Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/oyFnaVZq8tGzCgkj3hBpbfzGHBQ.roa
File: oyFnaVZq8tGzCgkj3hBpbfzGHBQ.roa (raw, json)
Hash identifier: mSH2Y8014IkuETqC6Az5M9Sw7eeTohj7CgaDe1DWm3g=
Subject key identifier: A3:21:67:69:56:6A:F2:D1:B3:0A:09:23:DE:10:69:6D:FC:C6:1C:14
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7EFAFC06EFE01E63316D1208CACCC9F4
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/oyFnaVZq8tGzCgkj3hBpbfzGHBQ.roa
Signing time: Sun 10 Sep 2023 12:04:52 +0000
ROA not before: Sun 10 Sep 2023 12:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:7efa:7440/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7e:fa:fc:06:ef:e0:1e:63:31:6d:12:08:ca:cc:c9:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 10 12:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3216769566af2d1b30a0923de10696dfcc61c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:79:65:a5:0c:bf:7a:46:a3:a0:b8:f8:65:59:
6f:55:38:99:b4:29:44:9c:f5:e3:7e:e4:90:ba:b3:
ad:70:60:93:53:9c:40:58:7f:5a:20:07:48:fe:63:
37:b3:87:ab:5b:9f:2b:fe:6c:c3:98:f6:4a:68:4b:
f3:ff:48:d4:1e:88:70:c7:1b:75:57:3a:65:39:19:
00:5a:37:25:52:31:c9:8d:e6:d0:3b:8f:6e:54:f9:
07:3e:45:e1:ac:d1:8b:64:e5:96:16:37:0f:e4:31:
c3:72:b4:53:c5:b3:94:6e:fa:44:0d:cb:56:58:d3:
81:f2:f1:63:1b:45:6c:17:5e:a8:b3:23:33:c5:95:
1c:f1:69:23:15:0e:7b:e8:98:4b:6a:47:af:fc:7e:
6e:b2:66:3a:32:ab:a4:6c:ce:07:b6:6f:5c:7b:01:
9f:0a:79:9a:c0:b6:f8:a0:1e:f3:79:82:da:7e:c6:
44:0d:21:21:57:18:78:31:1d:3b:08:ac:cf:11:21:
f8:33:a3:06:3b:3c:44:42:a0:b8:f9:72:60:df:99:
73:fe:8f:86:1b:bf:0d:ac:56:04:86:78:a2:39:83:
15:d5:fd:2f:cf:db:70:12:b9:97:68:6b:34:dd:95:
e3:25:0a:18:a1:67:de:2f:60:9d:80:14:f1:c0:b5:
45:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:21:67:69:56:6A:F2:D1:B3:0A:09:23:DE:10:69:6D:FC:C6:1C:14
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/oyFnaVZq8tGzCgkj3hBpbfzGHBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:36:87:0e:67:c3:00:be:c4:fa:5d:fd:ec:0e:7e:28:4a:6a:
54:61:05:e6:dc:6b:35:0d:58:4f:69:fd:d5:84:3f:e7:5e:23:
26:4f:95:ee:76:ea:90:15:cc:87:4b:98:3f:0e:f1:54:6f:45:
ff:59:c3:56:a7:ef:7a:b9:f2:1c:72:ac:6f:37:6d:bc:3e:f3:
45:bd:21:6f:d1:25:da:5c:b7:02:ff:11:cb:7a:2f:ac:58:a1:
3b:64:e5:95:d6:32:73:3b:1b:77:46:a4:cf:1c:66:ae:cf:aa:
a7:73:83:fb:80:26:8d:65:4f:e1:ec:72:e9:97:8a:26:4b:9a:
f1:8c:2d:fa:f7:55:30:81:33:5a:f9:28:80:02:a4:6e:37:82:
2d:76:dc:d0:a8:43:56:fb:c6:41:2f:50:5e:2a:64:2c:7a:42:
59:ab:d0:da:18:1e:7f:c8:79:a5:82:23:47:70:4d:43:fd:dd:
88:b7:c6:ec:4b:fb:6d:65:49:99:0f:23:bc:5a:e6:94:f0:c3:
5d:eb:3b:eb:f1:c0:61:17:39:2d:d6:ca:65:77:4a:4d:3a:2e:
4d:de:1d:b6:65:2b:ac:80:d2:08:fc:7d:c6:61:44:b9:04:01:
2b:38:e2:be:1b:4a:6d:e9:81:85:21:ea:d2:4d:5d:d6:5d:b7:
8e:60:a8:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp++vwG7+AeYzFtEgjKzMn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEwMTIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzIxNjc2OTU2NmFmMmQxYjMwYTA5MjNkZTEwNjk2ZGZjYzYxYzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXllpQy/ekajoLj4ZVlvVTiZtClE
nPXjfuSQurOtcGCTU5xAWH9aIAdI/mM3s4erW58r/mzDmPZKaEvz/0jUHohwxxt1
VzplORkAWjclUjHJjebQO49uVPkHPkXhrNGLZOWWFjcP5DHDcrRTxbOUbvpEDctW
WNOB8vFjG0VsF16osyMzxZUc8WkjFQ576JhLakev/H5usmY6MqukbM4Htm9cewGf
CnmawLb4oB7zeYLafsZEDSEhVxh4MR07CKzPESH4M6MGOzxEQqC4+XJg35lz/o+G
G78NrFYEhniiOYMV1f0vz9twErmXaGs03ZXjJQoYoWfeL2CdgBTxwLVFfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKMhZ2lWavLRswoJI94QaW38xhwUMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvb3lGbmFWWnE4dEd6Q2drajNoQnBiZnpHSEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABU2hw5nwwC+xPpd/ewO
fihKalRhBebcazUNWE9p/dWEP+deIyZPle526pAVzIdLmD8O8VRvRf9Zw1an73q5
8hxyrG83bbw+80W9IW/RJdpctwL/Ect6L6xYoTtk5ZXWMnM7G3dGpM8cZq7Pqqdz
g/uAJo1lT+HscumXiiZLmvGMLfr3VTCBM1r5KIACpG43gi123NCoQ1b7xkEvUF4q
ZCx6Qlmr0NoYHn/IeaWCI0dwTUP93Yi3xuxL+21lSZkPI7xa5pTww13rO+vxwGEX
OS3WymV3Sk06Lk3eHbZlK6yA0gj8fcZhRLkEASs44r4bSm3pgYUh6tJNXdZdt45g
qOc=
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:39:34 2025 by rpki-client