Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hhQ9_YGyBAx-OTJW4Neb1cr0T3M.roa
File: hhQ9_YGyBAx-OTJW4Neb1cr0T3M.roa (raw, json)
Hash identifier: Nf0DYL2zDjUxf4VCwKfeglwKp48b0AbT7mKkgHJAqHc=
Subject key identifier: 86:14:3D:FD:81:B2:04:0C:7E:39:32:56:E0:D7:9B:D5:CA:F4:4F:73
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8232F570EA40DD9C55FDE4000F9AD00A
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hhQ9_YGyBAx-OTJW4Neb1cr0T3M.roa
Signing time: Mon 11 Sep 2023 03:04:52 +0000
ROA not before: Mon 11 Sep 2023 03:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:8232:d7cf/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:82:32:f5:70:ea:40:dd:9c:55:fd:e4:00:0f:9a:d0:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 03:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86143dfd81b2040c7e393256e0d79bd5caf44f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d1:19:0e:db:74:a1:e6:00:ec:46:48:6e:12:
7b:4b:a3:1e:3d:3c:2b:71:07:f2:29:f6:e9:03:c7:
e1:db:cb:ba:3d:ab:fa:e4:50:9b:8c:ee:1b:f1:42:
81:a4:6b:5e:2d:bb:0c:f5:aa:26:13:4c:8a:46:ea:
3f:65:71:43:d9:65:ae:c0:7f:32:77:99:7b:ef:ba:
58:a7:87:56:d1:26:f8:82:88:af:ef:b3:df:00:83:
3a:7e:a7:5b:59:7f:c4:53:9b:fc:ce:8c:ae:8b:93:
8c:88:96:92:18:a4:ae:3b:c1:d9:1f:6a:10:d1:5c:
f9:0f:30:5d:77:d1:7e:75:13:f4:75:af:34:d3:1c:
5b:35:63:36:e5:30:56:12:4d:f0:51:9c:d8:26:18:
ee:13:06:0f:00:af:05:31:ed:5e:48:b9:18:e8:d4:
05:48:a5:30:0e:42:e1:ab:35:1a:4a:2a:e3:37:52:
45:ac:bf:dc:dc:59:cf:d1:06:b2:3a:96:0d:4e:2f:
dc:39:b1:53:7c:40:18:df:17:e0:a8:e9:62:d2:96:
6b:e6:f2:fb:30:cd:ac:73:57:9f:9e:2d:b8:1f:2d:
12:55:16:0e:66:e9:3c:06:0a:be:b7:00:51:1a:2d:
8a:a5:be:6d:5a:67:71:94:a1:5f:cc:f7:c7:28:05:
8e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:14:3D:FD:81:B2:04:0C:7E:39:32:56:E0:D7:9B:D5:CA:F4:4F:73
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hhQ9_YGyBAx-OTJW4Neb1cr0T3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:a5:57:1a:0c:df:4b:93:60:89:21:2f:bc:ab:fc:85:d3:7b:
a1:9f:1e:4b:1f:b7:ba:94:3f:8f:2f:10:cf:78:5c:e3:4e:90:
75:8b:e0:b8:80:32:1f:dc:44:fa:c3:23:b8:d4:7f:5b:6e:e6:
4a:5b:54:72:90:5d:1b:86:a5:3e:8e:57:7a:43:3a:76:12:4b:
15:d9:f6:27:5a:7d:26:bb:09:8b:36:8a:99:a3:28:9d:7b:6b:
0e:96:55:70:19:a6:80:d4:aa:d4:8e:aa:33:87:72:7d:04:0e:
fd:d6:82:88:2b:e4:a5:d3:f9:98:11:c3:32:d6:47:e5:9f:0d:
38:7b:03:64:94:9f:fa:85:21:55:0d:3e:c9:f3:a2:ed:07:63:
d7:2f:80:69:94:99:98:a2:32:2c:6f:6d:73:86:cc:d8:0a:38:
05:02:96:8d:2c:a1:b9:c3:37:97:d0:f0:67:a8:dc:af:cc:83:
8f:ad:d4:8d:32:48:4b:d5:83:2b:6e:20:da:f6:ac:5a:cc:bf:
f5:91:1f:bd:07:71:45:f4:4b:23:e9:4c:fd:ff:2f:5e:a4:68:
ba:28:fc:a8:7f:3d:f8:87:a7:6e:08:f4:c4:f8:2d:09:23:c3:
24:54:18:22:9a:cc:be:11:e6:39:2f:77:6b:19:92:0a:81:5a:
b1:4b:eb:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqCMvVw6kDdnFX95AAPmtAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMDMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjE0M2RmZDgxYjIwNDBjN2UzOTMyNTZlMGQ3OWJkNWNhZjQ0ZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdEZDtt0oeYA7EZIbhJ7S6MePTwr
cQfyKfbpA8fh28u6Pav65FCbjO4b8UKBpGteLbsM9aomE0yKRuo/ZXFD2WWuwH8y
d5l777pYp4dW0Sb4goiv77PfAIM6fqdbWX/EU5v8zoyui5OMiJaSGKSuO8HZH2oQ
0Vz5DzBdd9F+dRP0da800xxbNWM25TBWEk3wUZzYJhjuEwYPAK8FMe1eSLkY6NQF
SKUwDkLhqzUaSirjN1JFrL/c3FnP0QayOpYNTi/cObFTfEAY3xfgqOli0pZr5vL7
MM2sc1efni24Hy0SVRYOZuk8Bgq+twBRGi2Kpb5tWmdxlKFfzPfHKAWOnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIYUPf2BsgQMfjkyVuDXm9XK9E9zMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaGhROV9ZR3lCQXgtT1RKVzROZWIxY3IwVDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEalVxoM30uTYIkhL7yr
/IXTe6GfHksft7qUP48vEM94XONOkHWL4LiAMh/cRPrDI7jUf1tu5kpbVHKQXRuG
pT6OV3pDOnYSSxXZ9idafSa7CYs2ipmjKJ17aw6WVXAZpoDUqtSOqjOHcn0EDv3W
gogr5KXT+ZgRwzLWR+WfDTh7A2SUn/qFIVUNPsnzou0HY9cvgGmUmZiiMixvbXOG
zNgKOAUClo0sobnDN5fQ8Geo3K/Mg4+t1I0ySEvVgytuINr2rFrMv/WRH70HcUX0
SyPpTP3/L16kaLoo/Kh/PfiHp24I9MT4LQkjwyRUGCKazL4R5jkvd2sZkgqBWrFL
61A=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:21 2025 by rpki-client