Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pSR0W15CV_7D12d_tjS5-MT68Qs.roa
File: pSR0W15CV_7D12d_tjS5-MT68Qs.roa (raw, json)
Hash identifier: q5KtWsfnzNFBEskO9GZUOyzvKBC8/3Je00mxUcFGgsM=
Subject key identifier: A5:24:74:5B:5E:42:57:FE:C3:D7:67:7F:B6:34:B9:F8:C4:FA:F1:0B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A88AA32C15B28C6B46DB2FF2831168245
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pSR0W15CV_7D12d_tjS5-MT68Qs.roa
Signing time: Tue 12 Sep 2023 09:12:50 +0000
ROA not before: Tue 12 Sep 2023 09:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:88:aa:32:c1:5b:28:c6:b4:6d:b2:ff:28:31:16:82:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 12 09:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a524745b5e4257fec3d7677fb634b9f8c4faf10b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ee:7a:8d:e0:78:77:d4:a6:4a:13:2c:89:6f:
ea:ee:e0:60:72:b8:e3:72:f7:16:fa:ca:e7:db:85:
9d:81:c9:67:ab:3b:10:d3:ca:b3:47:7e:af:53:09:
47:63:17:65:73:13:1b:8a:bc:51:0c:87:0f:04:9a:
ee:d0:72:5c:ab:dd:f2:ae:12:14:92:2b:49:14:7b:
21:d7:cf:a4:fc:c2:34:b4:07:d7:0a:65:a4:3b:28:
db:c5:75:ca:e3:50:6c:6a:26:36:08:9d:2e:3d:da:
c2:3b:86:f9:51:4e:04:6b:26:1e:96:78:15:e2:0a:
67:78:be:68:a8:dc:96:c4:bd:0b:f3:fd:1c:0b:22:
ae:84:08:c8:2e:39:69:6f:9e:fe:79:6f:4b:6b:db:
28:0a:2f:ce:68:d0:8f:99:9b:69:6d:fa:50:5c:51:
86:c9:c1:88:18:4d:a8:20:f7:a7:96:b0:0a:00:de:
99:29:da:09:c5:84:cb:c1:af:c8:4b:66:b2:12:c9:
7b:c2:a1:b6:bf:7a:cb:67:78:10:9a:25:50:c5:33:
73:5a:c9:d7:c1:9f:15:7a:15:91:33:b6:09:58:0b:
b7:af:8a:43:79:11:cc:59:b9:c3:7f:90:6c:57:c2:
5d:9a:5f:ef:ca:51:2e:06:04:1d:57:f0:02:12:08:
ea:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:24:74:5B:5E:42:57:FE:C3:D7:67:7F:B6:34:B9:F8:C4:FA:F1:0B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pSR0W15CV_7D12d_tjS5-MT68Qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:35:10:c0:d4:0b:92:06:9a:a3:3c:c3:d6:29:98:c5:9f:40:
da:61:87:b1:36:35:7e:69:fa:55:eb:84:6c:29:43:e2:67:3f:
12:24:2c:c2:9d:ef:a4:1c:1f:f7:35:ed:bd:46:42:ac:d9:5e:
84:02:d5:f5:f5:9b:9d:62:3e:6b:3c:28:14:b8:36:9c:1c:4c:
79:5d:2d:d8:16:df:b1:e4:e2:86:0c:9a:5c:24:0a:cf:c8:22:
77:02:af:e7:6c:10:f6:b5:f1:06:92:df:d3:83:94:f1:cd:7a:
89:bc:72:4c:5d:29:45:6c:09:01:a5:f9:53:42:bc:0a:20:5e:
05:ee:d8:3e:6c:e5:d1:03:25:83:8b:08:5d:b1:e6:f1:8e:ef:
6c:dc:4c:08:ff:9f:b2:dc:7f:6b:cc:cf:2c:bd:11:c8:9e:65:
94:c4:46:72:a6:ca:35:ff:3f:7c:8e:1c:38:24:b0:e7:26:bd:
fa:ac:e4:34:12:34:c8:f2:a3:16:8b:ce:9f:c5:da:47:eb:43:
7f:ac:eb:c9:ad:9b:f0:b9:02:94:bc:04:e1:cd:45:37:df:6a:
87:3c:15:c0:88:b0:e6:fe:b7:e9:22:db:eb:92:eb:b2:15:be:
f6:cc:71:cc:32:bd:59:7a:1c:3a:c8:49:fa:b7:76:66:64:1e:
19:63:83:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqIqjLBWyjGtG2y/ygxFoJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEyMDkxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTI0NzQ1YjVlNDI1N2ZlYzNkNzY3N2ZiNjM0YjlmOGM0ZmFmMTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+56jeB4d9SmShMsiW/q7uBgcrjj
cvcW+srn24WdgclnqzsQ08qzR36vUwlHYxdlcxMbirxRDIcPBJru0HJcq93yrhIU
kitJFHsh18+k/MI0tAfXCmWkOyjbxXXK41BsaiY2CJ0uPdrCO4b5UU4EayYelngV
4gpneL5oqNyWxL0L8/0cCyKuhAjILjlpb57+eW9La9soCi/OaNCPmZtpbfpQXFGG
ycGIGE2oIPenlrAKAN6ZKdoJxYTLwa/IS2ayEsl7wqG2v3rLZ3gQmiVQxTNzWsnX
wZ8VehWRM7YJWAu3r4pDeRHMWbnDf5BsV8Jdml/vylEuBgQdV/ACEgjqsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKUkdFteQlf+w9dnf7Y0ufjE+vELMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcFNSMFcxNUNWXzdEMTJkX3RqUzUtTVQ2OFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADM1EMDUC5IGmqM8w9Yp
mMWfQNphh7E2NX5p+lXrhGwpQ+JnPxIkLMKd76QcH/c17b1GQqzZXoQC1fX1m51i
Pms8KBS4NpwcTHldLdgW37Hk4oYMmlwkCs/IIncCr+dsEPa18QaS39ODlPHNeom8
ckxdKUVsCQGl+VNCvAogXgXu2D5s5dEDJYOLCF2x5vGO72zcTAj/n7Lcf2vMzyy9
EcieZZTERnKmyjX/P3yOHDgksOcmvfqs5DQSNMjyoxaLzp/F2kfrQ3+s68mtm/C5
ApS8BOHNRTffaoc8FcCIsOb+t+ki2+uS67IVvvbMccwyvVl6HDrISfq3dmZkHhlj
g0U=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:51 2025 by rpki-client