Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/jbH9suwgWrgUJHISwWYOKOOWQIU.roa
File: jbH9suwgWrgUJHISwWYOKOOWQIU.roa (raw, json)
Hash identifier: mfW1mryP0gJ0LV938Cbv0ggiyGVw5RI6xK7e1cAwsEs=
Subject key identifier: 8D:B1:FD:B2:EC:20:5A:B8:14:24:72:12:C1:66:0E:28:E3:96:40:85
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A55313BE4E5B5418979B2D8CFFF109926
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/jbH9suwgWrgUJHISwWYOKOOWQIU.roa
Signing time: Sat 02 Sep 2023 09:20:04 +0000
ROA not before: Sat 02 Sep 2023 09:20:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:55:31:3b:e4:e5:b5:41:89:79:b2:d8:cf:ff:10:99:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 09:20:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8db1fdb2ec205ab814247212c1660e28e3964085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:cc:c9:93:4b:53:aa:65:96:c0:c4:7e:25:a2:
3a:a4:d5:16:d7:46:d6:96:16:1f:93:56:92:1b:63:
bb:17:f5:22:2c:70:63:29:cd:a7:f5:8b:62:29:d3:
0b:06:c2:f3:3d:2f:09:62:e8:76:54:10:6f:67:fd:
f9:e1:62:a7:68:ea:7f:cc:25:f4:c9:42:ed:56:21:
9c:1b:85:ee:05:97:04:eb:db:50:7f:7a:6e:94:71:
08:d0:4c:bb:ac:dc:1c:02:4f:9f:70:95:ca:8c:8e:
f0:2c:a7:8c:35:63:65:f8:26:17:46:7d:25:ac:1a:
01:a8:ea:33:db:fe:d1:d1:08:3d:cc:5b:1b:3c:de:
7f:01:c9:51:0f:38:27:34:6b:c6:d5:1a:21:fd:9f:
f7:d8:b3:c2:fa:7a:a8:31:fd:b1:39:91:9f:b6:22:
58:ee:44:5e:f6:c9:82:e7:95:73:33:a0:73:a4:bf:
58:cd:88:5a:26:cf:8d:b4:6f:05:2a:c8:98:09:56:
a0:11:c7:0a:4a:ea:21:65:7a:75:60:29:67:61:85:
a7:2e:ca:09:02:7b:4c:07:03:ae:1c:cb:0e:59:fd:
36:d5:34:cb:ad:92:20:24:b4:63:18:ff:44:e1:10:
30:d8:92:42:09:34:bd:c7:ea:cb:f0:6b:17:7b:73:
5c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B1:FD:B2:EC:20:5A:B8:14:24:72:12:C1:66:0E:28:E3:96:40:85
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/jbH9suwgWrgUJHISwWYOKOOWQIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:53:d4:eb:b0:12:5a:16:90:25:90:65:67:db:60:71:65:e6:
15:c7:49:c3:14:d8:2f:dd:a0:0f:ed:47:c1:1e:72:b3:a5:b8:
6c:3e:93:9a:a7:2a:0e:97:b1:e4:24:05:fc:77:32:a6:a1:37:
57:2a:07:35:bb:6f:c7:38:14:80:5c:2d:d6:43:77:63:9a:25:
23:7e:63:35:4c:78:ad:04:1d:3f:3b:7a:5a:17:36:22:8c:c8:
2b:94:64:16:09:4d:86:9a:f9:0a:1d:6b:c7:96:dc:4b:6d:ea:
08:b8:bb:09:e7:bf:37:94:9c:1e:e9:b8:9e:8b:e6:ed:ec:6e:
49:34:18:80:cc:e1:96:0e:0b:6f:20:99:e8:ce:65:1a:11:ce:
df:5c:dd:26:b7:3e:ef:cb:9c:0d:ad:19:33:c9:de:0d:ca:ef:
99:fa:21:92:6a:db:4a:e7:58:c2:79:37:ba:62:09:82:96:88:
86:b4:07:2f:f5:57:d0:e4:42:de:ec:d7:93:7d:7a:2b:94:4a:
73:00:93:47:89:f8:2d:d5:22:93:e4:bb:6b:52:56:1c:20:34:
73:ed:dd:f5:78:c8:a3:3e:b7:76:41:6a:2d:26:e8:81:0f:69:
85:be:22:46:29:f1:f5:9f:de:44:9f:e4:ce:50:9b:5f:77:32:
9e:c4:13:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpVMTvk5bVBiXmy2M//EJkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMDkyMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGIxZmRiMmVjMjA1YWI4MTQyNDcyMTJjMTY2MGUyOGUzOTY0MDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1czJk0tTqmWWwMR+JaI6pNUW10bW
lhYfk1aSG2O7F/UiLHBjKc2n9YtiKdMLBsLzPS8JYuh2VBBvZ/354WKnaOp/zCX0
yULtViGcG4XuBZcE69tQf3pulHEI0Ey7rNwcAk+fcJXKjI7wLKeMNWNl+CYXRn0l
rBoBqOoz2/7R0Qg9zFsbPN5/AclRDzgnNGvG1Roh/Z/32LPC+nqoMf2xOZGftiJY
7kRe9smC55VzM6BzpL9YzYhaJs+NtG8FKsiYCVagEccKSuohZXp1YClnYYWnLsoJ
AntMBwOuHMsOWf021TTLrZIgJLRjGP9E4RAw2JJCCTS9x+rL8GsXe3NclwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI2x/bLsIFq4FCRyEsFmDijjlkCFMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvamJIOXN1d2dXcmdVSkhJU3dXWU9LT09XUUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGtT1OuwEloWkCWQZWfb
YHFl5hXHScMU2C/doA/tR8EecrOluGw+k5qnKg6XseQkBfx3MqahN1cqBzW7b8c4
FIBcLdZDd2OaJSN+YzVMeK0EHT87eloXNiKMyCuUZBYJTYaa+Qoda8eW3Ett6gi4
uwnnvzeUnB7puJ6L5u3sbkk0GIDM4ZYOC28gmejOZRoRzt9c3Sa3Pu/LnA2tGTPJ
3g3K75n6IZJq20rnWMJ5N7piCYKWiIa0By/1V9DkQt7s15N9eiuUSnMAk0eJ+C3V
IpPku2tSVhwgNHPt3fV4yKM+t3ZBai0m6IEPaYW+IkYp8fWf3kSf5M5Qm193Mp7E
E+c=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:55:58 2025 by rpki-client