Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rrsWabMMp8KRGdU6WNe78VP_QJs.roa
File: rrsWabMMp8KRGdU6WNe78VP_QJs.roa (raw, json)
Hash identifier: UbSE9InTKmn7sglxwW2CExZWCvJX9u8hKox9c380Wr0=
Subject key identifier: AE:BB:16:69:B3:0C:A7:C2:91:19:D5:3A:58:D7:BB:F1:53:FF:40:9B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A67D3CACCFF830AE61D905D988467CF31
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rrsWabMMp8KRGdU6WNe78VP_QJs.roa
Signing time: Wed 06 Sep 2023 00:10:47 +0000
ROA not before: Wed 06 Sep 2023 00:10:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:67:d3:ca:cc:ff:83:0a:e6:1d:90:5d:98:84:67:cf:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 00:10:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aebb1669b30ca7c29119d53a58d7bbf153ff409b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:e3:9e:45:73:f1:a4:be:22:50:71:83:3f:
ae:24:1a:d4:14:98:ac:73:f6:8a:e7:5e:44:a1:ad:
3d:38:2c:5d:1e:ce:50:e4:cb:58:09:67:7e:56:f4:
db:55:a6:d9:cb:30:0e:e5:6b:1b:2f:47:9e:96:fc:
bc:c6:22:55:83:6a:9f:0f:fa:fa:f8:a5:95:35:ae:
f9:f5:7c:bb:13:c1:b1:db:ee:e9:d5:1a:77:50:83:
c5:b3:16:45:ea:fe:6c:3b:79:88:52:11:ad:13:65:
ea:80:58:c5:24:62:b0:9d:a9:b7:cf:fa:49:d1:f6:
b2:07:66:6e:32:aa:76:57:2a:5e:8f:c1:b8:d0:f5:
8b:72:e8:18:0f:79:c5:eb:63:b0:27:c1:1a:0c:5e:
3f:b8:c2:df:27:06:7b:ff:3f:af:83:72:35:95:2d:
f9:9a:f4:f2:d8:a7:1c:1d:d0:c8:c2:99:d7:f9:ab:
df:a7:af:22:ac:65:9f:d6:69:f1:37:f1:ba:e9:5a:
90:07:e0:09:ab:8f:6e:f3:d4:8d:1c:81:28:ac:bb:
a2:20:15:5f:9e:a0:32:c4:9d:ea:3c:cb:7a:b0:33:
09:2d:10:74:60:5b:f1:f9:ad:1e:c4:35:6d:89:13:
d1:fb:c3:4e:1d:c8:b0:c6:bd:f7:33:85:75:70:e3:
9a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BB:16:69:B3:0C:A7:C2:91:19:D5:3A:58:D7:BB:F1:53:FF:40:9B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rrsWabMMp8KRGdU6WNe78VP_QJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3c:7f:89:5c:61:44:e2:e5:06:71:2b:cb:34:e3:d3:bd:03:65:
bd:32:78:1a:f8:9e:92:7c:58:d3:03:e4:62:75:d9:9a:e1:15:
fc:6c:c1:b2:31:0e:88:9b:c9:15:7e:b9:75:21:09:30:69:30:
fa:37:35:c8:67:85:2d:5a:9d:2e:81:56:ad:66:7c:e8:04:d9:
92:3c:47:7d:65:68:1e:37:ad:eb:1d:0e:e5:57:c2:30:dd:1e:
7b:f8:2c:be:90:ef:e7:cb:b8:45:14:d9:40:00:89:42:04:83:
c8:80:dd:d7:34:9c:09:e3:e0:d5:8d:b8:97:69:34:5f:e5:85:
5a:c6:a9:37:89:1b:13:2a:15:1e:62:ed:f2:b6:4c:45:83:b1:
d4:df:1a:88:b8:65:fa:ef:57:28:21:5a:2e:ec:d8:65:f0:01:
3c:bd:81:a5:b6:bc:a2:26:63:13:60:a8:67:ea:f9:be:72:2b:
58:6e:28:0a:44:a9:a5:39:1f:86:8f:1a:7d:f9:f1:36:a9:6c:
09:8f:b6:8d:32:04:51:86:4b:17:09:b8:41:ad:7e:53:bb:c8:
f6:d4:39:cf:5f:97:14:27:a6:65:7a:2c:e0:db:b3:17:18:eb:
1f:c5:f6:3a:d2:f8:66:a8:f0:27:1d:30:91:eb:54:af:3b:13:
98:c4:3a:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpn08rM/4MK5h2QXZiEZ88xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MDAxMDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWJiMTY2OWIzMGNhN2MyOTExOWQ1M2E1OGQ3YmJmMTUzZmY0MDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBnjnkVz8aS+IlBxgz+uJBrUFJis
c/aK515Eoa09OCxdHs5Q5MtYCWd+VvTbVabZyzAO5WsbL0eelvy8xiJVg2qfD/r6
+KWVNa759Xy7E8Gx2+7p1Rp3UIPFsxZF6v5sO3mIUhGtE2XqgFjFJGKwnam3z/pJ
0fayB2ZuMqp2Vypej8G40PWLcugYD3nF62OwJ8EaDF4/uMLfJwZ7/z+vg3I1lS35
mvTy2KccHdDIwpnX+avfp68irGWf1mnxN/G66VqQB+AJq49u89SNHIEorLuiIBVf
nqAyxJ3qPMt6sDMJLRB0YFvx+a0exDVtiRPR+8NOHciwxr33M4V1cOOa5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK67FmmzDKfCkRnVOljXu/FT/0CbMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcnJzV2FiTU1wOEtSR2RVNldOZTc4VlBfUUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADx/iVxhROLlBnEryzTj
070DZb0yeBr4npJ8WNMD5GJ12ZrhFfxswbIxDoibyRV+uXUhCTBpMPo3NchnhS1a
nS6BVq1mfOgE2ZI8R31laB43resdDuVXwjDdHnv4LL6Q7+fLuEUU2UAAiUIEg8iA
3dc0nAnj4NWNuJdpNF/lhVrGqTeJGxMqFR5i7fK2TEWDsdTfGoi4ZfrvVyghWi7s
2GXwATy9gaW2vKImYxNgqGfq+b5yK1huKApEqaU5H4aPGn358TapbAmPto0yBFGG
SxcJuEGtflO7yPbUOc9flxQnpmV6LODbsxcY6x/F9jrS+Gao8CcdMJHrVK87E5jE
OnM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:16 2025 by rpki-client