Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rxVU_IQqoyXpWSAjn2c9kMRV_e4.roa
File: rxVU_IQqoyXpWSAjn2c9kMRV_e4.roa (raw, json)
Hash identifier: ljxEtaR+efafbGH0k2lb4LFrBEeDFpijENPx0TQwLEM=
Subject key identifier: AF:15:54:FC:84:2A:A3:25:E9:59:20:23:9F:67:3D:90:C4:55:FD:EE
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A76A3F927C856C4A7EFF568B3F4A89AA8
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rxVU_IQqoyXpWSAjn2c9kMRV_e4.roa
Signing time: Fri 08 Sep 2023 21:12:52 +0000
ROA not before: Fri 08 Sep 2023 21:12:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:76:a3:f9:27:c8:56:c4:a7:ef:f5:68:b3:f4:a8:9a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 8 21:12:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af1554fc842aa325e95920239f673d90c455fdee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:67:b7:77:ed:55:a6:cc:96:c3:04:0c:cd:8c:
8a:7f:68:e3:bc:f0:73:a0:bb:29:0e:4c:75:11:92:
3f:5b:67:b9:9f:5e:0a:21:e0:8f:cc:66:12:a4:62:
c8:3c:ea:4d:03:35:df:39:b9:5f:14:7b:00:f5:30:
fb:b4:32:52:4a:68:b9:fc:09:2e:f7:b7:2c:1a:b3:
e8:eb:b5:7e:8c:ed:21:79:db:50:4e:ac:3a:f9:61:
49:42:a1:9b:65:67:cf:74:4e:86:8e:e2:9d:e7:fb:
29:29:c2:b0:e1:b9:50:29:84:ca:1c:e1:cc:9e:07:
00:03:38:97:b8:79:0a:94:24:02:2d:d5:2a:38:6d:
f4:a6:d6:ec:1e:8a:48:66:c2:cd:54:69:41:7a:d5:
70:99:b0:14:1c:82:61:ad:ed:d5:b2:20:6f:c2:22:
14:81:ae:ef:33:00:b4:0b:87:8e:3d:01:93:92:6c:
5c:a5:ec:60:ff:da:ce:af:b3:a1:0a:70:db:17:46:
cb:3b:55:d3:6f:f8:c9:8a:5d:b4:ce:b2:ef:06:61:
ff:75:18:a3:1a:28:66:52:dd:62:0e:e4:1c:99:b2:
af:29:1d:25:60:11:1b:13:9e:19:3e:f4:f5:13:d6:
bb:09:55:57:f4:e7:ec:aa:5a:de:78:3a:5e:9a:d6:
1e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:15:54:FC:84:2A:A3:25:E9:59:20:23:9F:67:3D:90:C4:55:FD:EE
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/rxVU_IQqoyXpWSAjn2c9kMRV_e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:89:54:78:6c:95:4d:3d:36:9e:61:e5:e4:82:43:20:49:3d:
92:8f:87:7a:67:69:53:1f:b4:8f:3d:88:e2:fb:6c:6e:7e:fe:
b0:9a:ad:a1:96:4e:39:5c:1a:5e:c0:13:35:68:04:34:4e:32:
74:b5:ca:11:34:f0:1b:94:49:07:01:ad:9f:20:75:5a:38:89:
28:75:c2:58:78:f4:b0:33:0e:84:39:99:8b:36:e0:05:ad:e2:
78:92:07:cd:ef:91:bf:38:fc:cb:0f:26:02:c2:a7:bd:f1:bb:
7f:50:ea:15:10:d4:fa:72:56:ad:a9:d9:dd:76:2c:68:c1:84:
72:9f:cc:db:cc:b7:57:d6:40:28:de:2f:5c:ba:b3:10:b9:98:
1a:4d:a3:10:30:da:6e:7e:0a:1f:04:9f:4a:db:4a:f3:da:34:
ef:ec:a3:4c:5e:10:02:da:16:8f:52:04:03:06:84:9d:64:af:
1e:d3:82:2f:80:e9:a6:2a:57:c6:98:36:5c:d2:ca:0a:70:43:
d4:06:c8:96:ea:07:4b:be:4c:7a:fc:4d:33:ea:43:a2:f1:96:
87:fd:00:a9:11:ed:79:46:8f:34:e7:f9:47:10:66:7a:0d:bc:
78:66:4d:8d:8f:18:5b:2e:33:5a:24:12:cb:7d:68:20:f6:f4:
94:8e:60:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp2o/knyFbEp+/1aLP0qJqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA4MjExMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjE1NTRmYzg0MmFhMzI1ZTk1OTIwMjM5ZjY3M2Q5MGM0NTVmZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGe3d+1VpsyWwwQMzYyKf2jjvPBz
oLspDkx1EZI/W2e5n14KIeCPzGYSpGLIPOpNAzXfOblfFHsA9TD7tDJSSmi5/Aku
97csGrPo67V+jO0hedtQTqw6+WFJQqGbZWfPdE6GjuKd5/spKcKw4blQKYTKHOHM
ngcAAziXuHkKlCQCLdUqOG30ptbsHopIZsLNVGlBetVwmbAUHIJhre3VsiBvwiIU
ga7vMwC0C4eOPQGTkmxcpexg/9rOr7OhCnDbF0bLO1XTb/jJil20zrLvBmH/dRij
GihmUt1iDuQcmbKvKR0lYBEbE54ZPvT1E9a7CVVX9OfsqlreeDpemtYeYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK8VVPyEKqMl6VkgI59nPZDEVf3uMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcnhWVV9JUXFveVhwV1NBam4yYzlrTVJWX2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ+JVHhslU09Np5h5eSC
QyBJPZKPh3pnaVMftI89iOL7bG5+/rCaraGWTjlcGl7AEzVoBDROMnS1yhE08BuU
SQcBrZ8gdVo4iSh1wlh49LAzDoQ5mYs24AWt4niSB83vkb84/MsPJgLCp73xu39Q
6hUQ1PpyVq2p2d12LGjBhHKfzNvMt1fWQCjeL1y6sxC5mBpNoxAw2m5+Ch8En0rb
SvPaNO/so0xeEALaFo9SBAMGhJ1krx7Tgi+A6aYqV8aYNlzSygpwQ9QGyJbqB0u+
THr8TTPqQ6Lxlof9AKkR7XlGjzTn+UcQZnoNvHhmTY2PGFsuM1okEst9aCD29JSO
YFQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:03 2025 by rpki-client