Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/lpOWzoOUoB52c6wF1MD3rjRhVOM.roa
File: lpOWzoOUoB52c6wF1MD3rjRhVOM.roa (raw, json)
Hash identifier: qeFB3BEDxyP3X7qKZ4nIYMDSl+j4xQeoxHkt41Y7axw=
Subject key identifier: 96:93:96:CE:83:94:A0:1E:76:73:AC:05:D4:C0:F7:AE:34:61:54:E3
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA487FCE3D4F7F2B8747F53D746C1BB73
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/lpOWzoOUoB52c6wF1MD3rjRhVOM.roa
Signing time: Sun 17 Sep 2023 19:04:50 +0000
ROA not before: Sun 17 Sep 2023 19:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:a487:b767/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a4:87:fc:e3:d4:f7:f2:b8:74:7f:53:d7:46:c1:bb:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 19:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=969396ce8394a01e7673ac05d4c0f7ae346154e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:24:dd:5d:e9:ad:5a:4d:f3:ae:d9:54:ea:88:
df:59:34:02:37:a4:86:87:65:89:34:0b:d5:96:01:
42:64:8b:f1:3e:37:5f:19:60:0e:cf:0d:cf:10:82:
95:25:70:72:0d:75:ad:c8:9f:ca:92:96:67:98:68:
e5:45:93:94:1b:d2:d2:54:23:bd:66:3e:82:0e:11:
13:d2:8d:b4:f4:77:e3:99:64:12:3b:48:09:ef:97:
b9:0e:ce:2c:38:bc:e8:f4:7e:76:0a:19:cb:f0:ba:
87:52:3a:5c:2b:da:80:58:67:86:20:e8:da:6a:6b:
44:40:08:a0:cc:51:77:29:ce:6b:67:12:a3:5e:74:
9c:47:6e:4e:6f:e8:af:4e:bb:a0:3c:89:17:1a:9f:
ce:71:95:9c:65:18:15:8c:38:44:7f:92:da:3e:dd:
07:f5:ca:26:03:f7:7d:70:d8:a6:e5:f0:bc:8d:18:
c6:fb:33:8c:70:b7:dd:6e:5a:e2:09:57:f1:7f:37:
15:d5:4f:0e:23:e1:49:cb:3b:0c:23:40:3b:b5:a3:
1e:1b:66:d5:03:89:e8:e9:27:54:67:1d:a4:76:21:
8d:93:39:1a:e5:78:93:6e:9f:6a:39:a9:d9:0c:8e:
fa:91:83:20:6a:17:eb:48:63:79:78:46:51:f1:22:
f2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:93:96:CE:83:94:A0:1E:76:73:AC:05:D4:C0:F7:AE:34:61:54:E3
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/lpOWzoOUoB52c6wF1MD3rjRhVOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:48:0b:55:da:58:5d:f5:0f:4a:00:6b:d5:1a:db:5a:22:a0:
45:70:b2:30:45:4d:86:aa:eb:a7:2c:4e:d3:84:66:41:19:50:
e3:88:e6:22:cc:43:2d:41:9c:4a:29:74:c1:21:b3:19:82:30:
fd:33:51:ff:9b:7b:8e:28:31:7c:49:75:cc:ac:40:b7:06:2a:
7b:ec:dd:e8:b1:bc:47:e1:42:15:45:6a:a3:2b:65:95:bf:ca:
18:4a:73:62:9b:a6:fa:5c:95:18:1b:16:2e:af:29:90:c0:7e:
8a:af:09:f2:4f:31:69:d9:79:5e:25:8b:3b:87:fd:da:86:a5:
33:e6:f5:c8:5e:8a:e8:62:5f:94:ea:c6:9c:56:e5:09:24:e2:
46:f7:f6:58:61:9a:5e:ea:97:1e:14:35:de:86:52:f3:0d:3e:
27:d7:f7:b3:30:1c:56:28:76:29:14:0f:73:c6:ee:4f:37:bd:
2d:10:b2:a0:6b:5a:44:b0:34:bc:f3:d9:cc:4c:1f:02:34:45:
2d:71:c9:ff:83:d0:d0:18:08:11:a1:24:aa:ea:af:71:a6:b9:
08:d2:a5:14:d7:03:bb:03:23:d5:e8:94:2a:22:3c:b3:c2:2f:
15:b4:87:8d:22:4e:66:d5:d1:d5:5e:a1:ea:4e:f6:d9:f9:ff:
4e:0f:55:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqkh/zj1PfyuHR/U9dGwbtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MTkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjkzOTZjZTgzOTRhMDFlNzY3M2FjMDVkNGMwZjdhZTM0NjE1NGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCTdXemtWk3zrtlU6ojfWTQCN6SG
h2WJNAvVlgFCZIvxPjdfGWAOzw3PEIKVJXByDXWtyJ/KkpZnmGjlRZOUG9LSVCO9
Zj6CDhET0o209HfjmWQSO0gJ75e5Ds4sOLzo9H52ChnL8LqHUjpcK9qAWGeGIOja
amtEQAigzFF3Kc5rZxKjXnScR25Ob+ivTrugPIkXGp/OcZWcZRgVjDhEf5LaPt0H
9comA/d9cNim5fC8jRjG+zOMcLfdblriCVfxfzcV1U8OI+FJyzsMI0A7taMeG2bV
A4no6SdUZx2kdiGNkzka5XiTbp9qOanZDI76kYMgahfrSGN5eEZR8SLycQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJaTls6DlKAednOsBdTA9640YVTjMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvbHBPV3pvT1VvQjUyYzZ3RjFNRDNyalJoVk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG9IC1XaWF31D0oAa9Ua
21oioEVwsjBFTYaq66csTtOEZkEZUOOI5iLMQy1BnEopdMEhsxmCMP0zUf+be44o
MXxJdcysQLcGKnvs3eixvEfhQhVFaqMrZZW/yhhKc2KbpvpclRgbFi6vKZDAfoqv
CfJPMWnZeV4lizuH/dqGpTPm9cheiuhiX5TqxpxW5Qkk4kb39lhhml7qlx4UNd6G
UvMNPifX97MwHFYodikUD3PG7k83vS0QsqBrWkSwNLzz2cxMHwI0RS1xyf+D0NAY
CBGhJKrqr3GmuQjSpRTXA7sDI9XolCoiPLPCLxW0h40iTmbV0dVeoepO9tn5/04P
VZs=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:58:47 2025 by rpki-client