Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/l1YGL3qUa2pvcGToQs9u5ZD17w4.roa
File: l1YGL3qUa2pvcGToQs9u5ZD17w4.roa (raw, json)
Hash identifier: zFJCAyfGIpoD3pkT4dUDscanYbanezSmULFDm8rw8pM=
Subject key identifier: 97:56:06:2F:7A:94:6B:6A:6F:70:64:E8:42:CF:6E:E5:90:F5:EF:0E
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A55915D19C799F240223BBFF90A859AB0
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/l1YGL3qUa2pvcGToQs9u5ZD17w4.roa
Signing time: Sat 02 Sep 2023 11:05:04 +0000
ROA not before: Sat 02 Sep 2023 11:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:5590:ae81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:55:91:5d:19:c7:99:f2:40:22:3b:bf:f9:0a:85:9a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 11:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9756062f7a946b6a6f7064e842cf6ee590f5ef0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:41:3d:70:c2:79:0b:97:f8:30:23:21:08:aa:
8e:89:7f:c1:5a:53:db:22:00:da:1b:7a:3a:de:7d:
c6:9d:c1:18:24:63:00:ad:6d:a1:0b:7a:ea:88:ad:
5f:99:9a:7e:5f:50:e5:9f:b1:12:50:10:f1:bd:50:
59:06:f3:8d:88:94:da:a9:2b:13:a3:dd:f8:c3:e5:
23:4b:ca:09:89:00:0d:a1:96:cb:63:43:d7:92:76:
38:10:33:df:52:8a:cb:db:32:a3:79:1c:d8:83:95:
d7:39:d1:62:0f:30:80:88:1e:fd:8a:55:ce:c8:04:
b6:88:58:ef:1d:92:aa:cc:3c:b1:97:26:c1:03:f1:
67:1c:ea:ee:73:ec:29:77:45:a4:f9:1e:d2:b1:68:
71:4b:50:a8:8c:d9:ba:74:66:ce:3b:7e:10:04:7c:
9b:4f:f3:8b:d0:e8:d6:1f:bf:10:bf:df:ce:35:b1:
c2:07:aa:96:ac:a7:aa:75:ed:e5:23:b2:d8:9c:e1:
94:4d:61:5d:e3:1b:47:2a:11:f9:8c:5b:cc:2f:f5:
03:d5:69:a1:c7:52:1f:87:66:96:fc:5f:f3:ba:86:
ba:5b:33:01:27:92:6c:e1:7d:3f:f7:2c:1e:4d:11:
07:e2:f9:e6:dc:8f:7c:2d:7b:bb:a9:95:7b:d2:96:
ef:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:56:06:2F:7A:94:6B:6A:6F:70:64:E8:42:CF:6E:E5:90:F5:EF:0E
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/l1YGL3qUa2pvcGToQs9u5ZD17w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:09:a0:28:51:d2:22:07:91:ad:05:7e:38:c4:65:b2:90:00:
b0:89:b4:62:a9:ac:ff:a2:51:7c:93:06:45:c1:05:a9:98:bc:
0b:57:5d:87:83:36:2d:d0:c1:3a:b6:05:a0:ab:55:3f:41:df:
9a:4e:60:3c:d9:6f:e3:88:c3:85:b8:a3:3d:e0:12:01:b5:e1:
3d:a8:6d:95:cf:17:0d:6b:5d:42:9c:02:09:a0:d9:3d:10:65:
99:e4:01:b9:7e:e4:9f:54:32:70:a8:15:ce:dc:b6:ab:cc:34:
9c:b2:95:99:e1:78:15:e1:29:c1:5a:d3:84:a8:ba:5f:6d:f4:
35:ed:df:b0:a3:d8:f4:e4:a7:32:35:6d:ad:7b:41:97:48:ab:
d5:f0:52:43:0e:94:63:1d:dc:ea:11:40:9d:bd:f5:0a:c1:7c:
32:10:aa:a5:46:41:c8:48:58:0b:fb:ca:93:e5:6f:ea:59:72:
9e:0e:92:2b:e1:6a:e5:a2:b8:fe:b7:87:96:4d:dc:74:3f:3c:
1b:c3:1e:2e:21:5c:d9:37:2b:ea:13:c5:e3:64:c8:7a:57:d9:
60:0c:29:53:41:5c:9b:b2:24:b0:fd:78:fd:81:08:25:e9:b4:
b3:90:fc:a2:0a:20:38:02:74:cf:d8:5f:c7:23:7c:c6:86:c0:
90:b4:71:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpVkV0Zx5nyQCI7v/kKhZqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMTEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzU2MDYyZjdhOTQ2YjZhNmY3MDY0ZTg0MmNmNmVlNTkwZjVlZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUE9cMJ5C5f4MCMhCKqOiX/BWlPb
IgDaG3o63n3GncEYJGMArW2hC3rqiK1fmZp+X1Dln7ESUBDxvVBZBvONiJTaqSsT
o934w+UjS8oJiQANoZbLY0PXknY4EDPfUorL2zKjeRzYg5XXOdFiDzCAiB79ilXO
yAS2iFjvHZKqzDyxlybBA/FnHOruc+wpd0Wk+R7SsWhxS1CojNm6dGbOO34QBHyb
T/OL0OjWH78Qv9/ONbHCB6qWrKeqde3lI7LYnOGUTWFd4xtHKhH5jFvML/UD1Wmh
x1Ifh2aW/F/zuoa6WzMBJ5Js4X0/9yweTREH4vnm3I98LXu7qZV70pbvlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJdWBi96lGtqb3Bk6ELPbuWQ9e8OMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvbDFZR0wzcVVhMnB2Y0dUb1FzOXU1WkQxN3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADcJoChR0iIHka0FfjjE
ZbKQALCJtGKprP+iUXyTBkXBBamYvAtXXYeDNi3QwTq2BaCrVT9B35pOYDzZb+OI
w4W4oz3gEgG14T2obZXPFw1rXUKcAgmg2T0QZZnkAbl+5J9UMnCoFc7ctqvMNJyy
lZnheBXhKcFa04Soul9t9DXt37Cj2PTkpzI1ba17QZdIq9XwUkMOlGMd3OoRQJ29
9QrBfDIQqqVGQchIWAv7ypPlb+pZcp4OkivhauWiuP63h5ZN3HQ/PBvDHi4hXNk3
K+oTxeNkyHpX2WAMKVNBXJuyJLD9eP2BCCXptLOQ/KIKIDgCdM/YX8cjfMaGwJC0
cVw=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:01:02 2025 by rpki-client