Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/cuuT1vv1wlsBa_Zj4OXFkQDdiQQ.roa
File: cuuT1vv1wlsBa_Zj4OXFkQDdiQQ.roa (raw, json)
Hash identifier: jRyRWReCOOxI9kfdeovlqCWKDKyEqnHbQzBht8L+3eU=
Subject key identifier: 72:EB:93:D6:FB:F5:C2:5B:01:6B:F6:63:E0:E5:C5:91:00:DD:89:04
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A782569804E0A257A1DCC3965B75B8553
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/cuuT1vv1wlsBa_Zj4OXFkQDdiQQ.roa
Signing time: Sat 09 Sep 2023 04:13:52 +0000
ROA not before: Sat 09 Sep 2023 04:13:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:78:25:69:80:4e:0a:25:7a:1d:cc:39:65:b7:5b:85:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 04:13:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72eb93d6fbf5c25b016bf663e0e5c59100dd8904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:88:77:31:53:56:ee:6c:6a:47:0c:a6:27:56:
6d:8d:8a:d7:04:cb:1f:0c:8b:e9:f8:da:77:0d:85:
74:08:0d:6b:4e:98:eb:27:9e:95:51:16:b5:b9:58:
4a:a4:a6:57:f2:c9:b6:02:70:f9:57:ad:81:3d:02:
93:b6:1b:ce:fc:86:f2:5e:9b:60:3b:04:4e:41:38:
ed:57:a0:3a:3f:d7:d4:92:4c:ee:14:12:ec:15:eb:
ad:cf:ed:83:46:f0:ee:ff:c6:d7:20:dd:88:f7:42:
56:5b:13:41:60:b9:77:c4:5d:92:de:1b:b4:25:03:
bb:c6:f5:09:78:dd:d3:f4:43:35:cd:2a:52:db:e5:
7f:99:ba:6d:22:91:d0:90:ab:9a:48:7f:4b:90:a3:
78:37:44:d7:08:c0:d7:74:29:73:4b:16:69:8f:96:
c5:90:c5:ff:d2:01:cd:c9:d8:09:8b:99:b6:35:9b:
2e:f6:b3:48:29:c0:2b:94:5b:21:31:77:ef:02:75:
53:b7:8e:86:1a:6e:d7:65:39:96:96:66:0c:c3:9f:
ff:33:f6:23:fe:e9:5c:fc:8c:e1:9a:2f:9b:3a:ec:
78:10:d3:c8:64:9b:1f:be:05:9b:34:7a:71:24:6a:
f3:06:ff:5a:ad:35:ad:f3:53:c1:56:04:65:2b:a9:
80:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:EB:93:D6:FB:F5:C2:5B:01:6B:F6:63:E0:E5:C5:91:00:DD:89:04
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/cuuT1vv1wlsBa_Zj4OXFkQDdiQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
70:47:37:2b:8c:b0:d1:3f:2c:fc:54:0f:cc:e7:33:1e:3c:e3:
27:9c:dd:6a:c9:77:ec:9f:81:c8:12:f7:e6:a8:39:17:a1:21:
82:20:5b:ae:f1:96:4c:47:41:e7:6c:d3:98:c4:91:75:54:5f:
ad:3a:67:f9:22:f2:e0:e2:08:5c:76:9e:0d:20:d3:fb:e0:b0:
a8:b3:0c:1b:7a:19:25:d3:10:99:62:89:a0:a5:9d:1e:35:3d:
7b:7e:0d:0b:32:c4:80:69:94:08:a9:94:ce:8a:09:45:1f:ea:
70:b2:06:c0:5d:b6:a4:92:b2:b4:60:14:b2:0b:82:8c:a0:6d:
52:5f:80:f2:6b:d0:2e:12:ad:90:1e:25:c5:3f:09:5d:da:f5:
a9:08:6c:46:cd:a1:10:ee:b5:7f:d3:34:fd:2a:22:c4:54:bc:
96:19:33:30:e3:98:8d:85:a7:9c:76:b6:4e:8e:01:92:b8:09:
f9:7d:75:75:e6:7e:be:0d:fd:b3:28:7d:6c:7f:85:1e:7a:f9:
d7:b4:43:a7:8d:d4:0a:1a:32:68:ea:a1:28:aa:f6:e6:b8:1c:
e4:10:d7:24:03:0e:d6:52:b2:e9:b5:85:2d:08:53:b8:b2:89:
85:c0:58:1e:ed:23:9b:5e:ad:13:76:99:e9:1b:0f:44:cd:67:
65:c6:86:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp4JWmATgoleh3MOWW3W4VTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MDQxMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmViOTNkNmZiZjVjMjViMDE2YmY2NjNlMGU1YzU5MTAwZGQ4OTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oh3MVNW7mxqRwymJ1ZtjYrXBMsf
DIvp+Np3DYV0CA1rTpjrJ56VURa1uVhKpKZX8sm2AnD5V62BPQKTthvO/IbyXptg
OwROQTjtV6A6P9fUkkzuFBLsFeutz+2DRvDu/8bXIN2I90JWWxNBYLl3xF2S3hu0
JQO7xvUJeN3T9EM1zSpS2+V/mbptIpHQkKuaSH9LkKN4N0TXCMDXdClzSxZpj5bF
kMX/0gHNydgJi5m2NZsu9rNIKcArlFshMXfvAnVTt46GGm7XZTmWlmYMw5//M/Yj
/ulc/Izhmi+bOux4ENPIZJsfvgWbNHpxJGrzBv9arTWt81PBVgRlK6mAoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHLrk9b79cJbAWv2Y+DlxZEA3YkEMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvY3V1VDF2djF3bHNCYV9aajRPWEZrUURkaVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHBHNyuMsNE/LPxUD8zn
Mx484yec3WrJd+yfgcgS9+aoORehIYIgW67xlkxHQeds05jEkXVUX606Z/ki8uDi
CFx2ng0g0/vgsKizDBt6GSXTEJliiaClnR41PXt+DQsyxIBplAiplM6KCUUf6nCy
BsBdtqSSsrRgFLILgoygbVJfgPJr0C4SrZAeJcU/CV3a9akIbEbNoRDutX/TNP0q
IsRUvJYZMzDjmI2Fp5x2tk6OAZK4Cfl9dXXmfr4N/bMofWx/hR56+de0Q6eN1Aoa
MmjqoSiq9ua4HOQQ1yQDDtZSsum1hS0IU7iyiYXAWB7tI5terRN2mekbD0TNZ2XG
ho0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:05 2025 by rpki-client