Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/omz5jT0yjJl9-39kl12yA4iUJ3M.roa
File: omz5jT0yjJl9-39kl12yA4iUJ3M.roa (raw, json)
Hash identifier: VWvPYLG3ak4APgJqIbzAXjalB8IxyDEugLOCefOkCR8=
Subject key identifier: A2:6C:F9:8D:3D:32:8C:99:7D:FB:7F:64:97:5D:B2:03:88:94:27:73
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8EAC48DB6C8A2B59A79C7474D5D5C5F8
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/omz5jT0yjJl9-39kl12yA4iUJ3M.roa
Signing time: Wed 13 Sep 2023 13:12:50 +0000
ROA not before: Wed 13 Sep 2023 13:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:ac:48:db:6c:8a:2b:59:a7:9c:74:74:d5:d5:c5:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 13:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a26cf98d3d328c997dfb7f64975db20388942773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:61:41:d5:e3:1e:11:37:1b:06:3f:3d:05:8a:
d9:da:88:54:80:1e:0f:35:35:e7:86:7c:1d:65:38:
52:15:a8:1d:5a:ad:85:12:9b:89:c0:3d:c5:d6:52:
04:5b:b5:8e:b6:9c:4e:3d:16:5b:43:e8:c4:13:f6:
08:f2:4c:ea:cd:c9:dd:0c:f0:e5:ef:c6:10:04:fc:
64:b5:9a:bd:e8:75:cd:07:19:2e:44:82:eb:a3:fc:
53:c1:87:74:98:08:e2:af:51:aa:e2:66:ca:24:53:
28:f8:86:6f:70:5c:2f:78:80:3c:b2:9e:4f:79:5f:
7c:09:62:e1:e8:f4:ca:79:3d:d9:46:31:d6:aa:ff:
d4:fc:ca:61:74:64:4e:d8:5a:66:b9:eb:a5:ae:9e:
75:15:15:b4:a9:16:3e:9a:34:1e:31:3f:31:7b:1c:
21:f3:54:8e:32:c1:4e:11:c1:0e:d6:2b:28:42:af:
c0:2a:cd:ab:9f:ac:26:78:d9:42:69:bd:07:9e:93:
b8:c3:23:29:53:e1:02:3e:df:46:93:6a:9e:a4:0b:
39:ab:87:64:33:98:a8:59:fe:d6:de:3f:e0:21:99:
31:ad:95:f7:8f:7d:e3:e8:c1:44:9b:73:f7:f6:5c:
cd:42:ef:53:12:af:ab:3f:5a:e0:00:22:cf:10:c2:
84:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6C:F9:8D:3D:32:8C:99:7D:FB:7F:64:97:5D:B2:03:88:94:27:73
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/omz5jT0yjJl9-39kl12yA4iUJ3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:50:09:2f:01:2b:4f:8d:98:ac:27:06:8b:ff:20:e7:1e:7e:
62:96:62:13:39:81:24:52:57:58:3a:e5:f5:94:fe:b3:97:bd:
92:06:7c:de:b6:7f:47:0c:41:fb:97:cd:73:36:a0:b8:7e:b5:
a6:ac:1f:93:41:23:76:d5:c0:5a:58:42:e7:e7:7c:61:f3:b0:
b7:44:19:87:92:70:2d:af:09:6b:56:b1:27:c2:e5:8c:f9:2b:
0f:04:7c:50:4b:6a:60:6a:d1:16:1e:2c:47:bf:c8:6c:93:b1:
e6:0b:44:81:39:5a:54:e6:fb:38:b5:19:54:9c:63:1e:7b:d5:
c2:ea:2a:68:b8:fe:20:5e:ad:17:7a:30:f7:d3:2d:11:ee:23:
60:3c:4f:3c:6e:1b:2a:af:bd:9d:9b:d5:63:55:cf:77:30:15:
ae:3e:30:78:f3:e0:b2:91:05:16:b8:ac:32:9b:86:e9:7a:a9:
31:fd:5f:50:fb:97:76:3d:e5:f1:93:ad:b9:5b:fa:80:bc:09:
b8:db:4a:d2:52:b4:70:29:cb:67:45:d6:3c:4c:0f:5a:8e:d1:
92:48:aa:58:f2:da:fd:da:09:d9:b8:66:74:8c:1d:29:5e:fb:
ee:4c:81:87:2a:b0:89:41:30:c7:a9:ae:70:5f:b7:88:a8:ab:
12:b2:5a:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqOrEjbbIorWaecdHTV1cX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMTMxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjZjZjk4ZDNkMzI4Yzk5N2RmYjdmNjQ5NzVkYjIwMzg4OTQyNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGFB1eMeETcbBj89BYrZ2ohUgB4P
NTXnhnwdZThSFagdWq2FEpuJwD3F1lIEW7WOtpxOPRZbQ+jEE/YI8kzqzcndDPDl
78YQBPxktZq96HXNBxkuRILro/xTwYd0mAjir1Gq4mbKJFMo+IZvcFwveIA8sp5P
eV98CWLh6PTKeT3ZRjHWqv/U/MphdGRO2Fpmueulrp51FRW0qRY+mjQeMT8xexwh
81SOMsFOEcEO1isoQq/AKs2rn6wmeNlCab0HnpO4wyMpU+ECPt9Gk2qepAs5q4dk
M5ioWf7W3j/gIZkxrZX3j33j6MFEm3P39lzNQu9TEq+rP1rgACLPEMKEUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKJs+Y09MoyZfft/ZJddsgOIlCdzMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvb216NWpUMHlqSmw5LTM5a2wxMnlBNGlVSjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAlQCS8BK0+NmKwnBov/
IOcefmKWYhM5gSRSV1g65fWU/rOXvZIGfN62f0cMQfuXzXM2oLh+taasH5NBI3bV
wFpYQufnfGHzsLdEGYeScC2vCWtWsSfC5Yz5Kw8EfFBLamBq0RYeLEe/yGyTseYL
RIE5WlTm+zi1GVScYx571cLqKmi4/iBerRd6MPfTLRHuI2A8TzxuGyqvvZ2b1WNV
z3cwFa4+MHjz4LKRBRa4rDKbhul6qTH9X1D7l3Y95fGTrblb+oC8CbjbStJStHAp
y2dF1jxMD1qO0ZJIqljy2v3aCdm4ZnSMHSle++5MgYcqsIlBMMeprnBft4ioqxKy
Wm8=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:17:07 2025 by rpki-client