Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/phHqKxxxQG1ivlEH-BRCFH_VcWQ.roa
File: phHqKxxxQG1ivlEH-BRCFH_VcWQ.roa (raw, json)
Hash identifier: CoADVt/8YkUs7UDDk4PmtmHiLwESxZ4lCsB4blcu2n8=
Subject key identifier: A6:11:EA:2B:1C:71:40:6D:62:BE:51:07:F8:14:42:14:7F:D5:71:64
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4F3010963895DFAABF2F389BDC4A7D95
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/phHqKxxxQG1ivlEH-BRCFH_VcWQ.roa
Signing time: Fri 01 Sep 2023 05:21:04 +0000
ROA not before: Fri 01 Sep 2023 05:21:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:30:10:96:38:95:df:aa:bf:2f:38:9b:dc:4a:7d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 05:21:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a611ea2b1c71406d62be5107f81442147fd57164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:65:14:26:bf:71:67:98:63:e3:21:b0:d8:cb:
f7:85:c6:13:52:7a:b9:89:98:44:4d:d7:f5:61:74:
ac:e0:19:59:46:06:6c:e5:09:9c:2f:5f:a7:ae:5c:
f3:57:3b:62:ad:a1:52:ff:17:69:c1:2e:13:0b:bc:
12:4b:f4:c5:ba:cf:50:a9:19:61:f4:1e:2f:de:9a:
a3:55:3e:71:24:9f:cf:85:6c:d0:60:16:83:cd:fc:
26:6f:60:e6:6a:9b:fd:3a:de:13:85:6a:4d:49:8b:
ff:0d:55:a3:5f:97:8b:ef:d8:0d:f8:74:98:2c:6d:
6d:79:f8:50:76:44:15:4b:d4:c7:b9:04:38:96:fd:
f5:60:0d:26:92:50:ac:22:a6:d1:7a:39:b7:37:31:
fc:95:a9:37:ce:e5:9a:09:52:b6:9c:2a:7f:5c:0e:
2d:52:b4:8f:37:f2:25:e7:f4:47:d2:0c:ae:85:79:
3b:94:e2:34:df:f7:9c:2e:00:1e:e4:f6:1b:e3:b5:
57:56:86:8c:8e:a5:f0:81:0e:d5:82:18:96:2a:da:
31:47:af:43:d0:b4:b9:67:8d:26:7a:15:6c:53:4b:
81:e6:50:2e:cf:98:b2:5d:bc:80:d5:f1:d5:4d:98:
19:25:c4:81:82:eb:46:0e:04:6c:62:84:6e:04:d8:
0c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:11:EA:2B:1C:71:40:6D:62:BE:51:07:F8:14:42:14:7F:D5:71:64
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/phHqKxxxQG1ivlEH-BRCFH_VcWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:07:34:d6:de:db:f0:be:94:e2:43:a8:a8:08:98:2c:ee:06:
b5:48:69:28:12:90:08:f7:a8:75:27:39:ed:0a:ba:71:dc:36:
c2:f0:25:ee:c5:f3:d7:45:22:b1:62:43:8b:38:6d:50:46:9f:
68:99:61:ba:52:2b:91:61:10:bb:d6:ee:39:d8:3a:cf:11:44:
7b:e7:b8:65:33:48:d3:8a:f2:87:5a:ff:2e:0b:cc:90:60:1e:
db:1c:b0:bd:67:d2:fc:50:0b:da:f0:e4:5e:2d:95:00:a7:51:
39:54:e6:1c:cf:15:50:10:a4:58:a6:b2:88:3e:1d:c5:f6:1e:
1f:9b:fc:db:7f:01:55:df:55:fd:1b:1a:7e:3b:d0:b9:b3:b9:
a7:86:86:b2:f0:15:2c:89:21:fc:07:68:c3:4a:b3:8b:68:e0:
07:d5:16:d0:90:6b:92:7f:65:4f:f1:05:68:5d:3d:37:78:f6:
c9:91:e8:5e:7c:a2:86:a8:d8:7b:c5:8d:52:60:8b:0e:86:63:
9e:01:90:0e:b6:e2:d9:90:82:f4:35:84:ea:b5:71:6a:89:74:
e9:08:33:b3:68:21:e7:b3:56:4b:84:84:e7:2d:11:98:8f:e8:
6a:91:cb:c0:e1:ad:b3:e0:a2:34:e8:d3:bb:4f:23:ad:e5:a9:
eb:af:f6:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpPMBCWOJXfqr8vOJvcSn2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMDUyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjExZWEyYjFjNzE0MDZkNjJiZTUxMDdmODE0NDIxNDdmZDU3MTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGUUJr9xZ5hj4yGw2Mv3hcYTUnq5
iZhETdf1YXSs4BlZRgZs5QmcL1+nrlzzVztiraFS/xdpwS4TC7wSS/TFus9QqRlh
9B4v3pqjVT5xJJ/PhWzQYBaDzfwmb2Dmapv9Ot4ThWpNSYv/DVWjX5eL79gN+HSY
LG1tefhQdkQVS9THuQQ4lv31YA0mklCsIqbRejm3NzH8lak3zuWaCVK2nCp/XA4t
UrSPN/Il5/RH0gyuhXk7lOI03/ecLgAe5PYb47VXVoaMjqXwgQ7VghiWKtoxR69D
0LS5Z40mehVsU0uB5lAuz5iyXbyA1fHVTZgZJcSBgutGDgRsYoRuBNgM+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKYR6isccUBtYr5RB/gUQhR/1XFkMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcGhIcUt4eHhRRzFpdmxFSC1CUkNGSF9WY1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABAHNNbe2/C+lOJDqKgI
mCzuBrVIaSgSkAj3qHUnOe0KunHcNsLwJe7F89dFIrFiQ4s4bVBGn2iZYbpSK5Fh
ELvW7jnYOs8RRHvnuGUzSNOK8oda/y4LzJBgHtscsL1n0vxQC9rw5F4tlQCnUTlU
5hzPFVAQpFimsog+HcX2Hh+b/Nt/AVXfVf0bGn470LmzuaeGhrLwFSyJIfwHaMNK
s4to4AfVFtCQa5J/ZU/xBWhdPTd49smR6F58ooao2HvFjVJgiw6GY54BkA624tmQ
gvQ1hOq1cWqJdOkIM7NoIeezVkuEhOctEZiP6GqRy8DhrbPgojTo07tPI63lqeuv
9rg=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:15:24 2025 by rpki-client