Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/m5D6PqJMLmTNYTn__sVAVnldNwo.roa
File: m5D6PqJMLmTNYTn__sVAVnldNwo.roa (raw, json)
Hash identifier: 5hh+oR3gXoVCrtGjf90L5V6PkjpClyrjrch1bSOSDps=
Subject key identifier: 9B:90:FA:3E:A2:4C:2E:64:CD:61:39:FF:FE:C5:40:56:79:5D:37:0A
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5A8BC715629986511C6A34DFB3CC7947
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/m5D6PqJMLmTNYTn__sVAVnldNwo.roa
Signing time: Sun 03 Sep 2023 10:17:04 +0000
ROA not before: Sun 03 Sep 2023 10:17:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5a:8b:c7:15:62:99:86:51:1c:6a:34:df:b3:cc:79:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 10:17:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b90fa3ea24c2e64cd6139fffec54056795d370a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5c:b2:a8:cb:7c:18:ad:96:11:44:c2:df:ab:
a1:fc:ba:0a:36:ff:73:be:1b:7f:0c:e0:c9:ad:47:
e3:fd:21:a2:21:6b:9d:90:c8:e1:84:cf:e4:a3:69:
ea:57:4c:aa:46:96:24:2d:5d:cf:49:ba:2b:49:30:
87:8e:e4:e8:e9:70:2a:b0:b6:e4:67:98:37:c7:34:
c3:7b:6d:8c:e3:9e:6e:b9:a8:79:dc:dd:45:d1:3c:
c0:a2:85:54:13:70:63:6c:be:a2:77:d3:af:83:c4:
cd:15:27:34:a8:dc:71:ef:28:1c:8f:da:34:ae:91:
cf:3e:70:c9:e2:c5:72:7b:c2:8c:05:ce:84:de:09:
25:cc:54:42:5a:0e:21:64:99:aa:d2:87:9d:d6:34:
cf:5b:e3:6b:28:29:54:74:46:c3:18:6e:5b:dd:25:
1e:f3:c7:5e:30:cd:b1:6a:97:43:de:18:0c:8d:75:
d1:dc:1f:ce:fd:76:75:7f:14:8b:2e:97:7c:8f:36:
da:24:94:a3:c1:a5:8e:6d:55:81:42:4c:9e:e3:2d:
df:cd:26:03:e7:be:fd:97:ff:e9:af:53:5a:28:b9:
86:89:fc:f2:81:f2:fc:9e:c0:1c:b8:80:47:ce:5a:
69:35:6e:04:cf:89:c4:55:1d:78:89:7d:88:d3:59:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:90:FA:3E:A2:4C:2E:64:CD:61:39:FF:FE:C5:40:56:79:5D:37:0A
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/m5D6PqJMLmTNYTn__sVAVnldNwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:36:2f:41:a2:88:88:e9:c1:31:31:b7:05:3a:3d:64:bf:76:
06:10:44:4f:17:f8:14:91:c1:46:53:1f:b6:40:22:59:b2:a6:
d8:d4:7f:90:53:2a:f5:dd:91:9d:c7:03:d5:a1:53:b7:1f:ec:
3f:92:fb:e9:ee:da:cb:5f:9b:82:d9:88:32:29:18:45:ee:5e:
c1:14:40:c5:ce:17:c0:dc:d6:5a:a3:db:0c:ae:a2:b0:6b:12:
99:8d:75:04:bd:d7:50:2c:59:9b:46:8f:ca:3d:fb:93:15:00:
ec:09:db:2c:8e:7e:2e:86:ea:a1:43:08:e2:9a:e7:af:36:d8:
9e:1a:c5:37:e4:bd:d2:ab:fc:49:a0:bc:e6:3e:44:c5:c4:cc:
0d:e4:bf:c8:ea:0e:58:39:b4:39:14:d0:e5:37:dd:b1:7f:91:
20:a5:0c:1b:9f:b6:40:74:ed:40:9b:a4:94:72:d9:ba:12:62:
1a:da:8a:ab:31:72:95:81:57:44:ba:34:22:da:19:a1:6a:75:
4b:a5:08:db:fb:2d:6c:28:23:fd:97:2f:f5:e6:7a:80:fa:d1:
9a:ac:92:47:12:10:63:0c:63:ce:b5:51:3b:aa:7b:ea:00:00:
06:dc:11:bc:1e:53:82:5d:ab:ff:6b:47:72:95:6d:66:05:ac:
ed:43:00:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpai8cVYpmGURxqNN+zzHlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMTAxNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjkwZmEzZWEyNGMyZTY0Y2Q2MTM5ZmZmZWM1NDA1Njc5NWQzNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1yyqMt8GK2WEUTC36uh/LoKNv9z
vht/DODJrUfj/SGiIWudkMjhhM/ko2nqV0yqRpYkLV3PSborSTCHjuTo6XAqsLbk
Z5g3xzTDe22M455uuah53N1F0TzAooVUE3BjbL6id9Ovg8TNFSc0qNxx7ygcj9o0
rpHPPnDJ4sVye8KMBc6E3gklzFRCWg4hZJmq0oed1jTPW+NrKClUdEbDGG5b3SUe
88deMM2xapdD3hgMjXXR3B/O/XZ1fxSLLpd8jzbaJJSjwaWObVWBQkye4y3fzSYD
5779l//pr1NaKLmGifzygfL8nsAcuIBHzlppNW4Ez4nEVR14iX2I01mZgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJuQ+j6iTC5kzWE5//7FQFZ5XTcKMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvbTVENlBxSk1MbVROWVRuX19zVkFWbmxkTndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADQ2L0GiiIjpwTExtwU6
PWS/dgYQRE8X+BSRwUZTH7ZAIlmyptjUf5BTKvXdkZ3HA9WhU7cf7D+S++nu2stf
m4LZiDIpGEXuXsEUQMXOF8Dc1lqj2wyuorBrEpmNdQS911AsWZtGj8o9+5MVAOwJ
2yyOfi6G6qFDCOKa56822J4axTfkvdKr/EmgvOY+RMXEzA3kv8jqDlg5tDkU0OU3
3bF/kSClDBuftkB07UCbpJRy2boSYhraiqsxcpWBV0S6NCLaGaFqdUulCNv7LWwo
I/2XL/XmeoD60ZqskkcSEGMMY861UTuqe+oAAAbcEbweU4Jdq/9rR3KVbWYFrO1D
AOU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:45:43 2025 by rpki-client