Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/deGzoyTalrAnf24TDzoGV_rcw38.roa
File: deGzoyTalrAnf24TDzoGV_rcw38.roa (raw, json)
Hash identifier: AmWS2WqHt8ic8UMCkzrFwXaDco6REdsisI9p5zWvlgY=
Subject key identifier: 75:E1:B3:A3:24:DA:96:B0:27:7F:6E:13:0F:3A:06:57:FA:DC:C3:7F
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A458E8C707FF172AF3FBD5475437A8227
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/deGzoyTalrAnf24TDzoGV_rcw38.roa
Signing time: Wed 30 Aug 2023 08:28:04 +0000
ROA not before: Wed 30 Aug 2023 08:28:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:8e:8c:70:7f:f1:72:af:3f:bd:54:75:43:7a:82:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 08:28:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75e1b3a324da96b0277f6e130f3a0657fadcc37f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2b:f1:b4:07:4b:ed:7b:21:0c:43:d2:8d:b7:
46:8a:49:b6:d9:c3:6e:2b:48:24:69:c1:d8:30:f6:
42:bb:75:52:b7:1e:5b:ab:b2:9d:6d:e1:b5:9b:27:
b7:1f:c1:e1:84:7a:2c:55:fa:41:dc:f1:1e:3f:5b:
06:c4:75:b6:fd:61:93:b9:4c:c6:20:24:98:f0:10:
a4:7c:70:ac:00:8e:1c:86:0a:86:5e:58:2b:eb:17:
2c:3a:5a:11:38:12:f0:aa:10:54:31:c6:48:12:73:
35:78:92:62:56:f2:4a:44:17:1f:54:a3:0c:dc:47:
28:db:26:c3:61:4a:3d:cf:64:db:f5:ac:f6:91:0d:
32:ca:5b:e1:3f:f9:2c:9f:c5:29:62:8a:9f:d0:6e:
e5:90:69:7f:b3:47:74:f8:cf:4b:35:15:df:27:ff:
1b:d9:ae:40:a6:be:82:73:0b:7f:00:ca:cf:5d:6e:
ba:4c:d7:27:ff:8c:7b:ea:30:fd:26:dc:ca:af:95:
e0:68:ef:b4:29:de:33:31:67:b5:64:3c:f4:5b:12:
50:28:a5:5f:be:f3:3f:a8:67:ea:4c:ba:9e:34:50:
6b:37:bb:d9:2f:95:1b:d1:57:ef:1b:1a:02:9d:75:
51:e9:c6:d6:4f:4d:0a:04:3a:f2:c3:8a:13:2b:51:
e9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E1:B3:A3:24:DA:96:B0:27:7F:6E:13:0F:3A:06:57:FA:DC:C3:7F
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/deGzoyTalrAnf24TDzoGV_rcw38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4c:8e:95:8b:bc:c3:ac:12:9a:ad:d0:9a:80:d8:7d:cc:5c:ce:
d2:ed:6c:65:e0:27:40:84:4f:d4:c4:51:d3:40:95:a7:25:42:
5f:c1:fa:a9:cc:63:d4:f6:c8:d7:d6:42:e0:c3:ce:54:d2:42:
a1:18:2e:d5:7d:57:09:8c:b0:14:f8:93:0d:1a:10:b9:fb:51:
d4:3e:e8:76:1a:78:8e:26:c8:3e:4a:e9:44:68:14:da:41:fe:
50:02:e3:8e:ac:c2:43:5f:0f:28:ad:0e:c0:09:60:d3:91:55:
c1:33:5e:22:8c:ca:ee:14:24:93:85:39:41:df:d5:dd:75:07:
03:04:73:7d:c9:46:fe:d7:90:f4:75:81:a8:76:b4:d5:7f:00:
c2:6c:2a:d0:63:6a:24:90:8b:95:05:8d:4d:c3:db:a6:ed:ca:
b5:f0:0e:a7:6c:b7:e3:99:e9:7b:45:73:76:18:a8:cf:78:75:
88:78:50:6e:36:3b:b1:7e:43:ed:72:9a:f5:60:bf:c0:dd:fb:
49:c4:7a:08:b0:f0:f1:88:c8:08:5c:ce:80:03:4d:3a:f8:af:
ea:11:f6:34:bf:d5:c0:d4:4e:99:b4:97:23:8f:fd:15:7c:51:
11:4e:c5:51:d3:8a:40:3e:46:68:b9:90:ca:8a:95:81:9a:a6:
f3:db:22:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpFjoxwf/Fyrz+9VHVDeoInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMDgyODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWUxYjNhMzI0ZGE5NmIwMjc3ZjZlMTMwZjNhMDY1N2ZhZGNjMzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqivxtAdL7XshDEPSjbdGikm22cNu
K0gkacHYMPZCu3VStx5bq7KdbeG1mye3H8HhhHosVfpB3PEeP1sGxHW2/WGTuUzG
ICSY8BCkfHCsAI4chgqGXlgr6xcsOloROBLwqhBUMcZIEnM1eJJiVvJKRBcfVKMM
3Eco2ybDYUo9z2Tb9az2kQ0yylvhP/ksn8UpYoqf0G7lkGl/s0d0+M9LNRXfJ/8b
2a5Apr6Ccwt/AMrPXW66TNcn/4x76jD9JtzKr5XgaO+0Kd4zMWe1ZDz0WxJQKKVf
vvM/qGfqTLqeNFBrN7vZL5Ub0VfvGxoCnXVR6cbWT00KBDryw4oTK1HpcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHXhs6Mk2pawJ39uEw86Blf63MN/MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvZGVHem95VGFsckFuZjI0VER6b0dWX3JjdzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEyOlYu8w6wSmq3QmoDY
fcxcztLtbGXgJ0CET9TEUdNAlaclQl/B+qnMY9T2yNfWQuDDzlTSQqEYLtV9VwmM
sBT4kw0aELn7UdQ+6HYaeI4myD5K6URoFNpB/lAC446swkNfDyitDsAJYNORVcEz
XiKMyu4UJJOFOUHf1d11BwMEc33JRv7XkPR1gah2tNV/AMJsKtBjaiSQi5UFjU3D
26btyrXwDqdst+OZ6XtFc3YYqM94dYh4UG42O7F+Q+1ymvVgv8Dd+0nEegiw8PGI
yAhczoADTTr4r+oR9jS/1cDUTpm0lyOP/RV8URFOxVHTikA+Rmi5kMqKlYGapvPb
Ij4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:14:46 2025 by rpki-client