Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hT16omGMTYwpMY-_DyUOvFbKtNA.roa
File: hT16omGMTYwpMY-_DyUOvFbKtNA.roa (raw, json)
Hash identifier: utwoLNKzLGUFoUXeUhPkZgT2vzf1/zCYKmmxGSmm9qg=
Subject key identifier: 85:3D:7A:A2:61:8C:4D:8C:29:31:8F:BF:0F:25:0E:BC:56:CA:B4:D0
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A91AF28EC6B726FAE1002FB8E1CBD481E
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hT16omGMTYwpMY-_DyUOvFbKtNA.roa
Signing time: Thu 14 Sep 2023 03:14:50 +0000
ROA not before: Thu 14 Sep 2023 03:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:91:af:28:ec:6b:72:6f:ae:10:02:fb:8e:1c:bd:48:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 14 03:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=853d7aa2618c4d8c29318fbf0f250ebc56cab4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:20:f4:17:77:d5:42:b3:d4:d5:54:a1:c5:ed:
b1:ca:ab:7f:9b:11:0c:0d:4b:72:01:f9:00:09:55:
05:0e:01:20:f0:08:90:8b:d1:1d:dc:db:61:1c:15:
82:cc:11:6e:4f:f3:7a:88:46:c9:dd:81:42:b0:2f:
ff:55:3a:93:02:a2:ee:45:42:e8:d5:9b:9f:01:12:
4b:d1:d7:c1:fa:4e:a9:61:2a:e9:4c:f6:d5:df:7d:
3b:2e:bf:d3:60:46:36:78:3b:f8:cf:f0:72:c8:7b:
02:a6:e1:ab:a7:da:65:fa:05:2b:93:77:9b:4b:83:
3d:60:b8:b7:ac:4e:b6:db:cf:18:ab:5e:a9:19:69:
aa:83:3f:43:f0:d1:3b:21:dc:a5:fa:59:d6:c7:4c:
9f:c9:af:6b:95:e9:e1:be:9a:2f:fd:3e:05:43:f7:
da:db:77:a0:c6:9d:04:6d:5e:16:68:cf:58:a4:81:
8b:20:30:02:90:11:42:22:14:89:f6:48:a7:73:2e:
9f:71:9b:35:4d:17:66:1c:06:a7:44:98:36:d8:00:
33:79:19:eb:b4:73:30:3a:17:96:8e:08:cc:b1:14:
62:30:26:1a:88:c0:74:e3:f1:c6:d2:22:69:5a:3b:
7d:94:62:01:f8:b0:ed:29:74:b7:6d:81:07:28:b1:
9a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3D:7A:A2:61:8C:4D:8C:29:31:8F:BF:0F:25:0E:BC:56:CA:B4:D0
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hT16omGMTYwpMY-_DyUOvFbKtNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:59:95:b5:6a:c9:31:dd:24:00:fc:05:0f:c9:32:6f:42:3b:
ab:0c:93:6d:56:be:f4:3c:93:a4:d6:08:38:79:60:1c:64:3a:
7b:b4:fa:5c:d6:76:ae:36:12:34:82:aa:08:fd:30:34:4c:10:
52:1e:56:39:3a:86:01:93:92:39:3d:2e:db:e9:5a:32:8c:e9:
2b:3d:56:0d:42:6e:cd:f9:2f:ed:c4:91:37:35:2b:ff:5d:cc:
b9:22:b6:65:88:80:f5:01:6b:36:77:6b:66:49:9a:31:c7:ab:
58:43:17:0c:52:2d:db:73:9b:5a:c7:f3:d1:c6:f5:fd:5e:38:
55:2a:50:2e:44:5a:31:c2:64:23:fe:08:21:06:37:32:85:23:
64:33:8b:7d:ee:6f:51:50:53:76:06:48:70:aa:75:fa:32:6d:
dd:fd:48:e6:e5:0c:0e:10:b6:02:7b:12:cf:5a:09:71:7a:7a:
e8:be:c9:e9:a0:28:b8:8a:d8:94:30:72:d6:76:1f:80:0e:17:
df:a7:2a:94:89:f2:7a:58:e6:1b:d8:1b:26:d8:f5:a4:00:e2:
fa:6b:5a:1a:95:63:c7:0d:ca:fb:1c:b5:ad:26:a7:29:77:eb:
94:48:ee:1c:2c:83:36:34:b6:ee:53:f1:96:bd:10:9c:b8:ab:
9d:c1:63:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqRryjsa3JvrhAC+44cvUgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE0MDMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTNkN2FhMjYxOGM0ZDhjMjkzMThmYmYwZjI1MGViYzU2Y2FiNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviD0F3fVQrPU1VShxe2xyqt/mxEM
DUtyAfkACVUFDgEg8AiQi9Ed3NthHBWCzBFuT/N6iEbJ3YFCsC//VTqTAqLuRULo
1ZufARJL0dfB+k6pYSrpTPbV3307Lr/TYEY2eDv4z/ByyHsCpuGrp9pl+gUrk3eb
S4M9YLi3rE62288Yq16pGWmqgz9D8NE7Idyl+lnWx0yfya9rlenhvpov/T4FQ/fa
23egxp0EbV4WaM9YpIGLIDACkBFCIhSJ9kincy6fcZs1TRdmHAanRJg22AAzeRnr
tHMwOheWjgjMsRRiMCYaiMB04/HG0iJpWjt9lGIB+LDtKXS3bYEHKLGa7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIU9eqJhjE2MKTGPvw8lDrxWyrTQMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaFQxNm9tR01UWXdwTVktX0R5VU92RmJLdE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGdZlbVqyTHdJAD8BQ/J
Mm9CO6sMk21WvvQ8k6TWCDh5YBxkOnu0+lzWdq42EjSCqgj9MDRMEFIeVjk6hgGT
kjk9LtvpWjKM6Ss9Vg1Cbs35L+3EkTc1K/9dzLkitmWIgPUBazZ3a2ZJmjHHq1hD
FwxSLdtzm1rH89HG9f1eOFUqUC5EWjHCZCP+CCEGNzKFI2Qzi33ub1FQU3YGSHCq
dfoybd39SOblDA4QtgJ7Es9aCXF6eui+yemgKLiK2JQwctZ2H4AOF9+nKpSJ8npY
5hvYGybY9aQA4vprWhqVY8cNyvscta0mpyl365RI7hwsgzY0tu5T8Za9EJy4q53B
Y2c=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:00 2025 by rpki-client