Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rj0NxWgfBHMGVwLFAqCQHJj_f4I.roa
File: rj0NxWgfBHMGVwLFAqCQHJj_f4I.roa (raw, json)
Hash identifier: QWlJ2a75tyWBH9pmDrahJVdvG26170/kUHbjdKexm5I=
Subject key identifier: AE:3D:0D:C5:68:1F:04:73:06:57:02:C5:02:A0:90:1C:98:FF:7F:82
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A511BB35F07A7830DF69E401D20AF8EB9
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rj0NxWgfBHMGVwLFAqCQHJj_f4I.roa
Signing time: Fri 01 Sep 2023 14:18:04 +0000
ROA not before: Fri 01 Sep 2023 14:18:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:51:1b:b3:5f:07:a7:83:0d:f6:9e:40:1d:20:af:8e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 14:18:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae3d0dc5681f0473065702c502a0901c98ff7f82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ad:c9:1d:95:93:7a:2a:64:85:7b:61:79:bf:
0d:32:c2:a9:a0:47:e5:1b:9e:e6:1c:66:4a:a5:27:
0e:da:d2:f1:c3:d8:28:b7:c7:d3:3e:ff:0d:5a:0c:
4b:c1:e0:87:37:c3:cc:12:1b:f0:25:d5:59:15:9e:
f2:0f:bc:1a:f5:c6:25:48:1e:39:10:75:60:19:97:
e0:13:ab:e7:f4:08:a0:29:17:a5:b0:6e:bb:ab:ef:
32:72:d1:69:02:3e:a3:4f:ed:38:44:d1:a9:8a:3f:
d7:21:58:4d:96:f2:91:cb:c3:e8:d8:3e:e0:10:c8:
62:10:a9:7f:ce:66:a8:70:8f:35:17:1a:64:4e:80:
81:7d:e8:c3:95:34:a4:02:e0:ef:03:63:6a:42:74:
fc:40:f0:fa:85:3a:05:92:48:c7:c3:60:b8:ab:ab:
1f:69:16:c5:59:4e:ce:b5:f9:ea:15:c5:e4:8a:ea:
37:90:55:e0:99:e7:48:63:81:d1:7e:3d:78:56:ff:
81:7a:7c:ce:bc:ca:a5:26:c9:59:40:20:1e:c1:3a:
9b:1b:d2:b3:f7:ee:c5:1a:22:58:84:a6:0d:be:44:
9f:36:a9:db:ef:fb:1a:55:dc:ab:25:3f:55:4a:9e:
08:79:f6:a6:29:8e:b1:7f:ec:eb:06:2e:8e:15:70:
dd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:3D:0D:C5:68:1F:04:73:06:57:02:C5:02:A0:90:1C:98:FF:7F:82
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rj0NxWgfBHMGVwLFAqCQHJj_f4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:a2:e6:86:ca:25:96:e2:62:95:37:60:58:ed:1d:eb:b6:ed:
75:2f:c0:2e:c9:a6:05:b1:a8:b8:54:57:f4:bc:26:a4:8a:26:
1a:5b:5c:eb:6a:e7:d8:84:fe:bc:b0:99:f1:02:30:83:29:84:
57:67:ea:3c:6c:96:e8:5c:b6:3d:59:89:2c:4e:67:75:c1:b8:
40:90:cb:41:26:b3:35:e1:a4:11:bc:60:38:86:df:d9:2e:1a:
20:a5:55:3f:cb:c0:0b:f6:ac:83:c8:95:0b:c6:4b:9b:c4:c2:
ef:ea:78:74:17:1b:89:e2:ad:8c:d1:6c:96:fe:d9:05:da:a5:
a0:d0:a0:04:30:78:ff:66:82:b1:b3:64:a4:f3:43:6c:63:69:
22:c3:91:e8:7c:0f:ec:97:90:6d:d0:fa:02:32:a3:12:c6:aa:
2b:a4:d6:85:03:16:9c:1c:05:6e:a5:08:43:2f:d4:07:a2:fa:
fa:fd:f9:a6:8b:1c:9a:29:93:95:16:10:e6:30:e2:80:04:cf:
b7:b5:0f:b8:e2:1f:6d:5a:14:94:3c:ae:6b:6f:c2:04:8e:25:
ce:af:e2:82:70:5e:b9:5e:ed:09:b1:fc:05:8f:bc:de:6a:c9:
b6:3e:39:1d:0f:bb:1f:2f:b3:f7:15:62:e5:a2:e5:a4:97:c1:
22:9a:c8:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpRG7NfB6eDDfaeQB0gr465MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMTQxODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTNkMGRjNTY4MWYwNDczMDY1NzAyYzUwMmEwOTAxYzk4ZmY3ZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj63JHZWTeipkhXtheb8NMsKpoEfl
G57mHGZKpScO2tLxw9got8fTPv8NWgxLweCHN8PMEhvwJdVZFZ7yD7wa9cYlSB45
EHVgGZfgE6vn9AigKRelsG67q+8yctFpAj6jT+04RNGpij/XIVhNlvKRy8Po2D7g
EMhiEKl/zmaocI81FxpkToCBfejDlTSkAuDvA2NqQnT8QPD6hToFkkjHw2C4q6sf
aRbFWU7OtfnqFcXkiuo3kFXgmedIY4HRfj14Vv+BenzOvMqlJslZQCAewTqbG9Kz
9+7FGiJYhKYNvkSfNqnb7/saVdyrJT9VSp4IefamKY6xf+zrBi6OFXDd2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK49DcVoHwRzBlcCxQKgkByY/3+CMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcmowTnhXZ2ZCSE1HVndMRkFxQ1FISmpfZjRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACSi5obKJZbiYpU3YFjt
Heu27XUvwC7JpgWxqLhUV/S8JqSKJhpbXOtq59iE/rywmfECMIMphFdn6jxsluhc
tj1ZiSxOZ3XBuECQy0EmszXhpBG8YDiG39kuGiClVT/LwAv2rIPIlQvGS5vEwu/q
eHQXG4nirYzRbJb+2QXapaDQoAQweP9mgrGzZKTzQ2xjaSLDkeh8D+yXkG3Q+gIy
oxLGqiuk1oUDFpwcBW6lCEMv1Aei+vr9+aaLHJopk5UWEOYw4oAEz7e1D7jiH21a
FJQ8rmtvwgSOJc6v4oJwXrle7Qmx/AWPvN5qybY+OR0Pux8vs/cVYuWi5aSXwSKa
yDA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:17 2025 by rpki-client