Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rWYCna3rA_r6iqFGN6tmKoWR--Q.roa
File: rWYCna3rA_r6iqFGN6tmKoWR--Q.roa (raw, json)
Hash identifier: eBa4mbE6ROgW5T3qmLTMQx+ELhqN7rNpbl/5DtNrIi4=
Subject key identifier: AD:66:02:9D:AD:EB:03:FA:FA:8A:A1:46:37:AB:66:2A:85:91:FB:E4
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7D1880840003E0C2B1122F5DAFEAB096
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rWYCna3rA_r6iqFGN6tmKoWR--Q.roa
Signing time: Sun 10 Sep 2023 03:17:52 +0000
ROA not before: Sun 10 Sep 2023 03:17:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7d:18:80:84:00:03:e0:c2:b1:12:2f:5d:af:ea:b0:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 10 03:17:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad66029dadeb03fafa8aa14637ab662a8591fbe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:57:5e:95:ba:c1:af:dc:82:3e:dc:f9:0a:84:
8f:89:98:6a:3c:06:9d:9f:30:2f:f3:28:69:da:8d:
cf:fa:54:61:13:d8:9e:f3:4f:4e:74:f4:13:e7:48:
bf:66:d4:d5:31:60:9a:9e:24:38:ab:41:aa:9c:12:
62:58:1f:4b:da:59:da:c5:8d:e1:4c:76:67:7a:ad:
05:bd:de:28:0b:e8:f3:35:71:e4:f7:d4:3d:69:2f:
f7:73:3c:e9:61:29:15:a6:b6:3c:c5:74:65:8d:ee:
03:e8:d3:97:5a:84:0a:1c:47:3a:0e:92:9e:58:de:
2b:09:10:63:d0:d1:6d:dc:5e:fc:60:3b:67:0d:9a:
e4:e3:c7:63:09:5b:06:07:48:2d:69:32:82:a5:4f:
2d:bd:fe:2b:04:97:51:99:23:79:53:b9:fc:2b:40:
a0:2d:37:41:d2:70:f8:4d:0c:02:9f:a5:ec:72:f9:
1d:94:d1:2a:4f:45:7d:67:ae:55:60:db:de:2b:f6:
20:f4:f2:ec:fd:61:ca:5d:25:ee:b5:8f:be:71:ed:
5f:f2:43:5e:67:f1:3c:42:8e:7e:ad:e0:09:ae:b8:
4e:2e:39:9a:45:13:53:d3:e2:5c:68:a1:8a:c6:09:
eb:28:bf:74:09:f7:02:43:ed:a4:77:3c:58:9b:48:
12:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:66:02:9D:AD:EB:03:FA:FA:8A:A1:46:37:AB:66:2A:85:91:FB:E4
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rWYCna3rA_r6iqFGN6tmKoWR--Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:9c:75:64:38:8b:c9:83:ff:47:d9:7d:90:8f:68:88:95:06:
14:c1:2e:df:82:36:35:ba:bb:1a:33:ba:ed:46:21:65:b6:04:
dd:55:bf:ce:a3:ff:13:3a:e0:12:75:e2:d3:b7:95:70:aa:37:
2c:d6:82:51:94:5e:c9:fc:24:6c:83:79:6e:99:38:b5:61:ec:
84:4b:e1:a3:d8:e3:2c:7f:e4:dd:2a:4a:b6:f4:ed:60:28:67:
52:ee:86:75:4f:9d:06:13:fb:97:20:de:98:ff:0a:d9:ef:9f:
ac:98:60:1c:3a:13:9f:3e:c8:7f:9d:89:13:3d:90:80:1c:9a:
55:f1:02:c4:a5:5d:fa:74:a0:6a:43:c5:40:d1:95:b6:f8:01:
89:86:e1:44:a4:75:b9:7e:b1:5e:26:32:c6:24:17:2a:be:b6:
59:3f:ba:3d:52:b1:c9:fb:ac:d4:e7:e7:3f:8b:ec:13:fa:9a:
f6:9c:84:4d:af:fd:06:f5:3f:ed:ea:66:aa:b5:d0:0a:a1:5b:
f1:9c:cf:62:a7:d2:06:2e:06:97:8c:f1:4f:63:25:a9:75:39:
29:4b:27:f5:ec:60:7a:c8:59:d3:47:f5:89:53:59:f4:33:39:
45:52:db:f6:7b:92:87:4f:ae:dd:e6:ad:02:0a:3e:84:0b:70:
fa:98:4e:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp9GICEAAPgwrESL12v6rCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEwMDMxNzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDY2MDI5ZGFkZWIwM2ZhZmE4YWExNDYzN2FiNjYyYTg1OTFmYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1delbrBr9yCPtz5CoSPiZhqPAad
nzAv8yhp2o3P+lRhE9ie809OdPQT50i/ZtTVMWCaniQ4q0GqnBJiWB9L2lnaxY3h
THZneq0Fvd4oC+jzNXHk99Q9aS/3czzpYSkVprY8xXRlje4D6NOXWoQKHEc6DpKe
WN4rCRBj0NFt3F78YDtnDZrk48djCVsGB0gtaTKCpU8tvf4rBJdRmSN5U7n8K0Cg
LTdB0nD4TQwCn6XscvkdlNEqT0V9Z65VYNveK/Yg9PLs/WHKXSXutY++ce1f8kNe
Z/E8Qo5+reAJrrhOLjmaRRNT0+JcaKGKxgnrKL90CfcCQ+2kdzxYm0gSGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK1mAp2t6wP6+oqhRjerZiqFkfvkMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcldZQ25hM3JBX3I2aXFGR042dG1Lb1dSLS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFucdWQ4i8mD/0fZfZCP
aIiVBhTBLt+CNjW6uxozuu1GIWW2BN1Vv86j/xM64BJ14tO3lXCqNyzWglGUXsn8
JGyDeW6ZOLVh7IRL4aPY4yx/5N0qSrb07WAoZ1LuhnVPnQYT+5cg3pj/Ctnvn6yY
YBw6E58+yH+diRM9kIAcmlXxAsSlXfp0oGpDxUDRlbb4AYmG4USkdbl+sV4mMsYk
Fyq+tlk/uj1Sscn7rNTn5z+L7BP6mvachE2v/Qb1P+3qZqq10AqhW/Gcz2Kn0gYu
BpeM8U9jJal1OSlLJ/XsYHrIWdNH9YlTWfQzOUVS2/Z7kodPrt3mrQIKPoQLcPqY
ToA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:17 2025 by rpki-client