Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/fVlRmZVy483qbQs-bJD5EmuBvrs.roa
File: fVlRmZVy483qbQs-bJD5EmuBvrs.roa (raw, json)
Hash identifier: +WJyVtTJqWeAIiBEf/2z4LArz7oakS/Y2qsnS5giaCg=
Subject key identifier: 7D:59:51:99:95:72:E3:CD:EA:6D:0B:3E:6C:90:F9:12:6B:81:BE:BB
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6F2424A5AC2A451FBC249B1BF0FBBD7A
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/fVlRmZVy483qbQs-bJD5EmuBvrs.roa
Signing time: Thu 07 Sep 2023 10:15:54 +0000
ROA not before: Thu 07 Sep 2023 10:15:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:24:24:a5:ac:2a:45:1f:bc:24:9b:1b:f0:fb:bd:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 7 10:15:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d5951999572e3cdea6d0b3e6c90f9126b81bebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ae:1a:9e:e5:24:ab:57:ee:14:9b:81:44:f0:
e5:a0:34:aa:a9:17:0e:d7:ba:5d:47:0c:33:59:c6:
b9:89:dd:b3:d2:8b:6c:38:16:2a:2b:ba:f5:9d:0f:
9d:91:89:0c:ce:42:fd:5a:04:e4:1d:c6:19:1a:f9:
5e:e3:e5:8a:af:f5:82:96:74:c2:3a:e4:ae:ec:6c:
ce:e5:80:ed:be:ee:e9:1c:f9:90:d2:9c:bb:fa:d7:
50:5e:41:45:b1:f8:62:bc:40:a4:c5:3b:51:2f:61:
bf:48:72:e7:14:ce:fa:6e:d3:b5:13:67:8f:48:d6:
64:0f:af:7d:20:c0:1c:b9:1a:a3:fa:24:92:04:4c:
f1:b0:24:74:02:2b:87:40:de:04:d4:b7:07:4a:fb:
bf:64:d8:16:e6:b7:7b:eb:e3:5d:61:70:22:ae:3c:
c9:bb:fa:dc:00:f7:7d:ca:17:9a:e5:54:08:e7:61:
39:39:1f:ad:42:74:63:2e:65:01:09:eb:c6:37:23:
22:e2:df:07:71:e4:c9:80:f9:11:b4:50:50:2b:2a:
c4:99:fc:1b:9b:cf:80:a1:60:b6:4a:3e:ff:ef:37:
90:bc:be:12:b7:01:9a:4a:56:fa:73:b7:ae:16:22:
b3:97:37:4a:1d:29:67:8b:55:03:d7:c4:36:ec:c8:
e1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:59:51:99:95:72:E3:CD:EA:6D:0B:3E:6C:90:F9:12:6B:81:BE:BB
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/fVlRmZVy483qbQs-bJD5EmuBvrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
32:52:d0:f9:da:15:73:b1:29:97:a0:d8:3d:57:b9:e2:1f:ca:
77:9d:11:68:0f:77:f1:35:a9:1c:7c:ed:a3:9c:17:43:5a:d6:
97:92:a4:2c:77:5d:c7:cc:8e:39:e3:1f:dd:24:cf:73:bf:c8:
7f:05:67:b0:08:f8:fc:57:2f:d0:da:8d:6f:91:8d:af:e3:c5:
64:0a:68:a4:bc:c2:e5:fd:11:46:47:47:78:64:61:59:4e:f5:
e6:31:c8:dd:bf:4a:57:cc:d5:ea:4a:2f:8a:f5:29:b6:f0:32:
98:2b:56:e4:c8:72:1a:66:f9:3d:18:54:9f:c7:0c:86:3e:7b:
8d:04:0f:8f:b9:66:38:c6:5d:52:dc:04:f9:2f:4e:3e:53:d5:
b9:e0:10:d7:a4:a1:25:16:c6:54:f3:2b:fd:93:89:6c:76:34:
6f:cf:73:96:f6:49:0a:5c:20:a4:be:79:cf:fd:8a:3f:b2:fb:
15:5d:be:45:10:60:a1:c4:68:01:a0:1f:8a:4a:85:84:8f:60:
75:ac:69:2c:ff:2d:9f:8b:bc:1b:c5:6b:d3:42:ca:45:17:2a:
e5:85:76:b2:5e:bc:6f:4c:23:e9:52:04:61:80:34:3a:88:47:
79:e3:45:05:f3:b7:90:84:f7:4a:7a:60:60:b9:3e:5c:b3:20:
98:86:0f:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpvJCSlrCpFH7wkmxvw+716MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA3MTAxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDU5NTE5OTk1NzJlM2NkZWE2ZDBiM2U2YzkwZjkxMjZiODFiZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi64anuUkq1fuFJuBRPDloDSqqRcO
17pdRwwzWca5id2z0otsOBYqK7r1nQ+dkYkMzkL9WgTkHcYZGvle4+WKr/WClnTC
OuSu7GzO5YDtvu7pHPmQ0py7+tdQXkFFsfhivECkxTtRL2G/SHLnFM76btO1E2eP
SNZkD699IMAcuRqj+iSSBEzxsCR0AiuHQN4E1LcHSvu/ZNgW5rd76+NdYXAirjzJ
u/rcAPd9yhea5VQI52E5OR+tQnRjLmUBCevGNyMi4t8HceTJgPkRtFBQKyrEmfwb
m8+AoWC2Sj7/7zeQvL4StwGaSlb6c7euFiKzlzdKHSlni1UD18Q27Mjh1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH1ZUZmVcuPN6m0LPmyQ+RJrgb67MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvZlZsUm1aVnk0ODNxYlFzLWJKRDVFbXVCdnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADJS0PnaFXOxKZeg2D1X
ueIfynedEWgPd/E1qRx87aOcF0Na1peSpCx3XcfMjjnjH90kz3O/yH8FZ7AI+PxX
L9DajW+Rja/jxWQKaKS8wuX9EUZHR3hkYVlO9eYxyN2/SlfM1epKL4r1KbbwMpgr
VuTIchpm+T0YVJ/HDIY+e40ED4+5ZjjGXVLcBPkvTj5T1bngENekoSUWxlTzK/2T
iWx2NG/Pc5b2SQpcIKS+ec/9ij+y+xVdvkUQYKHEaAGgH4pKhYSPYHWsaSz/LZ+L
vBvFa9NCykUXKuWFdrJevG9MI+lSBGGANDqIR3njRQXzt5CE90p6YGC5PlyzIJiG
D9I=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:35:14 2025 by rpki-client