Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/k5MzQgNlQWfyQHeUzL6fgRJYIpQ.roa
File: k5MzQgNlQWfyQHeUzL6fgRJYIpQ.roa (raw, json)
Hash identifier: wVTCm7nuP9jwsw3Nwav36dCIS06RMgUqVnkU+kqGEpw=
Subject key identifier: 93:93:33:42:03:65:41:67:F2:40:77:94:CC:BE:9F:81:12:58:22:94
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7F393D60033B9DDB2785830E46B75593
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/k5MzQgNlQWfyQHeUzL6fgRJYIpQ.roa
Signing time: Sun 10 Sep 2023 13:12:52 +0000
ROA not before: Sun 10 Sep 2023 13:12:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7f:39:3d:60:03:3b:9d:db:27:85:83:0e:46:b7:55:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 10 13:12:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9393334203654167f2407794ccbe9f8112582294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ee:d7:3c:f5:59:23:32:4b:a4:08:b1:20:d9:
dd:cc:54:81:0a:2c:24:d4:15:42:b1:0a:ac:76:ff:
b7:c4:f9:07:84:44:78:df:25:79:19:ba:c0:de:7c:
ee:93:c5:d7:06:48:08:76:78:0f:6d:1a:ff:41:db:
7b:96:82:9f:ca:8d:e8:09:0d:fd:08:fc:73:11:8d:
4d:13:e2:49:f0:8e:ae:84:51:22:1c:be:6d:18:55:
3c:d4:e9:a9:90:e2:46:d4:df:75:63:79:ee:02:6e:
df:ef:d5:10:9f:12:7e:e8:41:22:d1:7a:6f:bd:d3:
80:11:f9:ad:41:e1:94:3d:5a:76:ed:36:73:c0:fe:
31:8a:3f:35:06:fb:53:a3:00:a4:d4:20:91:54:0f:
d7:8c:aa:c4:5e:21:33:73:a7:a3:a7:73:48:92:f9:
e4:2d:a4:5d:10:a1:a3:60:15:d9:49:29:43:fb:c4:
da:aa:14:83:b1:4b:dc:d1:5d:93:f2:9a:48:77:2b:
f8:d7:ab:09:3c:4d:4f:2d:d3:e4:79:18:42:89:e8:
5a:a9:52:79:69:7f:11:c6:ec:42:da:91:54:5e:d0:
50:9f:c6:93:5e:6b:dc:d8:eb:72:2a:3b:d1:3c:a1:
ab:3b:83:f6:3b:48:2d:2a:ed:8a:3a:5d:a0:08:2c:
38:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:93:33:42:03:65:41:67:F2:40:77:94:CC:BE:9F:81:12:58:22:94
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/k5MzQgNlQWfyQHeUzL6fgRJYIpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:96:d8:ec:ff:1a:38:0b:b8:c9:6c:bc:ad:c7:b8:97:d0:f3:
08:aa:72:ce:47:95:56:dd:1b:07:3e:f1:92:91:40:2b:8a:83:
1e:29:9f:a7:47:b5:8e:61:44:66:4d:10:19:95:7e:9a:0c:41:
fb:3f:f9:b2:e9:50:98:9b:9a:fe:89:0b:9e:0a:c9:03:bd:c6:
2a:c5:a0:14:ca:f4:38:ff:df:42:38:fc:4e:0b:ea:76:99:be:
58:cb:46:e9:5f:ba:1c:aa:3d:23:be:bd:4b:95:fd:de:a8:a6:
f5:34:dd:e2:97:56:0b:22:88:80:7e:f4:e1:90:2b:40:6c:b9:
97:df:54:d9:45:34:1b:9d:73:17:fb:60:d5:3c:59:6f:a2:48:
8c:f3:52:ed:d0:69:94:d9:b0:9f:b8:4f:2b:ba:71:71:7d:90:
fb:1a:7c:ad:61:b8:25:82:91:a3:fa:0d:dd:f9:3d:eb:3c:d3:
50:0c:b4:88:a2:a7:a1:9f:2b:5a:a4:99:89:58:f9:52:cd:65:
83:09:b4:81:5a:ce:9d:99:eb:29:0e:33:f4:91:f8:89:2e:2a:
c0:6e:0e:cf:6b:b3:9d:e2:52:16:a2:73:cc:00:8f:5b:44:bd:
42:ac:7a:67:64:19:0d:2c:5d:d7:27:bb:42:6e:26:8c:b0:35:
d9:32:86:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp/OT1gAzud2yeFgw5Gt1WTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEwMTMxMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzkzMzM0MjAzNjU0MTY3ZjI0MDc3OTRjY2JlOWY4MTEyNTgyMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO7XPPVZIzJLpAixINndzFSBCiwk
1BVCsQqsdv+3xPkHhER43yV5GbrA3nzuk8XXBkgIdngPbRr/Qdt7loKfyo3oCQ39
CPxzEY1NE+JJ8I6uhFEiHL5tGFU81OmpkOJG1N91Y3nuAm7f79UQnxJ+6EEi0Xpv
vdOAEfmtQeGUPVp27TZzwP4xij81BvtTowCk1CCRVA/XjKrEXiEzc6ejp3NIkvnk
LaRdEKGjYBXZSSlD+8TaqhSDsUvc0V2T8ppIdyv416sJPE1PLdPkeRhCiehaqVJ5
aX8RxuxC2pFUXtBQn8aTXmvc2OtyKjvRPKGrO4P2O0gtKu2KOl2gCCw4VQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJOTM0IDZUFn8kB3lMy+n4ESWCKUMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvazVNelFnTmxRV2Z5UUhlVXpMNmZnUkpZSXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG+W2Oz/GjgLuMlsvK3H
uJfQ8wiqcs5HlVbdGwc+8ZKRQCuKgx4pn6dHtY5hRGZNEBmVfpoMQfs/+bLpUJib
mv6JC54KyQO9xirFoBTK9Dj/30I4/E4L6naZvljLRulfuhyqPSO+vUuV/d6opvU0
3eKXVgsiiIB+9OGQK0BsuZffVNlFNBudcxf7YNU8WW+iSIzzUu3QaZTZsJ+4Tyu6
cXF9kPsafK1huCWCkaP6Dd35Pes801AMtIiip6GfK1qkmYlY+VLNZYMJtIFazp2Z
6ykOM/SR+IkuKsBuDs9rs53iUhaic8wAj1tEvUKsemdkGQ0sXdcnu0JuJoywNdky
hpQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:11 2025 by rpki-client