Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/h7dNyHTLIjy3SEHCwrrJDgKY1FM.roa
File: h7dNyHTLIjy3SEHCwrrJDgKY1FM.roa (raw, json)
Hash identifier: Y5TFdIl6bf6qSog/KcNqtF2bxRv6zr+6FGPwjMLC0j8=
Subject key identifier: 87:B7:4D:C8:74:CB:22:3C:B7:48:41:C2:C2:BA:C9:0E:02:98:D4:53
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A71488B48C8D58F970A28E5A52A82792F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/h7dNyHTLIjy3SEHCwrrJDgKY1FM.roa
Signing time: Thu 07 Sep 2023 20:14:54 +0000
ROA not before: Thu 07 Sep 2023 20:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:71:48:8b:48:c8:d5:8f:97:0a:28:e5:a5:2a:82:79:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 7 20:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87b74dc874cb223cb74841c2c2bac90e0298d453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:81:e9:ec:ee:fb:9e:4c:f1:67:9e:d3:c9:2a:
f9:32:bd:fb:6f:9d:bd:8f:cc:07:53:86:f9:1f:6b:
32:cb:72:3e:16:44:cb:27:2c:16:5c:0b:93:ad:53:
b5:8e:35:ef:c6:64:6b:e3:f3:35:16:08:af:15:85:
cb:76:62:84:98:50:72:9d:6a:b2:61:4c:e5:17:01:
f0:42:88:05:71:9d:e6:3f:a4:16:bc:9e:0e:27:d6:
23:d0:ca:40:6d:db:c4:8a:62:03:61:07:73:88:60:
c9:c9:3b:4e:8f:84:f6:37:30:f6:39:b8:ca:7b:18:
f0:d0:41:1d:70:64:5b:8d:60:c3:af:c7:2d:d5:ae:
01:ee:43:3f:e7:c0:27:10:61:b4:25:f7:d5:83:1d:
67:03:48:df:c9:8b:72:b4:ee:92:f1:50:f3:b9:b2:
2b:23:27:a6:c3:11:5d:4c:a7:f6:e7:32:2c:6a:e7:
6d:3e:3b:f4:d3:f2:97:c5:f3:b3:92:6b:33:c5:62:
7b:e9:4a:9e:1c:3e:46:37:0c:57:5f:c1:eb:66:0d:
6c:ed:f3:ea:57:7d:ec:e5:8a:73:09:c0:87:74:7b:
dc:9a:fe:21:0c:73:c9:46:21:55:77:d2:ee:57:c2:
47:22:9d:00:5c:d6:5b:e3:6a:80:30:da:96:66:33:
19:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B7:4D:C8:74:CB:22:3C:B7:48:41:C2:C2:BA:C9:0E:02:98:D4:53
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/h7dNyHTLIjy3SEHCwrrJDgKY1FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:00:ca:b2:46:72:3b:2b:42:18:11:1c:52:4a:9a:7e:7a:74:
8a:75:16:00:1f:02:0f:70:04:c3:29:b8:19:f5:1b:f0:ff:a6:
36:5c:0d:f3:25:c9:67:99:4a:e1:58:cb:b7:90:5b:bd:60:a2:
19:60:13:64:3d:20:6c:89:c2:6c:57:f8:b1:10:0c:36:d3:d7:
2b:c9:81:6f:0e:2f:4a:c3:0a:ad:23:f6:a9:7a:a5:69:c4:20:
6e:5a:ef:de:22:50:db:89:e3:7a:23:4a:3b:e7:7f:cc:ee:40:
81:e9:be:56:47:be:32:64:d9:e8:15:75:16:6a:65:ef:87:c1:
85:50:89:ca:d6:10:26:7a:19:d6:64:60:d7:4d:d3:88:0a:b2:
29:bb:10:35:8c:e6:5b:00:19:78:12:d7:9c:ce:53:21:0c:1f:
06:17:ee:94:3d:b7:8b:50:f9:b8:da:83:c8:66:a2:2b:62:46:
eb:d2:e7:5d:60:5e:85:75:e9:27:42:a2:ea:25:9f:b2:b4:17:
6c:bf:7f:bc:de:db:f7:2f:65:86:c9:36:b4:df:48:0d:49:15:
42:73:e7:aa:d1:bf:bb:6f:37:25:b6:6d:50:e4:b6:15:a0:11:
8c:54:f2:8a:f7:3d:b0:d7:04:5b:08:d0:a6:8e:3b:d6:f6:cf:
17:3a:67:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpxSItIyNWPlwoo5aUqgnkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA3MjAxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I3NGRjODc0Y2IyMjNjYjc0ODQxYzJjMmJhYzkwZTAyOThkNDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIHp7O77nkzxZ57TySr5Mr37b529
j8wHU4b5H2syy3I+FkTLJywWXAuTrVO1jjXvxmRr4/M1FgivFYXLdmKEmFBynWqy
YUzlFwHwQogFcZ3mP6QWvJ4OJ9Yj0MpAbdvEimIDYQdziGDJyTtOj4T2NzD2ObjK
exjw0EEdcGRbjWDDr8ct1a4B7kM/58AnEGG0JffVgx1nA0jfyYtytO6S8VDzubIr
IyemwxFdTKf25zIsaudtPjv00/KXxfOzkmszxWJ76UqeHD5GNwxXX8HrZg1s7fPq
V33s5YpzCcCHdHvcmv4hDHPJRiFVd9LuV8JHIp0AXNZb42qAMNqWZjMZLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIe3Tch0yyI8t0hBwsK6yQ4CmNRTMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaDdkTnlIVExJankzU0VIQ3dyckpEZ0tZMUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGMAyrJGcjsrQhgRHFJK
mn56dIp1FgAfAg9wBMMpuBn1G/D/pjZcDfMlyWeZSuFYy7eQW71gohlgE2Q9IGyJ
wmxX+LEQDDbT1yvJgW8OL0rDCq0j9ql6pWnEIG5a794iUNuJ43ojSjvnf8zuQIHp
vlZHvjJk2egVdRZqZe+HwYVQicrWECZ6GdZkYNdN04gKsim7EDWM5lsAGXgS15zO
UyEMHwYX7pQ9t4tQ+bjag8hmoitiRuvS511gXoV16SdCouoln7K0F2y/f7ze2/cv
ZYbJNrTfSA1JFUJz56rRv7tvNyW2bVDkthWgEYxU8or3PbDXBFsI0KaOO9b2zxc6
Z3A=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:38:03 2025 by rpki-client