Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/nwJtYZ8DoYM0K9a9sdyaqMCusME.roa
File: nwJtYZ8DoYM0K9a9sdyaqMCusME.roa (raw, json)
Hash identifier: P/JHE9dbYzfxExvNmLHsjqQ9WgFbZRRzdmUez27YmfI=
Subject key identifier: 9F:02:6D:61:9F:03:A1:83:34:2B:D6:BD:B1:DC:9A:A8:C0:AE:B0:C1
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA49124C9BB79D0C2AF4CBCC0CCDF7410
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/nwJtYZ8DoYM0K9a9sdyaqMCusME.roa
Signing time: Sun 17 Sep 2023 19:14:50 +0000
ROA not before: Sun 17 Sep 2023 19:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a4:91:24:c9:bb:79:d0:c2:af:4c:bc:c0:cc:df:74:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 19:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f026d619f03a183342bd6bdb1dc9aa8c0aeb0c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d0:bc:ea:68:8c:ba:93:5a:40:aa:03:a9:57:
bf:b6:8b:6f:fd:ab:cb:89:f6:2b:73:c5:c0:ae:ff:
49:65:0f:f1:a0:8b:a4:79:f8:86:ce:a4:6e:07:dd:
02:ea:6f:4d:86:c1:7f:44:f9:21:54:69:36:57:55:
ae:e2:de:34:9e:a4:c4:c2:16:2c:d9:27:20:20:94:
2d:fd:8a:22:45:b3:ce:bf:f7:b8:32:13:0d:ed:63:
8d:1a:9a:e8:70:fa:32:d7:40:41:5e:d0:d3:75:f0:
be:94:c3:ce:f2:6a:21:cc:3c:33:4e:0f:6b:31:76:
74:42:2f:13:7c:17:2f:09:4e:e3:95:d3:e0:f6:ca:
da:2b:f9:f1:88:85:2c:a5:7f:29:44:88:e4:f9:b8:
8a:45:4f:09:b2:3e:cd:b1:f4:83:e2:13:99:37:60:
6c:1b:8a:10:0c:35:6c:01:32:b0:80:23:25:68:61:
0a:56:82:22:d6:f8:88:a3:a1:3a:db:b0:02:01:39:
68:75:db:c0:3c:72:11:e2:e3:b0:83:47:27:8d:30:
74:53:1e:e1:16:1a:36:70:ce:00:a9:1a:14:af:33:
37:9d:32:c0:36:7f:b5:a1:0f:f8:6c:b5:85:50:04:
ce:ba:2d:9a:db:17:75:da:67:b9:55:20:c8:05:f0:
a3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:02:6D:61:9F:03:A1:83:34:2B:D6:BD:B1:DC:9A:A8:C0:AE:B0:C1
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/nwJtYZ8DoYM0K9a9sdyaqMCusME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:d2:20:5e:5f:92:a4:52:de:54:44:cc:7a:dc:f0:ed:01:aa:
ab:75:44:72:0d:37:76:b0:e0:d6:1a:39:a6:ec:5f:4d:6d:98:
77:8b:89:6c:ed:be:f5:0a:02:9c:8b:cc:b1:09:8b:27:f9:b0:
c3:fa:b5:89:16:b5:f3:2d:b5:26:12:f5:72:f2:ab:2a:5c:63:
2b:46:53:c2:c8:8f:b9:bf:ef:a1:6b:a7:52:f3:af:40:cf:8e:
07:7c:e4:2d:7b:1e:4e:a3:3d:b6:d9:75:e8:b6:9f:cd:72:e2:
43:95:57:7a:7f:89:fa:b0:72:0f:85:e4:0a:92:92:51:02:7b:
a4:a0:53:9f:79:79:e1:2f:7d:25:d4:75:0a:c0:70:f5:06:8b:
dd:62:86:74:53:a9:7e:ab:18:ff:d2:c7:e5:09:10:c9:67:78:
ea:e2:e1:ba:4f:b0:c1:03:1d:d6:9e:f7:e0:ee:ca:60:05:2f:
92:d1:3e:46:8b:2e:54:dd:7d:69:f9:78:12:a7:0e:c9:d8:45:
57:a2:42:bd:8e:ba:0c:a1:34:3e:02:36:2a:bf:55:1f:1a:d7:
0e:bd:b8:33:8f:f7:97:d7:f7:86:68:24:b3:9d:bd:23:2e:b2:
fe:d2:db:a1:80:1b:30:a7:04:47:ce:69:d6:95:a9:63:50:a7:
13:f5:12:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqkkSTJu3nQwq9MvMDM33QQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MTkxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjAyNmQ2MTlmMDNhMTgzMzQyYmQ2YmRiMWRjOWFhOGMwYWViMGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstC86miMupNaQKoDqVe/totv/avL
ifYrc8XArv9JZQ/xoIukefiGzqRuB90C6m9NhsF/RPkhVGk2V1Wu4t40nqTEwhYs
2ScgIJQt/YoiRbPOv/e4MhMN7WONGprocPoy10BBXtDTdfC+lMPO8mohzDwzTg9r
MXZ0Qi8TfBcvCU7jldPg9sraK/nxiIUspX8pRIjk+biKRU8Jsj7NsfSD4hOZN2Bs
G4oQDDVsATKwgCMlaGEKVoIi1viIo6E627ACATloddvAPHIR4uOwg0cnjTB0Ux7h
Fho2cM4AqRoUrzM3nTLANn+1oQ/4bLWFUATOui2a2xd12me5VSDIBfCjNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ8CbWGfA6GDNCvWvbHcmqjArrDBMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvbndKdFlaOERvWU0wSzlhOXNkeWFxTUN1c01FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEDSIF5fkqRS3lREzHrc
8O0Bqqt1RHINN3aw4NYaOabsX01tmHeLiWztvvUKApyLzLEJiyf5sMP6tYkWtfMt
tSYS9XLyqypcYytGU8LIj7m/76Frp1Lzr0DPjgd85C17Hk6jPbbZdei2n81y4kOV
V3p/ifqwcg+F5AqSklECe6SgU595eeEvfSXUdQrAcPUGi91ihnRTqX6rGP/Sx+UJ
EMlneOri4bpPsMEDHdae9+DuymAFL5LRPkaLLlTdfWn5eBKnDsnYRVeiQr2Ougyh
ND4CNiq/VR8a1w69uDOP95fX94ZoJLOdvSMusv7S26GAGzCnBEfOadaVqWNQpxP1
EtM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:17 2025 by rpki-client