Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/g6EVu3J5f0BCQAt8uMGer_s6gpA.roa
File: g6EVu3J5f0BCQAt8uMGer_s6gpA.roa (raw, json)
Hash identifier: QhiJWBFgVD+7tuz/aQClu5EbZb8BHBNeylrlSV1VGcM=
Subject key identifier: 83:A1:15:BB:72:79:7F:40:42:40:0B:7C:B8:C1:9E:AF:FB:3A:82:90
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6E7AC5C09F0DBDE36030D3A8F13ECDF7
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/g6EVu3J5f0BCQAt8uMGer_s6gpA.roa
Signing time: Thu 07 Sep 2023 07:10:54 +0000
ROA not before: Thu 07 Sep 2023 07:10:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6e:7a:c5:c0:9f:0d:bd:e3:60:30:d3:a8:f1:3e:cd:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 7 07:10:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83a115bb72797f4042400b7cb8c19eaffb3a8290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:16:db:4e:e7:b0:32:ad:59:2c:c0:00:24:a8:
60:12:de:28:fd:cd:9c:58:bf:5d:ad:1a:08:c5:98:
c8:18:81:73:e9:6d:9a:6f:50:9b:82:89:13:23:ee:
5d:c4:12:98:31:41:29:a2:94:55:f2:b7:e6:7e:a7:
a2:e3:07:77:56:3d:b1:9c:0a:a3:a2:1b:7f:c9:8a:
8b:ca:1f:15:2b:05:e3:d1:1a:a6:38:29:ec:f6:0c:
e2:81:56:74:74:f8:2b:14:ca:38:10:35:58:97:61:
4b:76:ab:88:e0:9d:c2:ac:b7:25:3e:30:c4:08:7c:
57:5c:45:41:3e:70:d4:5f:01:b7:91:d0:6c:ea:17:
5c:13:56:ff:1c:b1:53:4b:1c:ec:dd:51:50:96:c6:
57:41:ca:d7:42:63:49:3b:a5:6a:94:34:ca:31:5b:
7c:e9:4e:a1:59:7c:6d:72:ff:ae:57:94:91:68:97:
d8:04:e7:2d:77:7a:43:dd:f3:3b:3b:34:cf:f4:62:
d2:21:4c:54:cf:1f:e4:24:d1:1c:c4:9c:42:fa:2f:
00:3b:46:73:12:71:dd:94:c6:e9:4e:74:e0:c0:be:
7c:4b:e4:67:7b:e7:e0:62:4b:74:61:fd:25:3c:95:
66:d6:3f:62:ac:72:69:fa:39:90:a4:9c:9a:d1:c3:
7d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:A1:15:BB:72:79:7F:40:42:40:0B:7C:B8:C1:9E:AF:FB:3A:82:90
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/g6EVu3J5f0BCQAt8uMGer_s6gpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:01:60:90:93:e6:4a:59:88:2a:e8:a7:44:60:0d:a5:5a:68:
d0:db:87:94:f2:37:62:2c:5c:73:af:9e:b8:4b:80:c9:3f:c7:
44:c0:30:ab:cf:e0:f3:c3:73:ab:69:63:71:d6:fc:ea:50:5f:
1d:13:28:12:bf:1b:1b:d3:36:4f:ab:88:b9:e0:27:78:e0:f0:
a8:01:7c:42:25:38:12:2e:d3:2c:32:63:13:fb:aa:51:7c:84:
65:a6:32:ea:d0:44:92:bd:57:e5:d1:0d:1c:32:65:8a:c3:4c:
63:d8:eb:08:ad:79:04:5c:cd:16:3e:8e:6b:9f:af:a3:a8:48:
f5:e9:f5:de:a0:c0:26:4d:b0:d9:e5:19:11:bb:88:c1:df:b5:
41:3e:08:36:5d:73:a8:f1:e0:42:6c:d8:6f:9e:b6:62:83:cf:
30:05:78:e2:50:bd:8d:9d:bd:6d:1f:96:e6:18:75:44:44:d8:
54:ed:d4:9f:ad:82:6f:de:bf:56:2c:d6:f1:bd:4f:3d:5c:e4:
02:b2:11:2a:a9:4a:a0:30:04:84:6b:ff:f2:b9:25:58:10:2a:
29:18:bc:97:dc:44:84:d0:56:68:36:c0:79:24:4c:71:21:6d:
7a:57:08:78:ef:1c:49:a1:30:3b:20:da:6d:30:38:83:f9:c5:
6d:41:47:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpuesXAnw2942Aw06jxPs33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA3MDcxMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2ExMTViYjcyNzk3ZjQwNDI0MDBiN2NiOGMxOWVhZmZiM2E4MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBbbTuewMq1ZLMAAJKhgEt4o/c2c
WL9drRoIxZjIGIFz6W2ab1CbgokTI+5dxBKYMUEpopRV8rfmfqei4wd3Vj2xnAqj
oht/yYqLyh8VKwXj0RqmOCns9gzigVZ0dPgrFMo4EDVYl2FLdquI4J3CrLclPjDE
CHxXXEVBPnDUXwG3kdBs6hdcE1b/HLFTSxzs3VFQlsZXQcrXQmNJO6VqlDTKMVt8
6U6hWXxtcv+uV5SRaJfYBOctd3pD3fM7OzTP9GLSIUxUzx/kJNEcxJxC+i8AO0Zz
EnHdlMbpTnTgwL58S+Rne+fgYkt0Yf0lPJVm1j9irHJp+jmQpJya0cN9IwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIOhFbtyeX9AQkALfLjBnq/7OoKQMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvZzZFVnUzSjVmMEJDUUF0OHVNR2VyX3M2Z3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFABYJCT5kpZiCrop0Rg
DaVaaNDbh5TyN2IsXHOvnrhLgMk/x0TAMKvP4PPDc6tpY3HW/OpQXx0TKBK/GxvT
Nk+riLngJ3jg8KgBfEIlOBIu0ywyYxP7qlF8hGWmMurQRJK9V+XRDRwyZYrDTGPY
6witeQRczRY+jmufr6OoSPXp9d6gwCZNsNnlGRG7iMHftUE+CDZdc6jx4EJs2G+e
tmKDzzAFeOJQvY2dvW0fluYYdURE2FTt1J+tgm/ev1Ys1vG9Tz1c5AKyESqpSqAw
BIRr//K5JVgQKikYvJfcRITQVmg2wHkkTHEhbXpXCHjvHEmhMDsg2m0wOIP5xW1B
Rz0=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:37:10 2025 by rpki-client