Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/jjtDrgdR-IYqHwCLdX5sHDwoq5E.roa
File: jjtDrgdR-IYqHwCLdX5sHDwoq5E.roa (raw, json)
Hash identifier: WHehmWXM/sh6fdcQ50ruXAliOGRCE/LUTisFGIDnr7U=
Subject key identifier: 8E:3B:43:AE:07:51:F8:86:2A:1F:00:8B:75:7E:6C:1C:3C:28:AB:91
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A487A88C39ECCAAC58796DBED93E8B5B5
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/jjtDrgdR-IYqHwCLdX5sHDwoq5E.roa
Signing time: Wed 30 Aug 2023 22:05:04 +0000
ROA not before: Wed 30 Aug 2023 22:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:4879:dca5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:48:7a:88:c3:9e:cc:aa:c5:87:96:db:ed:93:e8:b5:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 22:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e3b43ae0751f8862a1f008b757e6c1c3c28ab91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:85:9c:56:ce:d8:9d:8e:c6:36:03:ce:76:ee:
66:e7:89:55:40:33:cf:58:f1:8d:eb:ad:d1:ad:32:
06:71:78:3b:13:b6:f5:2a:23:c1:46:0b:54:a8:e4:
60:08:1b:41:6c:e3:8d:ce:b6:9e:86:4c:18:e5:fc:
b4:99:83:59:43:09:a6:f6:f4:8c:2b:8a:b9:3d:8a:
eb:98:7b:c4:4e:6d:e2:1a:3e:01:b5:7a:8a:88:72:
93:e6:52:7a:41:4b:e1:d8:8d:8c:26:82:7f:b6:92:
a5:eb:6b:e3:25:82:72:a9:3c:ff:95:06:b2:c2:7a:
14:a2:27:8f:fa:a4:bc:db:bb:65:c2:ef:58:02:18:
a9:29:56:94:37:13:99:e9:14:12:45:6d:ff:40:1a:
3f:94:09:4c:16:11:73:85:3c:d8:6a:32:8c:8f:4e:
c0:7d:3a:18:7b:2d:a7:00:6a:ed:cd:a8:bf:93:e3:
7d:7a:d7:e4:07:42:34:ce:04:3a:df:d4:4e:77:b2:
ea:f1:61:8c:d0:eb:66:a3:ff:ef:16:3f:0b:1d:0a:
9d:bb:b4:87:df:c0:74:f9:9a:a5:cf:ec:c2:c1:0e:
50:8d:a9:3d:cb:6b:7a:42:cf:43:25:c2:5a:70:2f:
98:92:c1:10:d0:9e:21:64:95:6a:49:88:df:f9:8f:
24:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:3B:43:AE:07:51:F8:86:2A:1F:00:8B:75:7E:6C:1C:3C:28:AB:91
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/jjtDrgdR-IYqHwCLdX5sHDwoq5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:82:5b:ce:e8:93:30:4a:a1:b5:a5:d4:41:ef:ad:48:3f:3a:
b5:43:18:ea:d1:23:97:53:b5:23:5c:88:f9:53:49:6c:18:35:
9b:c1:ab:ef:d8:16:41:23:75:ec:9f:18:02:20:ee:96:2a:cc:
e6:77:c0:20:2b:b3:d1:fe:4d:f4:22:ac:b2:61:b6:ba:99:33:
92:5c:f9:ca:4c:47:67:1a:74:14:df:2c:67:9d:b5:8c:20:e5:
0f:62:ce:dd:7c:28:22:a6:ff:cb:9e:bf:22:e7:f3:9e:e1:85:
2c:4f:23:67:9c:f6:10:8d:39:d0:bb:37:d2:df:af:84:a8:92:
ee:b2:80:37:7d:fa:30:a6:ff:c7:c2:7c:af:f9:cd:ee:14:b3:
7a:f3:80:bc:6e:8f:7d:ef:84:67:5f:f9:80:7b:ba:60:ec:0d:
34:e8:3a:94:44:8a:08:e0:32:48:57:b1:ea:52:e7:89:72:66:
bb:fd:f1:28:ef:d3:4c:34:9e:f0:28:f6:e9:94:6e:d1:58:a5:
e9:ac:52:5a:9a:b4:12:71:b2:40:be:b0:28:9a:e2:df:32:0a:
31:84:99:c4:6c:9e:e2:d6:74:83:31:13:5f:06:fc:d2:cb:24:
34:80:3d:5f:d1:91:c9:bf:95:25:0d:43:73:5a:6b:35:99:d9:
97:cb:57:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpIeojDnsyqxYeW2+2T6LW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMjIwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTNiNDNhZTA3NTFmODg2MmExZjAwOGI3NTdlNmMxYzNjMjhhYjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4WcVs7YnY7GNgPOdu5m54lVQDPP
WPGN663RrTIGcXg7E7b1KiPBRgtUqORgCBtBbOONzraehkwY5fy0mYNZQwmm9vSM
K4q5PYrrmHvETm3iGj4BtXqKiHKT5lJ6QUvh2I2MJoJ/tpKl62vjJYJyqTz/lQay
wnoUoieP+qS827tlwu9YAhipKVaUNxOZ6RQSRW3/QBo/lAlMFhFzhTzYajKMj07A
fToYey2nAGrtzai/k+N9etfkB0I0zgQ639ROd7Lq8WGM0Otmo//vFj8LHQqdu7SH
38B0+Zqlz+zCwQ5Qjak9y2t6Qs9DJcJacC+YksEQ0J4hZJVqSYjf+Y8kPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI47Q64HUfiGKh8Ai3V+bBw8KKuRMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvamp0RHJnZFItSVlxSHdDTGRYNXNIRHdvcTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEmCW87okzBKobWl1EHv
rUg/OrVDGOrRI5dTtSNciPlTSWwYNZvBq+/YFkEjdeyfGAIg7pYqzOZ3wCArs9H+
TfQirLJhtrqZM5Jc+cpMR2cadBTfLGedtYwg5Q9izt18KCKm/8uevyLn857hhSxP
I2ec9hCNOdC7N9Lfr4Soku6ygDd9+jCm/8fCfK/5ze4Us3rzgLxuj33vhGdf+YB7
umDsDTToOpREigjgMkhXsepS54lyZrv98Sjv00w0nvAo9umUbtFYpemsUlqatBJx
skC+sCia4t8yCjGEmcRsnuLWdIMxE18G/NLLJDSAPV/Rkcm/lSUNQ3NaazWZ2ZfL
V8w=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:09 2025 by rpki-client