Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/k3LGcGRJhowIRBr7Aee26qDRkdg.roa
File: k3LGcGRJhowIRBr7Aee26qDRkdg.roa (raw, json)
Hash identifier: L6ChVPOVBGoMDUb/g12oRFNGnRGgPp3+ay55JLl4N4w=
Subject key identifier: 93:72:C6:70:64:49:86:8C:08:44:1A:FB:01:E7:B6:EA:A0:D1:91:D8
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6195893B41888347063E91E180AD1D6C
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/k3LGcGRJhowIRBr7Aee26qDRkdg.roa
Signing time: Mon 04 Sep 2023 19:05:04 +0000
ROA not before: Mon 04 Sep 2023 19:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:6194:cca7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:61:95:89:3b:41:88:83:47:06:3e:91:e1:80:ad:1d:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 19:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9372c6706449868c08441afb01e7b6eaa0d191d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f1:f5:dc:70:58:64:f6:28:0f:72:68:3d:6c:
13:8c:e6:10:a6:2e:2a:35:1e:55:f3:11:b9:cc:5f:
9e:d2:47:e7:eb:79:e4:f6:5f:9f:7e:12:85:82:e0:
18:f8:82:20:c4:08:c4:0e:8b:cc:77:a7:1f:08:6a:
cd:3c:84:26:82:3d:17:30:5a:1d:39:23:f4:e0:97:
cc:6a:94:80:3d:1b:0f:de:e5:83:5d:9f:35:f4:f3:
dd:c1:d2:ac:39:dd:8b:41:9e:27:3c:b4:04:ec:2c:
10:68:00:07:88:d1:5c:76:56:90:fb:0f:d1:66:cd:
ae:f7:f4:77:b0:a4:cc:c1:52:ef:40:17:d9:0b:0c:
19:97:d9:18:95:ce:f0:13:ef:37:e5:60:75:2b:d2:
84:22:ce:ec:cd:0d:15:04:cd:fd:11:e9:8a:88:ed:
a7:46:6c:cf:5f:1c:2a:79:c1:9a:ff:e1:b3:60:9e:
d5:29:bc:b0:3b:09:c2:54:a2:d6:51:e9:64:43:de:
b0:9b:3e:b4:cc:71:22:61:e7:bc:96:b2:83:dc:65:
0e:fc:bf:94:94:93:9b:a7:c2:6a:be:60:b5:0f:c3:
7e:c7:84:f2:6c:3e:ae:0c:72:8c:1c:99:6d:b5:64:
5f:77:0b:81:b0:6d:08:6e:51:fa:77:90:d2:81:9a:
54:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:72:C6:70:64:49:86:8C:08:44:1A:FB:01:E7:B6:EA:A0:D1:91:D8
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/k3LGcGRJhowIRBr7Aee26qDRkdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:19:81:44:20:d4:a6:9b:30:b1:65:1c:d7:e7:d5:21:b0:c5:
6b:07:60:49:00:39:d1:03:18:f7:03:69:06:4f:e8:24:83:d6:
6f:ab:a0:38:0e:d3:61:dd:fe:82:a4:ce:fc:a6:c8:4a:95:8a:
65:16:5c:23:b6:d1:1a:a0:bf:80:28:d9:f7:0b:c6:b6:57:9d:
e4:46:9c:60:9e:2b:49:78:95:47:d9:e0:42:fc:da:0d:e0:1b:
d6:4b:e6:81:fe:e1:08:b5:e8:67:8c:12:7d:aa:8b:3a:5d:78:
f9:5a:f2:b7:dc:fa:51:78:c3:e6:49:20:ca:d7:f3:05:ef:c5:
ef:c4:79:62:65:00:24:bb:ce:16:96:b1:02:1d:e5:b1:f1:07:
e7:26:eb:ad:f8:20:8c:69:70:c2:49:41:1f:6d:dd:13:cf:09:
d0:dd:05:d2:35:ca:f8:9b:62:06:16:8b:06:ac:8f:d3:3d:aa:
38:2b:fd:2f:1c:8a:10:30:0b:22:8d:38:ce:9a:a7:82:16:f0:
32:b8:b5:34:e9:9e:86:b1:6b:1f:5a:49:77:ee:82:ae:6f:27:
a5:02:8f:28:7e:0e:72:db:16:84:99:ed:08:d9:de:5d:74:1a:
91:3a:19:c0:99:41:0e:2b:e8:1e:4d:10:9e:bf:99:04:7d:8e:
7f:f6:05:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYphlYk7QYiDRwY+keGArR1sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MTkwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzcyYzY3MDY0NDk4NjhjMDg0NDFhZmIwMWU3YjZlYWEwZDE5MWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/H13HBYZPYoD3JoPWwTjOYQpi4q
NR5V8xG5zF+e0kfn63nk9l+ffhKFguAY+IIgxAjEDovMd6cfCGrNPIQmgj0XMFod
OSP04JfMapSAPRsP3uWDXZ819PPdwdKsOd2LQZ4nPLQE7CwQaAAHiNFcdlaQ+w/R
Zs2u9/R3sKTMwVLvQBfZCwwZl9kYlc7wE+835WB1K9KEIs7szQ0VBM39EemKiO2n
RmzPXxwqecGa/+GzYJ7VKbywOwnCVKLWUelkQ96wmz60zHEiYee8lrKD3GUO/L+U
lJObp8JqvmC1D8N+x4TybD6uDHKMHJlttWRfdwuBsG0IblH6d5DSgZpUIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJNyxnBkSYaMCEQa+wHntuqg0ZHYMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvazNMR2NHUkpob3dJUkJyN0FlZTI2cURSa2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHUZgUQg1KabMLFlHNfn
1SGwxWsHYEkAOdEDGPcDaQZP6CSD1m+roDgO02Hd/oKkzvymyEqVimUWXCO20Rqg
v4Ao2fcLxrZXneRGnGCeK0l4lUfZ4EL82g3gG9ZL5oH+4Qi16GeMEn2qizpdePla
8rfc+lF4w+ZJIMrX8wXvxe/EeWJlACS7zhaWsQId5bHxB+cm6634IIxpcMJJQR9t
3RPPCdDdBdI1yvibYgYWiwasj9M9qjgr/S8cihAwCyKNOM6ap4IW8DK4tTTpnoax
ax9aSXfugq5vJ6UCjyh+DnLbFoSZ7QjZ3l10GpE6GcCZQQ4r6B5NEJ6/mQR9jn/2
BeE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:32:13 2025 by rpki-client