d:4a:c1:d0:a2:22:cb:fe:ab:
54:de:67:ed:85:b8:9b:96:7e:54:f9:f7:04:74:12:
17:96:60:ec:1e:ea:b4:16:50:1a:12:41:3e:15:e3:
34:9f:20:d4:40:4f:f6:47:85:43:b7:34:ba:9c:bb:
20:d1:87:a2:98:50:cf:43:3c:df:42:bd:4e:05:60:
8c:28:54:e0:ea:09:fb:1d:dc:c1:0c:2f:37:9b:9a:
63:09:ea:99:78:44:b9:78:c4:9b:38:32:d0:25:e7:
38:5b:93:8e:ea:94:51:85:9a:ca:65:92:8b:98:bb:
ce:3b:c7:47:2f:2a:00:b0:f7:ee:9f:bb:a9:e4:0c:
09:38:b9:25:96:2e:92:bc:c2:8c:6f:21:ee:bf:d5:
31:21:0b:cb:d0:67:89:e0:d7:ef:a4:c1:52:09:8f:
51:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C0:31:A5:9A:BE:F8:AA:7A:D1:11:91:B0:98:DE:5F:2E:5A:EB:3D
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bsAxpZq--Kp60RGRsJjeXy5a6z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:45:77:d2:39:3b:be:46:76:57:16:f7:77:41:39:1e:e0:c5:
9a:4d:05:90:15:ba:a5:90:e4:42:92:ce:0c:c8:94:c1:26:d0:
3e:d0:4c:36:6a:31:70:8e:14:93:2e:eb:04:eb:bf:45:e8:32:
06:e8:5a:35:84:3a:b7:97:74:65:d3:fd:c8:bc:a6:58:ff:a3:
2d:5b:fe:bc:07:86:4d:6e:ab:a6:59:ee:ec:19:20:be:d9:fb:
80:39:2f:97:5d:6c:1c:39:c3:65:4e:6d:21:ae:35:e4:15:ea:
b4:5e:38:45:b1:ff:9f:33:a1:af:1e:1f:11:93:ff:03:1b:c2:
18:8c:58:84:9b:ed:ac:51:5a:aa:65:b5:f0:2a:a1:4d:9d:c0:
61:e2:83:d7:d6:59:79:ad:4d:e2:14:c4:f3:0f:ca:bd:9a:e7:
29:7f:57:c3:74:a9:98:74:03:9c:d2:b5:c8:73:da:79:f2:18:
d8:33:a4:a1:19:c6:03:e7:1e:a0:c1:d0:96:be:3d:ce:51:62:
d8:89:7e:3c:d7:84:d5:e2:87:7c:bf:0c:06:04:a2:e8:6c:bb:
25:ce:19:a7:ab:81:71:30:eb:4c:5b:7f:ec:44:a2:83:b7:08:
bb:e4:00:e9:91:f5:87:d1:80:a1:3d:e9:7b:d6:94:02:96:83:
a4:57:c3:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqLBnI99TpY50vO1RRdGmifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEyMjAxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWMwMzFhNTlhYmVmOGFhN2FkMTExOTFiMDk4ZGU1ZjJlNWFlYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJy3UrqU0Pfuu2w8f3DRHTmicn+u
NQmIJTZgcT0hjYjSSOSBSaHyon77/wzO1SzQBbsxgoSjjMqh/hzK7EV4BAzk+icE
nbQfNnxCRGsQ+HKXRmVXQ6AQXBWoDc8SFDKNSsHQoiLL/qtU3mfthbibln5U+fcE
dBIXlmDsHuq0FlAaEkE+FeM0nyDUQE/2R4VDtzS6nLsg0YeimFDPQzzfQr1OBWCM
KFTg6gn7HdzBDC83m5pjCeqZeES5eMSbODLQJec4W5OO6pRRhZrKZZKLmLvOO8dH
LyoAsPfun7up5AwJOLklli6SvMKMbyHuv9UxIQvL0GeJ4NfvpMFSCY9R5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG7AMaWavviqetERkbCY3l8uWus9MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvYnNBeHBacS0tS3A2MFJHUnNKamVYeTVhNnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD1Fd9I5O75GdlcW93dB
OR7gxZpNBZAVuqWQ5EKSzgzIlMEm0D7QTDZqMXCOFJMu6wTrv0XoMgboWjWEOreX
dGXT/ci8plj/oy1b/rwHhk1uq6ZZ7uwZIL7Z+4A5L5ddbBw5w2VObSGuNeQV6rRe
OEWx/58zoa8eHxGT/wMbwhiMWISb7axRWqpltfAqoU2dwGHig9fWWXmtTeIUxPMP
yr2a5yl/V8N0qZh0A5zStchz2nnyGNgzpKEZxgPnHqDB0Ja+Pc5RYtiJfjzXhNXi
h3y/DAYEouhsuyXOGaergXEw60xbf+xEooO3CLvkAOmR9YfRgKE96XvWlAKWg6RX
w4g=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:16 2025 by rpki-client