Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pgBwXp5G7LlAgT78itibJOJeUJs.roa
File: pgBwXp5G7LlAgT78itibJOJeUJs.roa (raw, json)
Hash identifier: AfI0RrcqFcVdL67gkL6ctLHXRr44QxDV9X6pOHz11RA=
Subject key identifier: A6:00:70:5E:9E:46:EC:B9:40:81:3E:FC:8A:D8:9B:24:E2:5E:50:9B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5F3FB220C787DDF0AB290C4A27670263
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pgBwXp5G7LlAgT78itibJOJeUJs.roa
Signing time: Mon 04 Sep 2023 08:12:04 +0000
ROA not before: Mon 04 Sep 2023 08:12:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:3f:b2:20:c7:87:dd:f0:ab:29:0c:4a:27:67:02:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 08:12:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a600705e9e46ecb940813efc8ad89b24e25e509b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c2:17:04:c5:74:b3:d3:1b:2a:f3:fd:73:25:
d1:6e:cd:05:65:6d:31:f1:3c:1c:91:68:d8:f5:c7:
6d:2d:4d:c2:b1:ed:5d:8a:20:32:05:20:23:c5:3a:
e5:ff:bf:03:fb:db:f6:db:b1:98:38:00:ec:a2:e7:
e2:f0:62:ea:f6:9b:ac:48:a3:39:ed:9e:43:df:9e:
fc:0e:a9:30:28:cb:97:7c:f3:b9:78:31:ed:e2:72:
82:c3:03:b6:c2:f8:e8:23:a6:5e:f0:01:df:33:7d:
ed:3f:48:1e:aa:89:17:bf:46:ba:cb:07:f7:d8:01:
41:b2:5e:06:ce:27:8c:48:0b:d9:31:82:40:5a:fd:
26:6f:ab:32:c1:75:1b:37:07:f4:ab:cc:99:94:bd:
e2:f7:9b:c2:4e:ce:2b:b1:14:2a:2a:29:fc:87:5e:
06:52:a4:1d:ec:ca:30:73:bf:a0:83:31:9b:d5:b9:
24:ea:0d:5d:42:b5:b9:01:cb:ab:48:ad:0b:ba:d1:
64:44:14:dc:50:db:91:97:5e:dd:7e:d3:ad:73:74:
b0:ab:6a:e3:d4:03:b9:74:83:aa:96:a1:28:9d:f3:
b8:fa:6e:6c:14:50:95:ce:57:a2:8c:4d:45:fb:c1:
a4:38:77:2b:a1:26:e3:04:32:f2:84:77:f4:ca:b2:
ef:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:00:70:5E:9E:46:EC:B9:40:81:3E:FC:8A:D8:9B:24:E2:5E:50:9B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pgBwXp5G7LlAgT78itibJOJeUJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
29:f4:52:4f:d7:fe:2b:84:8a:05:bd:13:b8:e4:08:f4:e5:30:
30:22:ff:17:ce:f4:1b:6a:e8:fb:b6:5f:62:3e:31:fa:c4:84:
1f:f6:b9:a2:87:c4:b1:75:56:5e:7b:77:2f:9c:56:f9:c2:8e:
67:50:a3:e3:9b:96:9a:55:5c:9a:de:dc:86:d8:97:1c:bc:78:
24:11:c2:65:dd:9c:51:3d:45:1e:db:b1:c9:78:3e:92:f4:20:
75:08:82:de:d5:93:58:c9:1a:bf:79:a2:e7:03:42:2f:50:3c:
cc:4a:7d:94:82:f7:a7:58:76:5a:68:ac:c2:f1:de:f1:0f:45:
3a:3e:cd:4e:b7:ae:2d:9b:45:8d:9f:f1:47:d3:8e:b1:b2:49:
b6:47:37:31:e8:25:dd:bf:59:0c:5f:04:88:fc:a5:e5:13:f8:
a6:1f:d1:e4:45:b2:98:49:5e:05:d1:6c:b9:7f:9d:8f:b1:7c:
5b:b5:fb:60:74:b0:3c:89:ae:6f:96:64:f0:aa:e9:2b:0e:c2:
1b:88:69:37:cd:bd:0f:d7:97:62:65:aa:bb:2b:f3:49:72:ab:
fd:bd:52:49:e7:ce:c9:86:f0:d4:f3:e1:9b:21:81:7f:31:7d:
00:14:6e:c4:6b:0b:bb:82:7d:5b:a8:62:fc:fa:77:c9:dc:a5:
6a:27:28:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpfP7Igx4fd8KspDEonZwJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MDgxMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjAwNzA1ZTllNDZlY2I5NDA4MTNlZmM4YWQ4OWIyNGUyNWU1MDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsIXBMV0s9MbKvP9cyXRbs0FZW0x
8TwckWjY9cdtLU3Cse1diiAyBSAjxTrl/78D+9v227GYOADsoufi8GLq9pusSKM5
7Z5D3578DqkwKMuXfPO5eDHt4nKCwwO2wvjoI6Ze8AHfM33tP0geqokXv0a6ywf3
2AFBsl4GzieMSAvZMYJAWv0mb6sywXUbNwf0q8yZlL3i95vCTs4rsRQqKin8h14G
UqQd7Mowc7+ggzGb1bkk6g1dQrW5AcurSK0LutFkRBTcUNuRl17dftOtc3Swq2rj
1AO5dIOqlqEonfO4+m5sFFCVzleijE1F+8GkOHcroSbjBDLyhHf0yrLvGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKYAcF6eRuy5QIE+/IrYmyTiXlCbMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcGdCd1hwNUc3TGxBZ1Q3OGl0aWJKT0plVUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACn0Uk/X/iuEigW9E7jk
CPTlMDAi/xfO9Btq6Pu2X2I+MfrEhB/2uaKHxLF1Vl57dy+cVvnCjmdQo+OblppV
XJre3IbYlxy8eCQRwmXdnFE9RR7bscl4PpL0IHUIgt7Vk1jJGr95oucDQi9QPMxK
fZSC96dYdlporMLx3vEPRTo+zU63ri2bRY2f8UfTjrGySbZHNzHoJd2/WQxfBIj8
peUT+KYf0eRFsphJXgXRbLl/nY+xfFu1+2B0sDyJrm+WZPCq6SsOwhuIaTfNvQ/X
l2Jlqrsr80lyq/29UknnzsmG8NTz4ZshgX8xfQAUbsRrC7uCfVuoYvz6d8ncpWon
KKA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:14 2025 by rpki-client