Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/oLCGAOTyVcZjJseTKP6JMmejgrw.roa
File: oLCGAOTyVcZjJseTKP6JMmejgrw.roa (raw, json)
Hash identifier: NgkBumHxP1hJrjJsv8m46LWCYvm8hgpO6O1ADALVrLM=
Subject key identifier: A0:B0:86:00:E4:F2:55:C6:63:26:C7:93:28:FE:89:32:67:A3:82:BC
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6F1B20E265AC3F5948FE4CE289D55005
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/oLCGAOTyVcZjJseTKP6JMmejgrw.roa
Signing time: Thu 07 Sep 2023 10:06:03 +0000
ROA not before: Thu 07 Sep 2023 10:06:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:6f19:87ea/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:1b:20:e2:65:ac:3f:59:48:fe:4c:e2:89:d5:50:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 7 10:06:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0b08600e4f255c66326c79328fe893267a382bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:eb:0b:47:22:88:82:ad:32:3f:ca:77:da:26:
66:b1:d9:03:fb:9c:0f:d1:e6:0a:17:17:8c:6a:62:
d9:0b:f1:bd:ad:65:9b:ee:7e:9a:7f:35:9f:7c:f0:
56:37:25:1a:af:ca:ee:f7:f4:00:cf:e2:ce:3b:67:
cc:71:d5:28:40:22:8b:79:d8:61:6c:a8:4b:6b:bc:
c9:02:60:17:19:2f:97:c8:79:21:89:fc:66:be:52:
c2:90:11:f4:81:80:5b:19:8c:d7:eb:65:b0:b2:f6:
a2:8d:db:05:54:e1:36:9a:3b:d0:69:70:25:74:29:
e3:7a:3c:43:bd:f3:a9:a5:b2:48:9d:a1:46:3e:9d:
46:a4:bb:7f:b4:b0:98:3d:fd:d6:3d:26:e1:2c:15:
45:96:7f:7f:95:c2:4c:ea:c9:8c:b9:8a:1e:4d:76:
92:aa:c3:4f:15:de:1a:2b:d6:7a:7f:70:cb:e8:63:
98:21:e3:83:15:9a:ae:97:e3:11:14:cb:f0:3f:4e:
bd:b2:7b:60:ca:7f:c3:a8:1a:47:7d:f6:10:8f:d7:
2d:84:b4:33:b8:22:82:e6:69:b5:87:d7:31:1e:31:
36:72:08:7e:92:ac:d1:08:7b:bc:df:9e:c1:40:d3:
6a:84:00:dc:63:f6:26:ca:e7:ee:91:aa:dc:8c:b9:
b7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B0:86:00:E4:F2:55:C6:63:26:C7:93:28:FE:89:32:67:A3:82:BC
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/oLCGAOTyVcZjJseTKP6JMmejgrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:6c:8d:5a:39:d6:41:9f:ad:a6:5b:c5:75:f0:e5:b4:54:5f:
2a:5d:f0:15:af:b3:20:1b:f8:22:0a:99:af:ba:57:f0:b3:bd:
f1:10:a7:30:4e:e1:e4:f4:02:93:ba:8e:15:ea:de:b5:96:2a:
95:d9:a1:88:a1:d9:29:5e:a3:e6:b7:84:a4:f2:7a:c1:3a:86:
8d:6e:77:48:00:07:12:80:52:da:07:94:92:a7:9c:29:59:2e:
1f:c5:8f:db:52:a6:50:e6:ae:85:73:ea:e8:ae:5d:82:bb:2f:
95:d1:f6:e6:37:6a:fd:d2:8d:87:1a:ca:1a:fd:66:c6:79:6e:
0a:68:74:67:f0:4d:cf:cb:da:46:46:52:17:7c:15:27:49:83:
43:c1:75:dd:45:1e:ff:b9:fd:6c:54:20:09:20:2a:45:8f:bb:
41:df:fd:da:a6:45:11:60:4b:ac:d1:c8:28:b5:4c:49:49:2f:
e7:8d:51:8e:5e:1b:f1:0e:8a:b2:c9:96:24:6e:4e:3f:91:0d:
c3:a2:f8:d0:73:b3:0f:10:b6:28:27:f0:57:35:97:8d:b5:3c:
44:a4:f3:83:77:4f:d1:be:bb:f4:43:44:ef:4f:0e:32:45:ac:
c1:ca:bb:86:33:2e:9a:a2:1c:fe:c6:09:a0:af:c0:2c:11:68:
3d:de:a3:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpvGyDiZaw/WUj+TOKJ1VAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA3MTAwNjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGIwODYwMGU0ZjI1NWM2NjMyNmM3OTMyOGZlODkzMjY3YTM4MmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOsLRyKIgq0yP8p32iZmsdkD+5wP
0eYKFxeMamLZC/G9rWWb7n6afzWffPBWNyUar8ru9/QAz+LOO2fMcdUoQCKLedhh
bKhLa7zJAmAXGS+XyHkhifxmvlLCkBH0gYBbGYzX62WwsvaijdsFVOE2mjvQaXAl
dCnjejxDvfOppbJInaFGPp1GpLt/tLCYPf3WPSbhLBVFln9/lcJM6smMuYoeTXaS
qsNPFd4aK9Z6f3DL6GOYIeODFZqul+MRFMvwP069sntgyn/DqBpHffYQj9cthLQz
uCKC5mm1h9cxHjE2cgh+kqzRCHu8357BQNNqhADcY/YmyufukarcjLm30wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKCwhgDk8lXGYybHkyj+iTJno4K8MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvb0xDR0FPVHlWY1pqSnNlVEtQNkpNbWVqZ3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD5sjVo51kGfraZbxXXw
5bRUXypd8BWvsyAb+CIKma+6V/CzvfEQpzBO4eT0ApO6jhXq3rWWKpXZoYih2Sle
o+a3hKTyesE6ho1ud0gABxKAUtoHlJKnnClZLh/Fj9tSplDmroVz6uiuXYK7L5XR
9uY3av3SjYcayhr9ZsZ5bgpodGfwTc/L2kZGUhd8FSdJg0PBdd1FHv+5/WxUIAkg
KkWPu0Hf/dqmRRFgS6zRyCi1TElJL+eNUY5eG/EOirLJliRuTj+RDcOi+NBzsw8Q
tign8Fc1l421PESk84N3T9G+u/RDRO9PDjJFrMHKu4YzLpqiHP7GCaCvwCwRaD3e
oyM=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:56:07 2025 by rpki-client