Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tB85rjXzw8zCSsCwEyQL8CVqHIg.roa
File: tB85rjXzw8zCSsCwEyQL8CVqHIg.roa (raw, json)
Hash identifier: YMc/z/KLevizHeCEddK7/BSxw6DaYxIFTIjiZedzKuA=
Subject key identifier: B4:1F:39:AE:35:F3:C3:CC:C2:4A:C0:B0:13:24:0B:F0:25:6A:1C:88
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AAC0A9865A025ADDDF0BFDE6B84050072
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tB85rjXzw8zCSsCwEyQL8CVqHIg.roa
Signing time: Tue 19 Sep 2023 06:04:50 +0000
ROA not before: Tue 19 Sep 2023 06:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:ac0a:170e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:0a:98:65:a0:25:ad:dd:f0:bf:de:6b:84:05:00:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 19 06:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b41f39ae35f3c3ccc24ac0b013240bf0256a1c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:52:4e:1d:47:54:de:61:dc:cd:4f:68:2d:3b:
68:19:66:69:71:36:b6:05:7f:10:4f:23:3f:e5:5e:
89:c1:d1:82:68:36:a8:8e:53:69:22:5e:d0:7a:35:
61:6b:51:5a:e6:7c:59:97:db:57:b9:42:b8:b7:3a:
26:2e:8d:87:da:18:99:05:f8:12:df:e8:94:28:14:
fe:34:cb:1f:11:8e:e5:97:a9:53:67:76:5c:39:97:
ae:3b:a7:12:db:5d:eb:bc:68:1a:de:16:82:ce:94:
34:43:78:38:93:58:02:b4:32:05:ae:36:e7:1c:97:
2a:a2:08:db:c8:cd:5b:85:3f:25:18:10:ab:fe:a0:
25:e3:da:ba:16:39:1b:06:bb:5a:f3:d3:e1:79:ad:
98:0a:30:32:ab:14:ea:2f:57:f5:07:8f:81:8b:10:
1a:7d:6f:55:7d:10:48:89:ed:f3:c1:e5:5f:3f:04:
03:3b:ce:be:dd:d4:54:4d:c5:de:66:ef:70:56:8e:
cb:bc:d3:2d:1f:e5:27:f1:49:62:06:83:dc:12:43:
b6:c7:3a:a6:11:6c:47:2c:5a:33:02:36:be:b5:d9:
e8:de:1f:6c:7d:41:44:73:72:ff:49:04:69:ab:c3:
0a:1c:cf:0a:c2:d8:ab:c3:5d:28:19:90:28:52:9b:
45:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1F:39:AE:35:F3:C3:CC:C2:4A:C0:B0:13:24:0B:F0:25:6A:1C:88
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tB85rjXzw8zCSsCwEyQL8CVqHIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:b9:ef:99:4f:19:db:c5:4c:cf:9d:09:89:15:af:e2:39:d8:
d8:31:bf:2a:50:50:39:71:36:95:da:59:ab:f3:4a:cd:0b:b4:
2d:2c:c8:fa:49:31:af:12:3f:58:3e:63:76:cf:88:7f:2f:30:
e0:c7:ab:4e:67:c4:84:28:53:22:fa:3a:35:2f:fe:21:be:05:
5a:b5:8b:f8:8f:08:69:30:b4:63:7d:4d:f3:1e:bb:37:0a:df:
e9:90:04:cd:33:93:f7:7f:f4:a9:c3:ba:a0:83:1a:c1:09:60:
da:ef:2a:eb:2f:7b:22:7d:3e:b6:46:3f:5e:38:c3:85:17:e8:
e9:e4:b9:7d:d8:df:a1:5e:f6:51:5d:90:dc:5b:85:a7:24:bc:
c0:6f:45:c7:f3:39:02:3a:1d:06:d0:34:2d:67:40:c1:c1:2b:
03:47:71:f5:c5:4b:e6:a1:2f:30:b4:82:dd:e2:35:d2:ce:71:
80:ec:3d:7d:e8:b3:63:f1:9b:61:6d:bc:44:97:28:b0:75:94:
ce:4a:5e:2a:dd:b5:83:3a:24:3a:c1:d1:57:75:dd:46:f9:ae:
77:54:c9:4d:79:4b:6c:53:5e:44:5c:80:e4:45:b2:4d:47:08:
5d:da:51:87:92:fa:ca:18:46:92:95:5e:b6:04:39:9f:dc:20:
59:e7:6d:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqsCphloCWt3fC/3muEBQByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE5MDYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDFmMzlhZTM1ZjNjM2NjYzI0YWMwYjAxMzI0MGJmMDI1NmExYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFJOHUdU3mHczU9oLTtoGWZpcTa2
BX8QTyM/5V6JwdGCaDaojlNpIl7QejVha1Fa5nxZl9tXuUK4tzomLo2H2hiZBfgS
3+iUKBT+NMsfEY7ll6lTZ3ZcOZeuO6cS213rvGga3haCzpQ0Q3g4k1gCtDIFrjbn
HJcqogjbyM1bhT8lGBCr/qAl49q6FjkbBrta89Phea2YCjAyqxTqL1f1B4+BixAa
fW9VfRBIie3zweVfPwQDO86+3dRUTcXeZu9wVo7LvNMtH+Un8UliBoPcEkO2xzqm
EWxHLFozAja+tdno3h9sfUFEc3L/SQRpq8MKHM8Kwtirw10oGZAoUptFSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLQfOa4188PMwkrAsBMkC/AlahyIMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdEI4NXJqWHp3OHpDU3NDd0V5UUw4Q1ZxSElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE+575lPGdvFTM+dCYkV
r+I52NgxvypQUDlxNpXaWavzSs0LtC0syPpJMa8SP1g+Y3bPiH8vMODHq05nxIQo
UyL6OjUv/iG+BVq1i/iPCGkwtGN9TfMeuzcK3+mQBM0zk/d/9KnDuqCDGsEJYNrv
KusveyJ9PrZGP144w4UX6OnkuX3Y36Fe9lFdkNxbhackvMBvRcfzOQI6HQbQNC1n
QMHBKwNHcfXFS+ahLzC0gt3iNdLOcYDsPX3os2Pxm2FtvESXKLB1lM5KXirdtYM6
JDrB0Vd13Ub5rndUyU15S2xTXkRcgORFsk1HCF3aUYeS+soYRpKVXrYEOZ/cIFnn
bUs=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:45:43 2025 by rpki-client