Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rB6pzyPo0IcBrB_t1HQIIUEYsBo.roa
File: rB6pzyPo0IcBrB_t1HQIIUEYsBo.roa (raw, json)
Hash identifier: LZ/dwr7ajjLux5TAAuj226xJFygEyKHk9lxL0B6LJkM=
Subject key identifier: AC:1E:A9:CF:23:E8:D0:87:01:AC:1F:ED:D4:74:08:21:41:18:B0:1A
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9C67E955E51531538E87FFFBFB6A536E
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rB6pzyPo0IcBrB_t1HQIIUEYsBo.roa
Signing time: Sat 16 Sep 2023 05:12:50 +0000
ROA not before: Sat 16 Sep 2023 05:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9c:67:e9:55:e5:15:31:53:8e:87:ff:fb:fb:6a:53:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 16 05:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac1ea9cf23e8d08701ac1fedd47408214118b01a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:00:76:66:84:41:4d:97:67:5e:09:7d:23:dc:
e2:53:68:78:64:03:be:f4:49:df:9d:22:62:a2:61:
9a:13:ae:e6:ac:b9:a8:ff:4d:40:fd:88:33:08:f8:
72:89:e4:65:25:f6:99:8d:d3:7f:d0:9c:7d:6c:79:
a4:f7:b3:89:1d:82:33:52:6e:83:36:44:6c:c4:56:
43:c3:97:90:56:cd:49:aa:5f:c5:60:a0:dd:00:83:
38:c2:74:fe:e7:c5:75:ac:e2:7d:26:df:d8:6d:30:
f0:18:aa:9c:27:85:bc:5c:4a:17:bd:07:bf:d5:84:
d4:8d:41:c6:ab:03:4a:8f:ae:55:28:c7:c8:83:a3:
19:c4:3c:e6:20:ca:e4:90:75:3f:1d:29:d8:37:10:
b4:94:13:02:97:c6:47:5c:53:72:a3:a4:8f:06:bf:
98:07:51:5e:34:ef:a2:66:07:81:d1:35:1c:ee:c2:
63:2b:a1:00:c6:10:3d:13:67:84:cb:ef:1e:0a:e4:
fc:68:35:7c:12:d3:a9:53:cc:85:d1:e8:9a:eb:84:
37:a6:f6:bc:b8:b6:c6:fb:d9:bd:c2:6f:db:25:14:
78:d0:04:84:6a:d6:2d:f9:92:fc:40:7d:b2:eb:a9:
b0:69:b4:d4:7f:6e:91:d8:99:cc:bb:e7:da:b3:69:
e8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:1E:A9:CF:23:E8:D0:87:01:AC:1F:ED:D4:74:08:21:41:18:B0:1A
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rB6pzyPo0IcBrB_t1HQIIUEYsBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:cf:e6:85:e3:23:11:c1:52:55:2b:35:9f:a8:e5:3b:48:b4:
ce:cf:05:d1:d6:f2:6c:05:0b:c3:ad:4d:0b:f8:aa:a7:7c:aa:
59:d4:ea:4a:a0:38:0f:d9:b9:d6:25:1c:93:10:65:31:5a:b8:
a4:9a:21:0b:a3:55:a5:90:1b:14:86:b1:4f:bd:4e:92:81:27:
cd:88:7d:b6:cd:a8:51:e9:cb:2e:af:e4:4a:a5:06:5d:1c:8f:
4a:af:fe:21:a8:fc:52:45:9b:a6:46:c5:76:24:cf:61:19:a9:
fe:0b:92:6b:9b:e2:15:08:e4:6d:d2:63:4a:02:80:5f:95:7d:
c0:1b:e8:85:40:6b:f0:52:76:7a:a9:1a:16:64:16:b6:c2:8f:
02:19:33:6f:4e:6a:2d:4a:ae:47:4f:64:ad:a6:36:66:5a:05:
b2:10:5a:80:fb:13:59:37:0d:6c:49:7e:81:4e:2d:d8:99:b4:
d3:11:7c:ac:43:0f:5c:29:56:10:f5:3c:be:19:d0:e4:c6:ec:
76:e1:b7:b3:b5:03:06:1d:94:bb:47:06:71:d5:71:6d:c0:46:
da:af:21:ac:bd:b4:36:c4:29:df:87:73:59:2c:83:8c:35:fd:
08:a2:23:95:91:b4:e7:42:8c:05:44:cc:42:f7:c8:c0:64:d9:
ee:42:7a:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqcZ+lV5RUxU46H//v7alNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE2MDUxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzFlYTljZjIzZThkMDg3MDFhYzFmZWRkNDc0MDgyMTQxMThiMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgB2ZoRBTZdnXgl9I9ziU2h4ZAO+
9EnfnSJiomGaE67mrLmo/01A/YgzCPhyieRlJfaZjdN/0Jx9bHmk97OJHYIzUm6D
NkRsxFZDw5eQVs1Jql/FYKDdAIM4wnT+58V1rOJ9Jt/YbTDwGKqcJ4W8XEoXvQe/
1YTUjUHGqwNKj65VKMfIg6MZxDzmIMrkkHU/HSnYNxC0lBMCl8ZHXFNyo6SPBr+Y
B1FeNO+iZgeB0TUc7sJjK6EAxhA9E2eEy+8eCuT8aDV8EtOpU8yF0eia64Q3pva8
uLbG+9m9wm/bJRR40ASEatYt+ZL8QH2y66mwabTUf26R2JnMu+fas2nobQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKweqc8j6NCHAawf7dR0CCFBGLAaMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvckI2cHp5UG8wSWNCckJfdDFIUUlJVUVZc0JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE7P5oXjIxHBUlUrNZ+o
5TtItM7PBdHW8mwFC8OtTQv4qqd8qlnU6kqgOA/ZudYlHJMQZTFauKSaIQujVaWQ
GxSGsU+9TpKBJ82IfbbNqFHpyy6v5EqlBl0cj0qv/iGo/FJFm6ZGxXYkz2EZqf4L
kmub4hUI5G3SY0oCgF+VfcAb6IVAa/BSdnqpGhZkFrbCjwIZM29Oai1KrkdPZK2m
NmZaBbIQWoD7E1k3DWxJfoFOLdiZtNMRfKxDD1wpVhD1PL4Z0OTG7Hbht7O1AwYd
lLtHBnHVcW3ARtqvIay9tDbEKd+Hc1ksg4w1/QiiI5WRtOdCjAVEzEL3yMBk2e5C
eo8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:00 2025 by rpki-client