Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ryuXVcyAtp24q5dHYRT3oqO_W18.roa
File: ryuXVcyAtp24q5dHYRT3oqO_W18.roa (raw, json)
Hash identifier: mcrb2VugS5+iCAM0RjgAoL80P6oND42lHvMVty/bBuM=
Subject key identifier: AF:2B:97:55:CC:80:B6:9D:B8:AB:97:47:61:14:F7:A2:A3:BF:5B:5F
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6957FA568B1E2A01D9C5EE18A6012592
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ryuXVcyAtp24q5dHYRT3oqO_W18.roa
Signing time: Wed 06 Sep 2023 07:14:47 +0000
ROA not before: Wed 06 Sep 2023 07:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:57:fa:56:8b:1e:2a:01:d9:c5:ee:18:a6:01:25:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 07:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af2b9755cc80b69db8ab97476114f7a2a3bf5b5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:74:14:d3:12:0c:81:6a:80:ee:0b:3d:b5:90:
d5:f9:28:01:f2:60:83:7c:55:2c:ee:66:89:7e:64:
8e:1f:9d:3a:64:da:0d:f4:aa:61:00:e7:cd:7c:23:
9b:6d:45:59:7d:82:a2:75:85:24:44:a6:31:69:c9:
d9:ed:36:93:d7:51:e8:78:ca:ed:52:fd:72:30:e5:
3d:96:97:86:fe:d3:0f:a9:47:a8:20:d6:29:dc:53:
bc:c1:e1:65:dd:8c:be:8c:3d:9f:51:a8:fd:0d:12:
8d:8c:45:5d:e5:da:05:3b:af:38:4a:58:ff:73:51:
b4:4b:68:2d:e6:4c:b6:47:51:24:f8:ee:f5:b2:1d:
a6:58:cb:df:0b:ef:76:86:f2:8b:54:c6:01:53:f6:
1a:98:06:45:1f:4a:f2:f2:c6:a2:f5:84:e1:63:bc:
e2:0f:90:44:74:de:ae:09:09:f6:ce:f7:03:64:66:
dd:8e:c0:b5:76:b5:11:23:ce:b7:8f:82:7a:e6:b9:
f6:7b:70:dd:f8:80:01:29:8b:38:77:ed:d6:86:97:
a6:e4:ed:c8:2d:4a:13:83:70:1f:62:0c:01:8e:bd:
dd:e3:f3:0b:8d:9a:69:23:55:99:32:78:8f:46:30:
ae:b8:03:fb:ab:d7:0c:fc:83:5f:a4:88:5d:a9:cb:
e3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:2B:97:55:CC:80:B6:9D:B8:AB:97:47:61:14:F7:A2:A3:BF:5B:5F
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ryuXVcyAtp24q5dHYRT3oqO_W18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:58:1f:7d:5a:8e:6d:92:c9:bc:8d:b2:ee:c6:3b:4f:74:73:
df:d9:47:5c:eb:0c:e3:ab:ab:b9:1b:ef:a9:76:75:e9:7c:0c:
75:1b:df:7b:89:05:bb:34:e4:64:03:82:86:33:12:0a:77:41:
3a:a6:9e:74:50:d1:82:de:95:e9:c2:00:e6:e7:24:05:7b:fb:
63:21:91:ab:b2:cb:bd:33:c3:7f:9d:0c:47:5b:18:53:33:e0:
a6:32:69:74:6f:b3:e3:d9:30:4e:83:5c:90:00:03:45:de:4f:
6d:87:57:fb:05:48:cb:6a:ef:a8:a6:1e:6d:db:50:29:ed:a0:
cf:1e:9f:f2:57:c5:56:32:0c:29:9c:ec:01:e4:38:38:c6:60:
4f:0b:5c:e1:3d:f7:77:12:df:4b:a9:be:2d:28:c3:ee:a6:0a:
53:47:3e:23:28:e9:19:2d:9c:f3:56:57:bc:7c:4a:57:ed:39:
54:7d:df:0b:2c:3c:45:32:af:dc:39:e4:1f:b8:36:55:ab:e4:
ce:9a:eb:38:20:4e:57:50:7e:ea:41:d8:b3:1e:10:23:ea:eb:
3f:12:72:d4:c6:0a:eb:e4:3c:d4:c0:46:b3:3c:f1:06:6a:d7:
32:e8:2c:02:0b:31:e6:af:2a:21:41:af:0b:4b:66:a6:dd:50:
14:cc:c7:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYppV/pWix4qAdnF7himASWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MDcxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjJiOTc1NWNjODBiNjlkYjhhYjk3NDc2MTE0ZjdhMmEzYmY1YjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3QU0xIMgWqA7gs9tZDV+SgB8mCD
fFUs7maJfmSOH506ZNoN9KphAOfNfCObbUVZfYKidYUkRKYxacnZ7TaT11HoeMrt
Uv1yMOU9lpeG/tMPqUeoINYp3FO8weFl3Yy+jD2fUaj9DRKNjEVd5doFO684Slj/
c1G0S2gt5ky2R1Ek+O71sh2mWMvfC+92hvKLVMYBU/YamAZFH0ry8sai9YThY7zi
D5BEdN6uCQn2zvcDZGbdjsC1drURI863j4J65rn2e3Dd+IABKYs4d+3Whpem5O3I
LUoTg3AfYgwBjr3d4/MLjZppI1WZMniPRjCuuAP7q9cM/INfpIhdqcvjTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK8rl1XMgLaduKuXR2EU96Kjv1tfMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcnl1WFZjeUF0cDI0cTVkSFlSVDNvcU9fVzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJxYH31ajm2SybyNsu7G
O090c9/ZR1zrDOOrq7kb76l2del8DHUb33uJBbs05GQDgoYzEgp3QTqmnnRQ0YLe
lenCAObnJAV7+2Mhkauyy70zw3+dDEdbGFMz4KYyaXRvs+PZME6DXJAAA0XeT22H
V/sFSMtq76imHm3bUCntoM8en/JXxVYyDCmc7AHkODjGYE8LXOE993cS30upvi0o
w+6mClNHPiMo6RktnPNWV7x8SlftOVR93wssPEUyr9w55B+4NlWr5M6a6zggTldQ
fupB2LMeECPq6z8SctTGCuvkPNTARrM88QZq1zLoLAILMeavKiFBrwtLZqbdUBTM
x7Q=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:17 2025 by rpki-client