Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hXDDu-dXMzfb6CEubnSHBFfzY_8.roa
File: hXDDu-dXMzfb6CEubnSHBFfzY_8.roa (raw, json)
Hash identifier: 3+2+VcN8nbjqis+34rHBjVh1xN11Av9U2f2oUylji5U=
Subject key identifier: 85:70:C3:BB:E7:57:33:37:DB:E8:21:2E:6E:74:87:04:57:F3:63:FF
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A974361B4C70984CB4A981FB765C69D4D
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hXDDu-dXMzfb6CEubnSHBFfzY_8.roa
Signing time: Fri 15 Sep 2023 05:14:50 +0000
ROA not before: Fri 15 Sep 2023 05:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:97:43:61:b4:c7:09:84:cb:4a:98:1f:b7:65:c6:9d:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 15 05:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8570c3bbe7573337dbe8212e6e74870457f363ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:25:0f:60:32:31:55:11:2b:4e:77:88:a0:a0:
46:2a:ac:4f:3e:b8:20:91:9c:69:97:52:7b:75:bf:
b7:c2:25:94:0a:ff:9a:ac:04:37:7a:dc:8b:82:e3:
23:c5:9f:70:3c:a8:23:b1:eb:7f:05:f5:f1:22:f8:
61:5f:71:d1:7d:9a:e4:b5:99:7c:c4:93:6d:0a:e6:
5a:0b:55:e0:58:c0:de:61:91:0a:43:6b:aa:60:e8:
bd:ac:3d:19:84:65:99:1e:36:d8:4f:f9:06:dc:42:
26:a0:f1:d2:f4:ed:49:e4:c4:2e:11:26:31:a1:fb:
05:b0:f7:77:71:d4:d0:77:a5:bd:05:ff:a6:47:3f:
cf:c3:9c:ae:81:63:be:30:98:e6:bb:51:dd:04:0d:
e2:52:b5:81:8d:b2:d0:60:63:3a:87:d4:45:1e:cb:
4f:ac:45:aa:09:07:63:b2:d8:b2:9b:af:d0:03:8e:
78:7b:c0:02:d9:80:ef:0e:64:f4:3c:4d:ab:64:89:
74:0d:19:3b:6e:f0:ad:6c:1c:6a:b3:79:af:5d:80:
ab:9f:55:90:13:e7:71:dd:33:67:51:c7:49:0b:13:
65:32:bb:b9:86:c7:d9:e4:2d:bd:1d:2b:7f:ef:85:
1c:e2:9c:00:08:80:72:8d:12:7a:a2:d5:a3:33:5c:
82:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:70:C3:BB:E7:57:33:37:DB:E8:21:2E:6E:74:87:04:57:F3:63:FF
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hXDDu-dXMzfb6CEubnSHBFfzY_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
92:84:83:c6:c6:55:e7:55:fe:9c:90:d9:ea:d6:49:ac:e2:0b:
d4:97:b9:50:67:3c:46:af:02:16:ba:d4:d6:e5:ae:69:32:cc:
76:be:07:6a:8e:af:59:a5:a4:7a:6f:26:1b:e3:05:7e:ec:b8:
cc:9e:53:83:27:69:4a:0a:9f:aa:74:fb:47:70:24:7b:d6:29:
76:67:3d:db:af:94:e2:db:b1:82:12:b7:b3:bb:75:69:6f:62:
47:0a:10:2b:cf:38:23:6d:54:80:76:80:b9:b2:ce:c9:2b:2b:
e9:c4:9e:8a:4a:26:6f:ae:cf:09:2f:93:2a:09:c5:8c:d5:94:
1f:4c:80:03:61:8d:e8:80:eb:f7:7b:6f:56:bc:43:b6:64:b5:
7c:d9:fd:99:53:4c:05:ed:d4:49:9c:e2:1b:6a:a2:d6:4a:71:
90:0a:c2:31:be:30:74:b8:5f:a0:6e:86:74:08:e3:9a:1a:38:
fb:0f:40:d8:a2:63:88:cd:1b:61:5b:40:56:5a:ac:98:60:5a:
75:2c:66:55:35:f5:1b:3e:ec:9f:99:36:4f:ee:bb:94:ff:ad:
c4:16:bf:5b:0b:9c:df:84:79:f2:15:c7:0a:96:d0:08:b3:b2:
64:f2:59:4e:a7:7c:f7:ac:d6:61:4f:9b:05:e6:98:fc:f2:7a:
55:53:24:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqXQ2G0xwmEy0qYH7dlxp1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE1MDUxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTcwYzNiYmU3NTczMzM3ZGJlODIxMmU2ZTc0ODcwNDU3ZjM2M2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCUPYDIxVRErTneIoKBGKqxPPrgg
kZxpl1J7db+3wiWUCv+arAQ3etyLguMjxZ9wPKgjset/BfXxIvhhX3HRfZrktZl8
xJNtCuZaC1XgWMDeYZEKQ2uqYOi9rD0ZhGWZHjbYT/kG3EImoPHS9O1J5MQuESYx
ofsFsPd3cdTQd6W9Bf+mRz/Pw5yugWO+MJjmu1HdBA3iUrWBjbLQYGM6h9RFHstP
rEWqCQdjstiym6/QA454e8AC2YDvDmT0PE2rZIl0DRk7bvCtbBxqs3mvXYCrn1WQ
E+dx3TNnUcdJCxNlMru5hsfZ5C29HSt/74Uc4pwACIByjRJ6otWjM1yCBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIVww7vnVzM32+ghLm50hwRX82P/MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaFhERHUtZFhNemZiNkNFdWJuU0hCRmZ6WV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJKEg8bGVedV/pyQ2erW
SaziC9SXuVBnPEavAha61NblrmkyzHa+B2qOr1mlpHpvJhvjBX7suMyeU4MnaUoK
n6p0+0dwJHvWKXZnPduvlOLbsYISt7O7dWlvYkcKECvPOCNtVIB2gLmyzskrK+nE
nopKJm+uzwkvkyoJxYzVlB9MgANhjeiA6/d7b1a8Q7ZktXzZ/ZlTTAXt1Emc4htq
otZKcZAKwjG+MHS4X6BuhnQI45oaOPsPQNiiY4jNG2FbQFZarJhgWnUsZlU19Rs+
7J+ZNk/uu5T/rcQWv1sLnN+EefIVxwqW0AizsmTyWU6nfPes1mFPmwXmmPzyelVT
JDM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:39 2025 by rpki-client