Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/mBe3nPj-oY2fxiLA2Dm2OqUPMac.roa
File: mBe3nPj-oY2fxiLA2Dm2OqUPMac.roa (raw, json)
Hash identifier: U5zCkSUGKMca1YSKHDhtegStHV8SiDoHWR66PkTh6Fc=
Subject key identifier: 98:17:B7:9C:F8:FE:A1:8D:9F:C6:22:C0:D8:39:B6:3A:A5:0F:31:A7
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A638969D96A9E0993E0F9CCCD4ECC24AD
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/mBe3nPj-oY2fxiLA2Dm2OqUPMac.roa
Signing time: Tue 05 Sep 2023 04:11:04 +0000
ROA not before: Tue 05 Sep 2023 04:11:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:63:89:69:d9:6a:9e:09:93:e0:f9:cc:cd:4e:cc:24:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 04:11:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9817b79cf8fea18d9fc622c0d839b63aa50f31a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:77:02:c5:ce:cd:c3:9b:b1:78:a8:fb:81:14:
2a:a8:e3:80:23:76:12:9b:3c:66:25:05:a0:fa:20:
d7:da:91:ff:d0:03:28:7a:96:0d:f2:c0:29:e8:ce:
02:15:60:bc:47:8d:45:32:09:f2:de:ae:a3:70:c0:
cd:40:1c:f1:9a:85:11:0b:6c:99:bc:e3:9a:91:2d:
35:bb:83:a8:b2:66:86:bf:85:a9:79:ee:08:2a:cc:
3f:f4:15:c2:72:aa:ef:19:d9:3b:55:54:8a:61:ab:
ec:2f:3d:be:6b:af:37:3f:35:0d:3c:43:5e:fe:96:
1c:07:9b:da:22:20:23:ce:cc:03:9e:00:ce:91:c7:
49:04:70:7a:57:4e:09:6c:17:82:33:e2:a6:5f:06:
5b:cc:8d:2e:1a:69:1a:8d:c1:68:cc:34:35:d9:6d:
ac:12:63:98:01:42:e3:5e:5b:9e:f8:98:e3:dd:56:
92:30:04:03:ba:85:e5:df:9d:3f:9f:83:83:f9:b7:
10:85:e2:e0:50:e6:ff:98:46:bc:7d:79:88:67:7f:
a3:66:54:c6:70:6c:9b:76:cc:0c:84:70:2f:cd:47:
50:1f:66:3b:0e:0a:e7:da:c9:25:ba:9d:3f:44:e1:
82:bd:9b:60:d1:bf:f9:f0:20:20:49:1a:8b:ae:39:
af:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:17:B7:9C:F8:FE:A1:8D:9F:C6:22:C0:D8:39:B6:3A:A5:0F:31:A7
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/mBe3nPj-oY2fxiLA2Dm2OqUPMac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:fe:05:ca:76:ba:0d:30:d6:17:88:1e:a7:86:f7:dc:7f:83:
3d:1a:41:4b:d1:16:d7:6d:12:f4:ce:e7:71:b7:35:ea:0b:fd:
39:ca:bc:20:6e:0f:25:72:7c:99:7a:a1:c1:28:6a:6a:a5:38:
bf:92:78:e1:2f:ca:1e:6c:05:3d:0a:59:c7:44:50:a7:b0:ff:
3a:6f:9d:33:8a:10:e7:0c:a7:0e:50:c8:96:b3:55:de:43:0a:
44:d3:27:fa:85:1b:8c:10:c8:41:17:23:20:3e:b7:cc:ca:bc:
43:b3:ea:66:97:27:8d:af:5b:64:cc:eb:c4:85:b8:3d:57:dc:
36:dd:5d:9b:19:79:8c:38:75:7c:d1:59:27:54:5c:fd:15:90:
c5:c4:ae:d9:86:3d:b2:cb:bc:48:d3:f8:8d:0a:f6:1f:b5:d0:
2a:03:10:15:17:c8:57:a3:27:dd:76:e3:2d:8b:16:61:d2:2a:
4a:96:ad:29:87:cb:b8:c7:75:6f:4e:69:86:c1:f2:a1:4e:76:
99:ba:e0:a8:12:a6:63:65:c6:83:22:a7:9a:3b:5a:79:33:c5:
9f:d7:99:f0:a5:7c:48:82:34:2c:45:8c:40:b5:1f:7f:c1:28:
ee:f6:a0:93:42:fa:6e:62:42:bd:10:4d:f7:ad:cd:9b:74:c8:
2b:fb:30:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpjiWnZap4Jk+D5zM1OzCStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MDQxMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODE3Yjc5Y2Y4ZmVhMThkOWZjNjIyYzBkODM5YjYzYWE1MGYzMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArncCxc7Nw5uxeKj7gRQqqOOAI3YS
mzxmJQWg+iDX2pH/0AMoepYN8sAp6M4CFWC8R41FMgny3q6jcMDNQBzxmoURC2yZ
vOOakS01u4OosmaGv4Wpee4IKsw/9BXCcqrvGdk7VVSKYavsLz2+a683PzUNPENe
/pYcB5vaIiAjzswDngDOkcdJBHB6V04JbBeCM+KmXwZbzI0uGmkajcFozDQ12W2s
EmOYAULjXlue+Jjj3VaSMAQDuoXl350/n4OD+bcQheLgUOb/mEa8fXmIZ3+jZlTG
cGybdswMhHAvzUdQH2Y7Dgrn2sklup0/ROGCvZtg0b/58CAgSRqLrjmvaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJgXt5z4/qGNn8YiwNg5tjqlDzGnMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvbUJlM25Qai1vWTJmeGlMQTJEbTJPcVVQTWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ/+Bcp2ug0w1heIHqeG
99x/gz0aQUvRFtdtEvTO53G3NeoL/TnKvCBuDyVyfJl6ocEoamqlOL+SeOEvyh5s
BT0KWcdEUKew/zpvnTOKEOcMpw5QyJazVd5DCkTTJ/qFG4wQyEEXIyA+t8zKvEOz
6maXJ42vW2TM68SFuD1X3DbdXZsZeYw4dXzRWSdUXP0VkMXErtmGPbLLvEjT+I0K
9h+10CoDEBUXyFejJ9124y2LFmHSKkqWrSmHy7jHdW9OaYbB8qFOdpm64KgSpmNl
xoMip5o7WnkzxZ/XmfClfEiCNCxFjEC1H3/BKO72oJNC+m5iQr0QTfetzZt0yCv7
MKo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:22 2025 by rpki-client