Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/r7cgFtyCxSP3bXV_fQ_uIwBvJcI.roa
File: r7cgFtyCxSP3bXV_fQ_uIwBvJcI.roa (raw, json)
Hash identifier: hhIQgqtXhrf84TfkxnTsAO8yhVMunY8BMHIqeunAOwI=
Subject key identifier: AF:B7:20:16:DC:82:C5:23:F7:6D:75:7F:7D:0F:EE:23:00:6F:25:C2
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A55682A254C36FAFDAF8CB32C0EB120E9
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/r7cgFtyCxSP3bXV_fQ_uIwBvJcI.roa
Signing time: Sat 02 Sep 2023 10:20:04 +0000
ROA not before: Sat 02 Sep 2023 10:20:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:55:68:2a:25:4c:36:fa:fd:af:8c:b3:2c:0e:b1:20:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 10:20:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afb72016dc82c523f76d757f7d0fee23006f25c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:dd:6f:68:b9:d5:a3:7e:1d:99:75:36:fe:91:
fe:da:47:a1:6b:96:21:b7:57:b7:13:a5:bc:9b:95:
59:ac:88:44:7b:b5:46:1b:d8:af:d4:db:aa:e0:01:
6c:4f:ae:60:92:e7:a1:9e:43:16:ea:2b:15:4a:75:
48:43:0b:13:0f:62:93:4b:b1:0a:9e:a9:d1:97:59:
b0:c8:1f:55:c8:25:60:d1:70:73:c7:9f:ea:ff:1e:
ad:32:11:af:75:ef:73:72:6e:ed:25:c4:e3:4e:92:
f3:30:f1:9f:ad:10:ec:b6:e8:a9:91:60:8f:23:5e:
79:26:17:4d:3e:32:d9:4b:8a:2b:4a:a5:0c:fa:14:
a1:30:a7:88:b0:22:8c:94:7c:fc:ed:90:4a:49:d2:
70:f5:97:29:0c:00:b5:7c:bd:ff:ea:eb:87:a7:3d:
e7:a5:50:5c:b7:0b:f1:9e:d7:91:fd:1d:a4:3c:e6:
18:64:df:63:a8:68:72:1d:46:5e:08:81:22:c8:a1:
e5:17:6a:06:e8:71:7e:f3:c6:23:ae:45:fe:87:3b:
db:e0:30:c9:43:ba:57:dc:d6:c1:1a:86:82:77:d8:
00:d6:ed:a8:e6:8a:db:c3:a5:6c:d8:5f:4c:17:ba:
00:f5:b4:b4:ef:e0:1c:d7:26:6e:e3:14:7c:6e:65:
c1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B7:20:16:DC:82:C5:23:F7:6D:75:7F:7D:0F:EE:23:00:6F:25:C2
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/r7cgFtyCxSP3bXV_fQ_uIwBvJcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:a0:4b:79:40:a3:61:1a:cf:8f:62:54:d2:e2:8b:22:a6:79:
62:7a:a5:c3:b5:6d:80:36:7e:2f:69:35:88:3a:f7:9c:fe:91:
6f:c2:a2:78:59:cf:9a:5a:c0:ac:07:96:d2:3f:e4:1e:53:99:
34:2c:1e:25:e6:8d:c7:81:35:c2:b1:c9:55:2f:a1:a1:fa:f1:
05:d8:98:15:4b:09:d9:3f:35:34:0f:f7:69:6f:28:e1:66:87:
10:cc:5e:d9:f1:41:14:f4:b4:c2:3b:8e:3f:cd:eb:f7:ee:0a:
f5:49:47:a3:cf:d7:12:f8:9e:ee:fa:b2:cf:43:e7:73:08:f7:
24:17:73:53:1d:fa:f0:44:fc:3b:3b:29:45:9d:33:56:43:c4:
19:00:2a:4e:16:9f:ae:bf:98:0c:aa:10:23:d5:e1:62:9f:eb:
eb:de:a5:6b:18:fd:9d:d6:4f:9d:cd:23:b2:e2:fb:54:5b:94:
28:20:9e:14:49:60:7a:3f:39:4e:b6:26:76:4b:92:b2:71:3e:
5b:9f:60:66:8e:23:c7:5e:08:f1:65:e6:7c:cd:7c:d2:a5:92:
04:0a:3b:2d:0f:1c:eb:f7:a7:e9:b8:7b:2c:35:4d:42:40:c7:
5b:f7:ab:44:8c:18:94:ab:9b:0d:1c:c6:a5:73:12:c9:ba:eb:
10:b5:c6:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpVaColTDb6/a+MsywOsSDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMTAyMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmI3MjAxNmRjODJjNTIzZjc2ZDc1N2Y3ZDBmZWUyMzAwNmYyNWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu91vaLnVo34dmXU2/pH+2keha5Yh
t1e3E6W8m5VZrIhEe7VGG9iv1Nuq4AFsT65gkuehnkMW6isVSnVIQwsTD2KTS7EK
nqnRl1mwyB9VyCVg0XBzx5/q/x6tMhGvde9zcm7tJcTjTpLzMPGfrRDstuipkWCP
I155JhdNPjLZS4orSqUM+hShMKeIsCKMlHz87ZBKSdJw9ZcpDAC1fL3/6uuHpz3n
pVBctwvxnteR/R2kPOYYZN9jqGhyHUZeCIEiyKHlF2oG6HF+88YjrkX+hzvb4DDJ
Q7pX3NbBGoaCd9gA1u2o5orbw6Vs2F9MF7oA9bS07+Ac1yZu4xR8bmXB+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK+3IBbcgsUj9211f30P7iMAbyXCMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcjdjZ0Z0eUN4U1AzYlhWX2ZRX3VJd0J2SmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAKgS3lAo2Eaz49iVNLi
iyKmeWJ6pcO1bYA2fi9pNYg695z+kW/ConhZz5pawKwHltI/5B5TmTQsHiXmjceB
NcKxyVUvoaH68QXYmBVLCdk/NTQP92lvKOFmhxDMXtnxQRT0tMI7jj/N6/fuCvVJ
R6PP1xL4nu76ss9D53MI9yQXc1Md+vBE/Ds7KUWdM1ZDxBkAKk4Wn66/mAyqECPV
4WKf6+vepWsY/Z3WT53NI7Li+1RblCggnhRJYHo/OU62JnZLkrJxPlufYGaOI8de
CPFl5nzNfNKlkgQKOy0PHOv3p+m4eyw1TUJAx1v3q0SMGJSrmw0cxqVzEsm66xC1
xsw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:43 2025 by rpki-client