Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rac4246fZ3RBg2z8TM4xoORaAas.roa
File: rac4246fZ3RBg2z8TM4xoORaAas.roa (raw, json)
Hash identifier: 0hvLB8RqDZCuLbqQMtme26ea9z3miGh7Pq6CWjsJwJM=
Subject key identifier: AD:A7:38:DB:8E:9F:67:74:41:83:6C:FC:4C:CE:31:A0:E4:5A:01:AB
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4A07DF824BF8B5AF551DE3CFE8EA3B43
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rac4246fZ3RBg2z8TM4xoORaAas.roa
Signing time: Thu 31 Aug 2023 05:19:04 +0000
ROA not before: Thu 31 Aug 2023 05:19:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:07:df:82:4b:f8:b5:af:55:1d:e3:cf:e8:ea:3b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 05:19:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ada738db8e9f677441836cfc4cce31a0e45a01ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fb:8e:a8:9e:2d:89:52:09:c9:bd:2b:12:fe:
59:39:50:cb:aa:59:05:00:b1:32:60:c5:10:0e:0d:
f3:7a:bc:58:3d:87:57:9b:f6:cd:27:f1:7c:f1:dc:
a1:c1:f3:1a:0b:d1:42:01:d0:eb:0f:e2:c2:49:0e:
45:4e:ff:a6:bf:45:5e:9c:4d:36:e8:60:87:85:46:
17:cb:d3:aa:5a:b7:3d:d5:ef:89:d7:16:6f:59:ed:
d9:f2:c8:fe:0d:c9:7f:b7:22:14:23:f3:c6:69:e3:
dd:c6:42:f8:fb:b4:09:2a:26:ff:4e:aa:d9:e6:c3:
4b:f4:aa:e4:e1:9a:b4:b4:21:26:f5:20:4a:92:30:
f8:c0:ac:7d:15:03:c1:d4:1a:d7:d6:d0:50:3d:bf:
3f:7d:bc:0e:87:df:3a:a0:f9:fa:89:65:24:dc:b0:
51:94:81:37:bd:9d:d4:3e:88:19:94:0b:6c:2f:b0:
61:81:63:51:6e:c4:8e:1f:d1:16:e4:bf:d8:33:53:
c8:2f:b3:ea:d9:fc:17:ef:32:ee:7c:d4:44:c4:36:
83:75:97:e6:de:b5:51:47:43:b1:9b:d0:ba:66:00:
80:e6:11:40:3c:b8:33:7d:b8:3c:58:68:1b:e8:0f:
a1:59:1b:4f:b4:40:83:f4:e3:7a:ca:e9:3b:b5:c2:
4e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A7:38:DB:8E:9F:67:74:41:83:6C:FC:4C:CE:31:A0:E4:5A:01:AB
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rac4246fZ3RBg2z8TM4xoORaAas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:e3:af:6b:44:6e:27:a8:53:19:c2:c8:06:13:09:f9:e0:c4:
d0:a2:4c:18:1c:b6:57:21:86:62:13:c2:be:b0:39:1a:90:e4:
b6:f9:a6:10:b3:94:f4:4e:4c:1b:40:15:f8:a1:58:15:14:a3:
53:ff:49:0f:55:c1:74:78:cf:c3:39:3a:a4:fd:f6:7c:b8:54:
32:cd:d7:53:3f:8f:f9:02:bf:dd:72:34:aa:a7:ab:7f:a6:3f:
cb:4b:ed:39:db:7a:68:43:d1:08:1d:eb:72:fa:94:d9:a5:33:
eb:4f:7f:5f:ee:b0:a1:cd:85:10:07:67:28:2e:a2:d4:ab:74:
0f:ed:1c:20:7a:3a:aa:20:f1:27:3e:7a:73:c0:e6:3f:a3:0e:
6f:99:6e:b6:23:35:2e:a0:90:dd:e2:94:f2:d3:86:c5:a6:de:
da:7b:1f:89:00:ae:c5:01:91:6b:0d:b5:cb:ec:99:35:6a:10:
49:cd:b8:0e:98:c8:5c:8f:5e:bb:ec:8d:4b:bd:c9:55:2e:ef:
c7:a8:00:12:f5:57:30:ce:84:59:52:d6:9f:9c:86:77:26:63:
09:c3:e3:24:5a:70:7a:06:42:1e:a4:d7:19:16:e3:c3:fa:27:
68:08:4d:be:ae:11:49:8b:da:5c:bb:9d:05:90:a9:08:84:71:
8c:66:55:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpKB9+CS/i1r1Ud48/o6jtDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMDUxOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGE3MzhkYjhlOWY2Nzc0NDE4MzZjZmM0Y2NlMzFhMGU0NWEwMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/uOqJ4tiVIJyb0rEv5ZOVDLqlkF
ALEyYMUQDg3zerxYPYdXm/bNJ/F88dyhwfMaC9FCAdDrD+LCSQ5FTv+mv0VenE02
6GCHhUYXy9OqWrc91e+J1xZvWe3Z8sj+Dcl/tyIUI/PGaePdxkL4+7QJKib/TqrZ
5sNL9Krk4Zq0tCEm9SBKkjD4wKx9FQPB1BrX1tBQPb8/fbwOh986oPn6iWUk3LBR
lIE3vZ3UPogZlAtsL7BhgWNRbsSOH9EW5L/YM1PIL7Pq2fwX7zLufNRExDaDdZfm
3rVRR0Oxm9C6ZgCA5hFAPLgzfbg8WGgb6A+hWRtPtECD9ON6yuk7tcJOHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK2nONuOn2d0QYNs/EzOMaDkWgGrMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcmFjNDI0NmZaM1JCZzJ6OFRNNHhvT1JhQWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACfjr2tEbieoUxnCyAYT
CfngxNCiTBgctlchhmITwr6wORqQ5Lb5phCzlPROTBtAFfihWBUUo1P/SQ9VwXR4
z8M5OqT99ny4VDLN11M/j/kCv91yNKqnq3+mP8tL7TnbemhD0Qgd63L6lNmlM+tP
f1/usKHNhRAHZyguotSrdA/tHCB6Oqog8Sc+enPA5j+jDm+ZbrYjNS6gkN3ilPLT
hsWm3tp7H4kArsUBkWsNtcvsmTVqEEnNuA6YyFyPXrvsjUu9yVUu78eoABL1VzDO
hFlS1p+chncmYwnD4yRacHoGQh6k1xkW48P6J2gITb6uEUmL2ly7nQWQqQiEcYxm
VVE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:36 2025 by rpki-client