Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hEgupURmR2tz6O7CCjcJc0ycUY0.roa
File: hEgupURmR2tz6O7CCjcJc0ycUY0.roa (raw, json)
Hash identifier: eHre6wpVN5VtScMfHJWKAZvFlJnB6a02N3M/DoEbQ30=
Subject key identifier: 84:48:2E:A5:44:66:47:6B:73:E8:EE:C2:0A:37:09:73:4C:9C:51:8D
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9093598DB8B5097F83B0DB7508A11D55
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hEgupURmR2tz6O7CCjcJc0ycUY0.roa
Signing time: Wed 13 Sep 2023 22:04:50 +0000
ROA not before: Wed 13 Sep 2023 22:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:9092:b995/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:90:93:59:8d:b8:b5:09:7f:83:b0:db:75:08:a1:1d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 22:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84482ea54466476b73e8eec20a3709734c9c518d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d6:da:3f:1c:b4:3f:0b:eb:f0:bf:50:b7:fc:
3d:d3:26:e6:72:8b:5a:5b:97:f6:d9:32:17:f7:2f:
99:af:46:9e:ee:6f:19:be:04:55:5e:29:68:3d:9a:
61:70:d9:9c:80:f1:89:c4:ee:27:23:ab:dd:b3:b8:
88:af:4c:bf:e7:65:22:ba:fc:29:b2:f8:f6:3c:48:
9e:23:14:89:07:13:c0:be:8d:5b:a9:d5:02:b7:cf:
1d:cb:ae:95:b1:d8:3b:c5:75:9e:4c:48:ca:ab:f4:
37:4a:14:fa:42:6c:64:9a:45:7b:ec:01:b7:f8:71:
b5:75:a1:70:b9:0f:fc:0b:9b:c9:08:25:23:e5:93:
d4:4d:80:48:20:47:15:70:41:be:e3:8c:37:cf:58:
1d:f2:2c:9b:f5:25:1e:47:0f:73:81:c7:ab:de:7a:
5f:70:f2:02:6d:ef:97:8b:47:b8:b3:93:67:52:d6:
2d:29:2d:f5:5c:c1:4a:3e:c1:3f:bb:f6:56:ef:2e:
60:c1:f1:cc:59:42:c4:0c:29:1e:e0:54:f0:40:c9:
3f:18:fa:fc:ef:eb:37:e7:af:8d:b5:b8:8d:1f:2c:
f5:44:48:88:ce:ca:0e:8e:da:9a:71:6d:54:f2:1c:
05:84:81:b8:e9:ca:03:2d:85:bd:6a:49:60:05:4b:
f2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:48:2E:A5:44:66:47:6B:73:E8:EE:C2:0A:37:09:73:4C:9C:51:8D
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hEgupURmR2tz6O7CCjcJc0ycUY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:5e:2c:d6:d6:47:90:35:3e:a5:b0:76:9c:3b:ca:e9:52:3d:
62:fc:9d:e0:f1:64:aa:7a:3d:16:d9:69:21:e9:b4:2b:2f:b0:
f2:27:db:4b:b2:aa:0f:9e:43:94:67:03:45:85:80:5c:eb:34:
00:84:d8:5f:49:02:b9:2b:e2:da:3d:77:04:6a:56:ba:6b:6e:
dc:49:cd:0a:c7:fc:28:de:0f:21:14:2a:41:da:15:1c:79:53:
f6:6c:9f:7e:fb:0a:c3:76:c1:3f:45:33:02:e8:97:a8:6b:d6:
9d:70:80:a8:1a:cc:0c:2b:b7:5e:a5:33:9d:c5:a4:3b:5e:a0:
fc:08:90:53:a3:23:ab:97:38:3a:58:6d:1b:f6:23:1d:5c:4d:
ab:f7:8b:60:bc:f8:d2:a7:51:88:0b:50:36:da:44:61:5d:c2:
7f:e9:85:7b:01:28:b7:81:bb:b0:21:39:c1:24:cf:6c:57:3d:
c4:e7:8d:75:ff:13:59:aa:ea:1b:f2:87:29:6c:04:65:9a:53:
d4:57:d5:53:d7:6e:62:32:d1:9e:26:5f:ba:dc:f4:0f:45:e6:
d2:32:17:32:12:e9:14:b7:6a:89:1a:61:55:41:3b:ae:9c:19:
a8:87:c9:32:27:31:3c:70:27:7e:87:97:01:fb:8a:50:50:54:
67:a0:46:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqQk1mNuLUJf4Ow23UIoR1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMjIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQ4MmVhNTQ0NjY0NzZiNzNlOGVlYzIwYTM3MDk3MzRjOWM1MThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdbaPxy0Pwvr8L9Qt/w90ybmcota
W5f22TIX9y+Zr0ae7m8ZvgRVXiloPZphcNmcgPGJxO4nI6vds7iIr0y/52Uiuvwp
svj2PEieIxSJBxPAvo1bqdUCt88dy66Vsdg7xXWeTEjKq/Q3ShT6QmxkmkV77AG3
+HG1daFwuQ/8C5vJCCUj5ZPUTYBIIEcVcEG+44w3z1gd8iyb9SUeRw9zgcer3npf
cPICbe+Xi0e4s5NnUtYtKS31XMFKPsE/u/ZW7y5gwfHMWULEDCke4FTwQMk/GPr8
7+s356+NtbiNHyz1REiIzsoOjtqacW1U8hwFhIG46coDLYW9aklgBUvyZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIRILqVEZkdrc+juwgo3CXNMnFGNMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaEVndXBVUm1SMnR6Nk83Q0NqY0pjMHljVVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGJeLNbWR5A1PqWwdpw7
yulSPWL8neDxZKp6PRbZaSHptCsvsPIn20uyqg+eQ5RnA0WFgFzrNACE2F9JArkr
4to9dwRqVrprbtxJzQrH/CjeDyEUKkHaFRx5U/Zsn377CsN2wT9FMwLol6hr1p1w
gKgazAwrt16lM53FpDteoPwIkFOjI6uXODpYbRv2Ix1cTav3i2C8+NKnUYgLUDba
RGFdwn/phXsBKLeBu7AhOcEkz2xXPcTnjXX/E1mq6hvyhylsBGWaU9RX1VPXbmIy
0Z4mX7rc9A9F5tIyFzIS6RS3aokaYVVBO66cGaiHyTInMTxwJ36HlwH7ilBQVGeg
Rlw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:22 2025 by rpki-client