Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iPVEC94zLkNJ-uh9Y8Gews9Y5Z4.roa
File: iPVEC94zLkNJ-uh9Y8Gews9Y5Z4.roa (raw, json)
Hash identifier: C5MiN2J8JsuPJHjvFK1MVnsANTq2ecNfYObP66Um7vw=
Subject key identifier: 88:F5:44:0B:DE:33:2E:43:49:FA:E8:7D:63:C1:9E:C2:CF:58:E5:9E
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A51C512CBE9A2BDA390EA5B470EC703BF
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iPVEC94zLkNJ-uh9Y8Gews9Y5Z4.roa
Signing time: Fri 01 Sep 2023 17:23:04 +0000
ROA not before: Fri 01 Sep 2023 17:23:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:51:c5:12:cb:e9:a2:bd:a3:90:ea:5b:47:0e:c7:03:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 17:23:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88f5440bde332e4349fae87d63c19ec2cf58e59e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fe:01:83:0c:04:d9:6f:09:35:c9:58:e4:54:
ee:ee:24:83:92:dc:3b:d2:07:00:04:96:2f:40:94:
6f:71:9a:53:58:6e:a4:d9:3f:74:31:81:13:f7:42:
fd:78:09:d7:cd:0b:11:c3:7a:b8:fb:56:75:a4:a4:
e8:6e:40:dd:26:d4:88:5e:51:7c:d0:3e:79:b3:03:
af:f1:0a:c0:55:80:b2:37:62:86:d4:28:dc:bd:99:
c1:60:25:5a:85:d8:7b:9a:c5:ee:b7:11:0e:37:e7:
a9:95:ab:dd:fe:9a:e6:83:67:53:61:c3:80:9d:0b:
5e:be:95:69:7a:63:f4:c5:4e:c0:83:df:24:af:b1:
55:ca:08:1e:72:1c:13:1e:d9:97:63:46:4c:bc:b7:
7b:21:4a:0a:4f:4b:35:d3:fb:9f:59:da:f2:46:99:
7c:61:56:37:db:5a:fb:2c:4d:64:60:9c:b7:2d:a7:
4c:10:81:d1:0a:b9:aa:b4:9b:c5:04:2a:ee:0c:21:
1a:f0:49:16:6f:df:75:d0:f2:98:c6:e5:43:3c:0d:
cf:a7:9a:f6:65:d7:f4:d5:cb:02:31:37:3b:13:91:
78:f6:b3:3f:01:ed:c6:32:85:2b:8d:92:da:23:58:
9f:12:1b:24:8a:fe:6b:37:cb:76:38:84:80:32:63:
b2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F5:44:0B:DE:33:2E:43:49:FA:E8:7D:63:C1:9E:C2:CF:58:E5:9E
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iPVEC94zLkNJ-uh9Y8Gews9Y5Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:e0:9f:c3:04:83:ab:3c:ef:8e:c9:aa:33:98:6a:3c:18:84:
0e:f0:5e:c8:8c:31:37:31:62:d3:f8:42:c2:47:e4:e1:7a:0c:
e9:be:07:11:03:c3:2f:ee:85:0c:09:2d:d9:3e:38:02:f9:a8:
6b:2f:34:28:bd:83:6d:74:c0:ba:65:14:2c:60:37:ba:36:4a:
ce:c6:d5:94:c6:d3:f2:31:2f:8d:9b:d7:1b:5a:dc:c8:4b:29:
05:eb:44:e1:dc:05:52:82:bf:a0:9d:6e:92:70:a9:35:c5:ac:
16:5c:46:8a:3a:51:d3:7d:41:71:7f:dc:78:ba:41:32:33:4d:
bf:28:cf:a7:53:d4:77:ac:96:6b:b2:8c:6e:b6:2a:b4:27:67:
9f:c4:30:17:ca:c3:7c:dd:a6:08:7b:4b:9e:a1:31:ff:28:f7:
85:05:3a:86:00:0a:e0:e0:54:e9:14:6e:3b:50:40:f8:d8:9f:
61:68:e0:ad:d5:53:ef:5c:a7:f2:7b:f7:fd:c5:62:bc:71:9f:
38:cd:ed:6d:35:24:5d:ab:53:a4:b6:fb:7d:4e:a5:a7:62:f6:
41:e5:c4:c6:42:d2:d9:01:6b:c2:e1:b5:86:64:ce:ba:16:e0:
d6:ae:44:a1:8d:58:a6:67:6e:ed:8d:0d:a8:8b:ce:81:0c:09:
50:15:86:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpRxRLL6aK9o5DqW0cOxwO/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMTcyMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGY1NDQwYmRlMzMyZTQzNDlmYWU4N2Q2M2MxOWVjMmNmNThlNTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf4BgwwE2W8JNclY5FTu7iSDktw7
0gcABJYvQJRvcZpTWG6k2T90MYET90L9eAnXzQsRw3q4+1Z1pKTobkDdJtSIXlF8
0D55swOv8QrAVYCyN2KG1CjcvZnBYCVahdh7msXutxEON+eplavd/prmg2dTYcOA
nQtevpVpemP0xU7Ag98kr7FVyggechwTHtmXY0ZMvLd7IUoKT0s10/ufWdryRpl8
YVY321r7LE1kYJy3LadMEIHRCrmqtJvFBCruDCEa8EkWb9910PKYxuVDPA3Pp5r2
Zdf01csCMTc7E5F49rM/Ae3GMoUrjZLaI1ifEhskiv5rN8t2OISAMmOy5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIj1RAveMy5DSfrofWPBnsLPWOWeMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaVBWRUM5NHpMa05KLXVoOVk4R2V3czlZNVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEPgn8MEg6s8747JqjOY
ajwYhA7wXsiMMTcxYtP4QsJH5OF6DOm+BxEDwy/uhQwJLdk+OAL5qGsvNCi9g210
wLplFCxgN7o2Ss7G1ZTG0/IxL42b1xta3MhLKQXrROHcBVKCv6CdbpJwqTXFrBZc
Roo6UdN9QXF/3Hi6QTIzTb8oz6dT1HeslmuyjG62KrQnZ5/EMBfKw3zdpgh7S56h
Mf8o94UFOoYACuDgVOkUbjtQQPjYn2Fo4K3VU+9cp/J79/3FYrxxnzjN7W01JF2r
U6S2+31Opadi9kHlxMZC0tkBa8LhtYZkzroW4NauRKGNWKZnbu2NDaiLzoEMCVAV
hjM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:12 2025 by rpki-client