Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/nWVGm6wzqFqAct5PMz8gCNKU9KY.roa
File: nWVGm6wzqFqAct5PMz8gCNKU9KY.roa (raw, json)
Hash identifier: CejIEE8hmp8sc29aPES9KxOjNCS515nUz2v6NZismhY=
Subject key identifier: 9D:65:46:9B:AC:33:A8:5A:80:72:DE:4F:33:3F:20:08:D2:94:F4:A6
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7BCB3FC22B14BFA87FCDB781336D290A
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/nWVGm6wzqFqAct5PMz8gCNKU9KY.roa
Signing time: Sat 09 Sep 2023 21:13:52 +0000
ROA not before: Sat 09 Sep 2023 21:13:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7b:cb:3f:c2:2b:14:bf:a8:7f:cd:b7:81:33:6d:29:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 21:13:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d65469bac33a85a8072de4f333f2008d294f4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:15:a0:39:6e:4e:a8:0c:2e:5f:ef:74:bb:01:
8e:57:f8:92:a7:56:d5:07:66:3c:1b:94:60:6a:b9:
f9:8d:01:2d:cd:d1:65:af:f1:f6:00:be:01:2a:4a:
90:4a:9c:26:f9:c9:eb:6c:98:76:4d:6e:e7:7f:e0:
d2:0d:84:88:7c:5b:24:1e:0b:bb:59:73:37:8f:68:
e1:ef:a2:1d:21:c8:9d:31:a9:ce:5a:48:ca:67:e8:
d9:52:5e:c3:3b:c3:1d:39:4f:59:b6:6e:a0:49:b8:
4c:b8:36:47:de:32:2c:0d:b8:35:2c:3e:7d:54:61:
a8:ae:f1:a1:03:42:00:31:dc:1a:23:f5:17:bb:e0:
1f:8b:b3:bb:c4:8c:87:f5:a0:73:f6:b4:e3:56:a5:
fd:e7:c9:16:95:bc:f6:d3:26:25:98:f8:f8:15:a7:
c9:73:26:8c:aa:a9:ce:51:78:b4:e8:e9:55:12:e8:
2e:e3:1f:f2:ff:b5:02:b2:27:ec:bd:46:d6:fb:00:
1a:2b:2d:7a:bc:e2:3d:35:db:b5:70:c6:5e:96:48:
0d:4f:a4:b5:f1:53:23:0e:14:f3:dc:57:26:e9:bb:
0f:fa:82:85:f2:d6:a4:c3:e5:87:5d:43:2c:49:3e:
31:bd:4f:62:93:34:e7:0f:97:d0:f5:2b:92:2d:19:
47:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:65:46:9B:AC:33:A8:5A:80:72:DE:4F:33:3F:20:08:D2:94:F4:A6
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/nWVGm6wzqFqAct5PMz8gCNKU9KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:27:8a:d7:e6:b0:8d:e9:56:46:34:a0:a0:aa:ca:2e:7e:25:
80:a2:14:60:f8:95:b1:66:de:2b:39:4f:db:7b:09:43:da:65:
5b:99:b8:ae:65:0d:a6:dc:df:fd:6e:63:75:33:e8:01:11:2d:
b9:83:f1:71:6b:83:a2:18:31:75:e2:89:21:b8:6f:9e:45:58:
c2:f0:3a:ef:d7:56:ab:3e:c1:32:f3:b1:f0:f1:13:f3:ce:ee:
49:84:c9:d8:3f:00:da:44:00:f4:74:b3:77:1c:bf:d4:71:a1:
70:92:06:74:21:bf:ab:23:30:9f:89:bd:0a:89:fc:d0:81:60:
43:3a:c3:a1:45:03:b7:4e:53:68:73:3f:80:94:4c:ce:37:fb:
a1:f3:33:10:5e:a9:e7:bc:b4:17:ff:09:b4:2a:f8:b3:94:f6:
bf:ee:d5:5e:a4:31:47:72:17:82:cc:0a:6d:ea:b6:ee:d0:21:
4d:12:55:81:1c:0c:b4:39:19:9b:e3:22:32:54:91:7a:76:6e:
cd:7b:ad:f6:c6:ca:f9:12:f5:8a:af:e7:92:6a:4e:c5:18:a2:
ac:b7:fa:bc:cf:d5:89:f0:b5:f7:86:a2:73:f7:44:fe:ff:2b:
b2:3a:ac:14:1f:61:4f:b1:c5:f3:61:b0:61:fe:ef:2f:e5:40:
ee:0e:1d:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp7yz/CKxS/qH/Nt4EzbSkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MjExMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDY1NDY5YmFjMzNhODVhODA3MmRlNGYzMzNmMjAwOGQyOTRmNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBWgOW5OqAwuX+90uwGOV/iSp1bV
B2Y8G5Rgarn5jQEtzdFlr/H2AL4BKkqQSpwm+cnrbJh2TW7nf+DSDYSIfFskHgu7
WXM3j2jh76IdIcidManOWkjKZ+jZUl7DO8MdOU9Ztm6gSbhMuDZH3jIsDbg1LD59
VGGorvGhA0IAMdwaI/UXu+Afi7O7xIyH9aBz9rTjVqX958kWlbz20yYlmPj4FafJ
cyaMqqnOUXi06OlVEugu4x/y/7UCsifsvUbW+wAaKy16vOI9Ndu1cMZelkgNT6S1
8VMjDhTz3Fcm6bsP+oKF8takw+WHXUMsST4xvU9ikzTnD5fQ9SuSLRlHXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ1lRpusM6hagHLeTzM/IAjSlPSmMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvbldWR202d3pxRnFBY3Q1UE16OGdDTktVOUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACgnitfmsI3pVkY0oKCq
yi5+JYCiFGD4lbFm3is5T9t7CUPaZVuZuK5lDabc3/1uY3Uz6AERLbmD8XFrg6IY
MXXiiSG4b55FWMLwOu/XVqs+wTLzsfDxE/PO7kmEydg/ANpEAPR0s3ccv9RxoXCS
BnQhv6sjMJ+JvQqJ/NCBYEM6w6FFA7dOU2hzP4CUTM43+6HzMxBeqee8tBf/CbQq
+LOU9r/u1V6kMUdyF4LMCm3qtu7QIU0SVYEcDLQ5GZvjIjJUkXp2bs17rfbGyvkS
9Yqv55JqTsUYoqy3+rzP1YnwtfeGonP3RP7/K7I6rBQfYU+xxfNhsGH+7y/lQO4O
HRU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:23 2025 by rpki-client