Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rZoz3uv-KsiPWFvcjEZOnTAnTag.roa
File: rZoz3uv-KsiPWFvcjEZOnTAnTag.roa (raw, json)
Hash identifier: iykfraUfBndb4bTA8/0ZxAtheLCh0ZT/exinrejOVHs=
Subject key identifier: AD:9A:33:DE:EB:FE:2A:C8:8F:58:5B:DC:8C:46:4E:9D:30:27:4D:A8
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6B743BD781B9D50BF233C7D767A2EA3F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rZoz3uv-KsiPWFvcjEZOnTAnTag.roa
Signing time: Wed 06 Sep 2023 17:04:54 +0000
ROA not before: Wed 06 Sep 2023 17:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:6b73:9d6c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6b:74:3b:d7:81:b9:d5:0b:f2:33:c7:d7:67:a2:ea:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 17:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad9a33deebfe2ac88f585bdc8c464e9d30274da8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c2:b3:4f:d9:bd:fb:95:58:09:02:9c:c5:b2:
ce:95:ad:3c:22:b8:bb:d4:0f:ea:f5:e8:f2:57:5d:
e4:72:f3:b0:1e:de:3d:88:ea:98:98:51:53:0d:cc:
1c:38:03:3f:24:d4:a6:8d:17:53:38:1d:b5:c1:67:
58:de:02:df:5d:33:e8:13:7e:58:5b:76:3d:85:46:
01:26:a8:aa:4f:eb:a9:43:41:83:39:47:54:52:70:
23:eb:12:ba:0e:a9:07:0b:c6:37:13:49:59:d2:2b:
d0:fa:da:a7:ae:ca:fb:a1:51:11:a5:dc:af:9d:c0:
26:05:c3:e4:22:f2:42:d4:96:ed:f5:68:70:9c:2c:
4f:50:f1:df:61:b3:b8:72:2f:fc:3c:0c:7f:c6:5d:
cc:6b:f0:ce:22:2d:88:3e:22:c2:df:36:fc:60:7e:
2a:45:ef:f9:71:2e:ec:09:a7:f1:24:81:d1:bd:bc:
86:cf:87:0e:e9:db:7b:fd:c9:23:70:59:0b:89:b7:
02:ee:43:c4:22:61:ad:6d:97:a6:6c:0c:6d:28:5e:
64:5e:78:34:d7:29:ba:88:7d:c9:63:b4:75:5c:51:
4e:15:f7:7b:a4:f1:cb:39:44:97:ea:27:99:9e:a8:
85:04:30:c4:ed:78:67:24:2d:61:76:3a:87:5c:24:
93:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:9A:33:DE:EB:FE:2A:C8:8F:58:5B:DC:8C:46:4E:9D:30:27:4D:A8
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rZoz3uv-KsiPWFvcjEZOnTAnTag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:15:54:eb:64:11:5c:3a:6f:72:b9:74:77:98:fb:83:20:c9:
e5:ea:ba:14:c7:e9:2c:2a:43:ac:30:f4:26:d8:85:9b:03:47:
a1:1b:51:1f:5e:79:ed:24:d5:ba:c1:37:69:4e:2e:ba:fd:38:
e8:ce:ef:24:32:7c:c2:57:30:0b:3a:7d:f5:74:5b:b7:cb:7e:
fd:82:c1:c1:ef:b6:43:24:be:df:49:3f:3e:d6:3c:10:45:85:
7d:bc:1a:1b:41:fe:1c:1e:c6:68:ef:be:38:fc:3e:4a:e1:90:
af:0c:fd:59:68:ec:75:38:54:ea:b0:f0:b9:d8:1c:1c:fc:7b:
1b:5b:fe:7f:f0:0f:dd:33:b4:09:3c:4a:99:2f:63:d4:6a:2b:
03:5a:3b:c0:6c:a6:00:d3:dc:15:c1:c4:2b:b3:ac:7a:2b:d4:
3a:64:93:ec:2e:8a:00:82:8f:43:a3:fc:13:0c:9f:aa:38:55:
4e:a7:f0:01:c9:bb:70:58:ce:d0:9b:0d:f0:74:fb:59:19:4b:
e7:30:a1:fa:b0:6b:c0:36:41:f9:ba:7f:b6:65:09:24:be:57:
4d:4a:66:ce:c1:14:45:28:d2:bd:d0:ce:8c:0f:ed:01:cb:21:
98:99:83:0a:8d:36:5e:28:f7:3e:96:9c:dd:fe:c2:70:cb:af:
9a:73:30:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYprdDvXgbnVC/Izx9dnouo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MTcwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDlhMzNkZWViZmUyYWM4OGY1ODViZGM4YzQ2NGU5ZDMwMjc0ZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMKzT9m9+5VYCQKcxbLOla08Iri7
1A/q9ejyV13kcvOwHt49iOqYmFFTDcwcOAM/JNSmjRdTOB21wWdY3gLfXTPoE35Y
W3Y9hUYBJqiqT+upQ0GDOUdUUnAj6xK6DqkHC8Y3E0lZ0ivQ+tqnrsr7oVERpdyv
ncAmBcPkIvJC1Jbt9WhwnCxPUPHfYbO4ci/8PAx/xl3Ma/DOIi2IPiLC3zb8YH4q
Re/5cS7sCafxJIHRvbyGz4cO6dt7/ckjcFkLibcC7kPEImGtbZembAxtKF5kXng0
1ym6iH3JY7R1XFFOFfd7pPHLOUSX6ieZnqiFBDDE7XhnJC1hdjqHXCSTqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK2aM97r/irIj1hb3IxGTp0wJ02oMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvclpvejN1di1Lc2lQV0Z2Y2pFWk9uVEFuVGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAEVVOtkEVw6b3K5dHeY
+4MgyeXquhTH6SwqQ6ww9CbYhZsDR6EbUR9eee0k1brBN2lOLrr9OOjO7yQyfMJX
MAs6ffV0W7fLfv2CwcHvtkMkvt9JPz7WPBBFhX28GhtB/hwexmjvvjj8PkrhkK8M
/Vlo7HU4VOqw8LnYHBz8extb/n/wD90ztAk8SpkvY9RqKwNaO8BspgDT3BXBxCuz
rHor1Dpkk+wuigCCj0Oj/BMMn6o4VU6n8AHJu3BYztCbDfB0+1kZS+cwofqwa8A2
Qfm6f7ZlCSS+V01KZs7BFEUo0r3QzowP7QHLIZiZgwqNNl4o9z6WnN3+wnDLr5pz
MCg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:53 2025 by rpki-client