Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/gazwcMjgTlHWBZuQ6I7QY4iSmek.roa
File: gazwcMjgTlHWBZuQ6I7QY4iSmek.roa (raw, json)
Hash identifier: f5UV+60IcWITb3TIBC7hkWBVJH9cx7QEBWI+uIwiiWM=
Subject key identifier: 81:AC:F0:70:C8:E0:4E:51:D6:05:9B:90:E8:8E:D0:63:88:92:99:E9
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A488844132AC38F87D4C327EA9CF32199
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/gazwcMjgTlHWBZuQ6I7QY4iSmek.roa
Signing time: Wed 30 Aug 2023 22:20:04 +0000
ROA not before: Wed 30 Aug 2023 22:20:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:48:88:44:13:2a:c3:8f:87:d4:c3:27:ea:9c:f3:21:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 22:20:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81acf070c8e04e51d6059b90e88ed063889299e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f9:26:18:8f:14:db:5c:57:ab:57:83:ae:15:
0f:1f:e8:36:a7:ea:3c:2e:ec:c0:19:50:13:c2:a4:
10:70:dd:21:28:54:52:6c:2f:ff:87:a2:83:4c:e0:
1d:ab:ea:eb:5b:3e:1b:fe:dd:15:ec:2b:ae:1e:52:
f0:d6:62:b7:49:6a:30:a7:82:db:46:53:28:66:ce:
3f:25:fc:a2:fc:ea:8a:fe:4a:34:31:89:f4:eb:5c:
c8:57:85:5b:f6:2a:c9:00:7f:11:5f:b7:9c:e5:37:
fe:af:21:48:3d:ab:d2:03:20:e7:9c:d8:52:75:44:
44:1c:98:d6:3b:87:34:19:1d:a3:7f:ff:aa:97:9e:
c4:3c:d2:db:fa:41:d5:b6:98:7e:5a:53:bb:13:1f:
27:30:e6:94:25:e3:cd:2e:98:dc:c4:07:fc:ec:e2:
19:75:dd:fc:65:63:ef:5c:60:df:6d:e5:e4:94:a1:
06:16:14:c0:91:8a:69:6d:d4:87:63:4e:79:4d:c5:
12:fa:1e:75:0e:de:36:17:0b:81:6f:4e:f6:d1:cb:
14:02:21:a4:d0:eb:b5:ac:71:e1:e8:d1:41:76:f4:
3f:fa:cc:7d:e4:ae:8f:4b:78:03:72:76:03:45:3e:
82:ce:bc:01:7b:0f:b0:4b:65:0a:4f:09:54:41:e3:
8a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AC:F0:70:C8:E0:4E:51:D6:05:9B:90:E8:8E:D0:63:88:92:99:E9
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/gazwcMjgTlHWBZuQ6I7QY4iSmek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:85:69:d6:21:3b:a3:a0:19:ed:0c:b0:24:f7:ef:57:88:7c:
34:f3:55:27:04:5c:55:3c:b9:ed:53:2a:b2:b8:46:69:d4:de:
9a:88:46:22:b5:59:58:6b:75:7a:23:c8:5d:96:c7:93:ab:24:
93:60:a1:68:1c:bd:2e:ac:7f:cf:79:5a:7b:97:05:6e:dc:66:
8d:e1:20:31:1c:5a:ae:30:ce:73:37:7a:3a:66:83:ca:14:14:
49:c1:ab:3b:52:c2:27:e2:71:e1:f2:c9:69:39:67:4b:61:55:
d5:6a:81:b6:48:08:f4:8d:6f:9f:2d:c5:df:31:5e:90:d8:de:
24:f0:b5:0d:b8:d9:ac:f9:80:79:12:23:17:ac:27:89:0c:f6:
f7:99:d5:cb:18:c4:44:d9:4e:52:93:19:d6:cf:01:c8:d5:3b:
40:98:fb:74:0d:12:ff:80:06:9c:d5:9e:d5:34:aa:6e:86:a9:
a7:a7:f9:ea:81:66:3b:f6:9a:bd:a1:4f:b4:48:ef:b1:18:96:
34:cb:c0:c4:ca:6b:60:22:bb:80:33:f4:bb:74:6d:7f:88:46:
15:4e:6a:58:58:0f:1e:c4:b5:28:26:10:fe:06:13:94:7b:a3:
68:1d:99:b5:f8:89:ed:6d:b9:5a:34:56:e5:38:6e:86:42:61:
a8:25:bc:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpIiEQTKsOPh9TDJ+qc8yGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMjIyMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWFjZjA3MGM4ZTA0ZTUxZDYwNTliOTBlODhlZDA2Mzg4OTI5OWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfkmGI8U21xXq1eDrhUPH+g2p+o8
LuzAGVATwqQQcN0hKFRSbC//h6KDTOAdq+rrWz4b/t0V7CuuHlLw1mK3SWowp4Lb
RlMoZs4/Jfyi/OqK/ko0MYn061zIV4Vb9irJAH8RX7ec5Tf+ryFIPavSAyDnnNhS
dUREHJjWO4c0GR2jf/+ql57EPNLb+kHVtph+WlO7Ex8nMOaUJePNLpjcxAf87OIZ
dd38ZWPvXGDfbeXklKEGFhTAkYppbdSHY055TcUS+h51Dt42FwuBb0720csUAiGk
0Ou1rHHh6NFBdvQ/+sx95K6PS3gDcnYDRT6CzrwBew+wS2UKTwlUQeOK+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIGs8HDI4E5R1gWbkOiO0GOIkpnpMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvZ2F6d2NNamdUbEhXQlp1UTZJN1FZNGlTbWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAICFadYhO6OgGe0MsCT3
71eIfDTzVScEXFU8ue1TKrK4RmnU3pqIRiK1WVhrdXojyF2Wx5OrJJNgoWgcvS6s
f895WnuXBW7cZo3hIDEcWq4wznM3ejpmg8oUFEnBqztSwificeHyyWk5Z0thVdVq
gbZICPSNb58txd8xXpDY3iTwtQ242az5gHkSIxesJ4kM9veZ1csYxETZTlKTGdbP
AcjVO0CY+3QNEv+ABpzVntU0qm6Gqaen+eqBZjv2mr2hT7RI77EYljTLwMTKa2Ai
u4Az9Lt0bX+IRhVOalhYDx7EtSgmEP4GE5R7o2gdmbX4ie1tuVo0VuU4boZCYagl
vGI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:03 2025 by rpki-client