Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/md1UwxwhJbd5nwQ6EkvoZPEaSeg.roa
File: md1UwxwhJbd5nwQ6EkvoZPEaSeg.roa (raw, json)
Hash identifier: G8/UNP15e/jW1PKBLuoSAy8Y64CHM9KOp9IbL5eAeH8=
Subject key identifier: 99:DD:54:C3:1C:21:25:B7:79:9F:04:3A:12:4B:E8:64:F1:1A:49:E8
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5042B8C5E3722A2F2E993EDBCA5C1BB2
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/md1UwxwhJbd5nwQ6EkvoZPEaSeg.roa
Signing time: Fri 01 Sep 2023 10:21:04 +0000
ROA not before: Fri 01 Sep 2023 10:21:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:42:b8:c5:e3:72:2a:2f:2e:99:3e:db:ca:5c:1b:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 10:21:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99dd54c31c2125b7799f043a124be864f11a49e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:81:f4:36:0c:25:63:0b:4e:d5:93:08:8b:9a:
21:c2:a6:5e:18:27:d5:b2:b3:6b:81:09:e6:8c:00:
a6:31:39:60:eb:db:d1:13:31:f4:d7:60:6e:f0:ef:
e1:e0:08:36:21:b6:f8:9b:04:93:72:3d:60:b2:8b:
08:eb:a7:f8:89:41:86:af:a7:33:9c:b0:b6:f4:02:
c7:14:21:50:84:5e:be:29:cd:e6:62:2d:5b:be:1d:
01:3e:60:e3:37:2d:91:f7:f3:8a:d2:88:ec:cd:ee:
b9:05:f2:ea:25:3e:9c:06:7a:c1:77:95:ee:78:11:
8e:3e:d1:54:6c:47:b3:ce:fa:55:f9:bd:7a:1a:4f:
18:12:db:2c:f9:84:4a:be:35:55:cf:f7:58:72:62:
2f:bf:e9:46:29:b7:a1:a1:28:5d:da:fa:bf:ac:c2:
f6:80:05:16:14:af:06:ba:ea:85:5f:ba:32:ab:c0:
2d:b0:bc:9f:50:fa:76:8f:19:2f:d7:91:73:84:5f:
e9:a9:1f:c2:2b:12:c9:d6:97:c1:14:09:7c:9e:e1:
15:d9:b0:5e:cf:bf:de:f6:a9:2a:bb:88:3a:11:f0:
4f:0b:f3:76:05:16:88:db:c3:19:8a:96:db:41:f6:
5b:0c:25:77:7b:47:2b:e1:25:b3:3d:89:d2:16:c3:
fa:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:DD:54:C3:1C:21:25:B7:79:9F:04:3A:12:4B:E8:64:F1:1A:49:E8
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/md1UwxwhJbd5nwQ6EkvoZPEaSeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:e5:51:fb:99:1b:38:bc:34:be:d9:e7:b2:37:74:39:50:7b:
c5:c0:e9:bd:1d:80:d9:c7:d5:f0:b4:50:29:12:ed:a3:db:a8:
fd:b0:17:4b:be:dd:2b:ad:c7:47:8a:4e:2d:6e:d8:b3:75:11:
cd:6d:9d:1f:da:91:83:68:e0:ed:01:e4:40:9a:b5:65:3f:bf:
34:ff:bc:6f:04:c1:2e:19:80:7b:d1:70:ed:6a:57:c5:08:95:
83:c5:16:de:7e:a2:98:dc:ff:6d:36:2a:d1:dd:3a:dd:01:29:
a5:b8:99:09:43:a8:5c:19:e2:2f:13:2a:8e:2d:f4:5d:68:0b:
5e:5e:aa:72:26:ee:60:28:eb:eb:b5:ca:6d:9d:d9:d6:48:d1:
14:cc:7e:56:ea:57:c8:c2:0f:c6:27:66:f6:05:1e:95:90:c1:
e1:c6:8e:47:e3:41:fa:72:6f:c6:b3:4f:f6:64:0e:1e:31:fa:
a2:a1:cf:70:5b:0d:d1:ea:98:fa:bf:4f:f4:07:15:19:fc:8f:
3e:28:5e:99:58:d8:b2:ac:b9:3a:b2:28:c5:27:0b:96:1b:50:
9b:0c:5c:86:78:72:ab:21:87:fe:b5:0a:c5:a9:06:d1:8c:cf:
50:99:27:5e:63:bb:1f:10:15:12:25:ca:7d:d5:a6:b8:45:04:
11:ef:dd:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpQQrjF43IqLy6ZPtvKXBuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMTAyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWRkNTRjMzFjMjEyNWI3Nzk5ZjA0M2ExMjRiZTg2NGYxMWE0OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroH0NgwlYwtO1ZMIi5ohwqZeGCfV
srNrgQnmjACmMTlg69vREzH012Bu8O/h4Ag2Ibb4mwSTcj1gsosI66f4iUGGr6cz
nLC29ALHFCFQhF6+Kc3mYi1bvh0BPmDjNy2R9/OK0ojsze65BfLqJT6cBnrBd5Xu
eBGOPtFUbEezzvpV+b16Gk8YEtss+YRKvjVVz/dYcmIvv+lGKbehoShd2vq/rML2
gAUWFK8GuuqFX7oyq8AtsLyfUPp2jxkv15FzhF/pqR/CKxLJ1pfBFAl8nuEV2bBe
z7/e9qkqu4g6EfBPC/N2BRaI28MZipbbQfZbDCV3e0cr4SWzPYnSFsP60wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJndVMMcISW3eZ8EOhJL6GTxGknoMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvbWQxVXd4d2hKYmQ1bndRNkVrdm9aUEVhU2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACblUfuZGzi8NL7Z57I3
dDlQe8XA6b0dgNnH1fC0UCkS7aPbqP2wF0u+3Sutx0eKTi1u2LN1Ec1tnR/akYNo
4O0B5ECatWU/vzT/vG8EwS4ZgHvRcO1qV8UIlYPFFt5+opjc/202KtHdOt0BKaW4
mQlDqFwZ4i8TKo4t9F1oC15eqnIm7mAo6+u1ym2d2dZI0RTMflbqV8jCD8YnZvYF
HpWQweHGjkfjQfpyb8azT/ZkDh4x+qKhz3BbDdHqmPq/T/QHFRn8jz4oXplY2LKs
uTqyKMUnC5YbUJsMXIZ4cqshh/61CsWpBtGMz1CZJ15jux8QFRIlyn3VprhFBBHv
3bM=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:14 2025 by rpki-client