Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/egXsHtlU5NvumdLGCUBbq8KfqDM.roa
File: egXsHtlU5NvumdLGCUBbq8KfqDM.roa (raw, json)
Hash identifier: y2YgiVSe/CH+k6UP7MNqQjaPpialRJkCQmX9u4/YnJY=
Subject key identifier: 7A:05:EC:1E:D9:54:E4:DB:EE:99:D2:C6:09:40:5B:AB:C2:9F:A8:33
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5D883E89B46059CAAE546BD8F8419AAB
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/egXsHtlU5NvumdLGCUBbq8KfqDM.roa
Signing time: Mon 04 Sep 2023 00:12:04 +0000
ROA not before: Mon 04 Sep 2023 00:12:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5d:88:3e:89:b4:60:59:ca:ae:54:6b:d8:f8:41:9a:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 00:12:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a05ec1ed954e4dbee99d2c609405babc29fa833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1c:a5:4a:4a:67:4e:4c:07:2c:f6:66:91:c7:
8d:f4:d9:28:11:e7:d3:8e:d7:17:f2:d8:84:27:bc:
2b:e5:29:23:62:be:9c:e9:0e:b7:51:44:23:a4:b0:
a0:d0:50:d0:38:fc:74:73:9a:8f:6d:22:70:8d:3c:
1a:f9:14:17:bd:0f:67:ff:14:4a:f2:24:d5:e7:d8:
a6:6b:24:6b:24:f9:c8:f3:7c:4d:69:9f:f9:b2:53:
9d:d3:9b:b6:25:06:b2:bf:ca:b1:94:bb:c1:9f:ee:
26:ef:2e:1f:17:3f:c5:e3:f5:b8:53:07:65:f4:31:
a6:09:13:55:81:99:c9:f3:53:d1:58:92:ea:54:8a:
4e:99:56:4f:b1:c8:9e:35:6f:63:68:c9:d3:ac:c6:
2d:1d:a7:99:f7:06:e8:37:91:4e:aa:c7:a6:86:29:
54:0f:2f:d4:78:e6:1b:9d:3d:69:66:58:e9:98:5f:
00:6d:39:3d:b5:be:4a:7c:4a:bc:f8:d9:f0:07:94:
2f:31:8a:91:30:bf:b1:0c:92:57:3e:af:f8:aa:48:
f0:dc:d2:88:81:35:fb:18:a9:26:81:92:45:ae:db:
46:2a:3a:74:70:d5:2c:77:e0:f7:1e:f8:f0:84:87:
15:13:d0:24:d9:d4:b6:58:d8:1a:ca:76:0d:63:54:
c9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:05:EC:1E:D9:54:E4:DB:EE:99:D2:C6:09:40:5B:AB:C2:9F:A8:33
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/egXsHtlU5NvumdLGCUBbq8KfqDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:39:19:4d:92:20:ca:aa:d1:62:b7:01:1e:23:59:6f:e0:23:
98:f6:35:11:5a:69:6d:a8:2e:8c:08:9e:c1:40:7e:11:b2:4c:
b5:5b:a5:dd:cb:05:81:d5:c3:96:e4:14:3a:77:d1:d2:87:fb:
bf:c6:4a:7c:c6:6d:29:0a:fd:b0:f5:be:6c:ea:a9:59:54:11:
d4:e4:39:65:4b:43:fd:ef:5b:13:21:fe:2e:c5:c1:23:f4:82:
bd:b6:eb:1e:94:5e:27:ab:f1:db:de:70:91:a9:c2:9c:5c:36:
7a:6a:71:00:40:f5:56:06:1a:b4:9b:88:66:3d:eb:6a:ad:60:
33:f1:7b:44:9e:70:95:46:52:38:e7:8a:c8:21:2f:93:dc:b1:
ba:be:cc:4e:d2:e1:1e:c1:37:61:4f:33:47:c4:67:85:c3:a2:
e1:b2:3e:3e:33:f8:cf:22:97:07:07:0e:77:a6:ca:0e:f4:66:
c7:fa:41:9e:36:fa:75:1d:b3:bf:b7:76:f3:91:df:d3:29:f8:
13:1d:ff:5e:3e:a0:0d:13:56:44:6f:5c:07:13:c5:74:a4:60:
67:ee:df:48:36:d0:d0:56:bc:55:26:53:2d:32:c4:ad:2b:5b:
2e:97:b1:20:6b:bc:a8:66:90:ac:fe:ad:ad:e8:d3:d1:d4:70:
68:db:01:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpdiD6JtGBZyq5Ua9j4QZqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MDAxMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTA1ZWMxZWQ5NTRlNGRiZWU5OWQyYzYwOTQwNWJhYmMyOWZhODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthylSkpnTkwHLPZmkceN9NkoEefT
jtcX8tiEJ7wr5SkjYr6c6Q63UUQjpLCg0FDQOPx0c5qPbSJwjTwa+RQXvQ9n/xRK
8iTV59imayRrJPnI83xNaZ/5slOd05u2JQayv8qxlLvBn+4m7y4fFz/F4/W4Uwdl
9DGmCRNVgZnJ81PRWJLqVIpOmVZPscieNW9jaMnTrMYtHaeZ9wboN5FOqsemhilU
Dy/UeOYbnT1pZljpmF8AbTk9tb5KfEq8+NnwB5QvMYqRML+xDJJXPq/4qkjw3NKI
gTX7GKkmgZJFrttGKjp0cNUsd+D3HvjwhIcVE9Ak2dS2WNgaynYNY1TJJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHoF7B7ZVOTb7pnSxglAW6vCn6gzMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvZWdYc0h0bFU1TnZ1bWRMR0NVQmJxOEtmcURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFg5GU2SIMqq0WK3AR4j
WW/gI5j2NRFaaW2oLowInsFAfhGyTLVbpd3LBYHVw5bkFDp30dKH+7/GSnzGbSkK
/bD1vmzqqVlUEdTkOWVLQ/3vWxMh/i7FwSP0gr226x6UXier8dvecJGpwpxcNnpq
cQBA9VYGGrSbiGY962qtYDPxe0SecJVGUjjnisghL5Pcsbq+zE7S4R7BN2FPM0fE
Z4XDouGyPj4z+M8ilwcHDnemyg70Zsf6QZ42+nUds7+3dvOR39Mp+BMd/14+oA0T
VkRvXAcTxXSkYGfu30g20NBWvFUmUy0yxK0rWy6XsSBrvKhmkKz+ra3o09HUcGjb
AfQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:48 2025 by rpki-client