Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tREMgvM6uknH7ugwIIgp-H5jgik.roa
File: tREMgvM6uknH7ugwIIgp-H5jgik.roa (raw, json)
Hash identifier: 4nr+JFR4vrlg9K1Tgy3zlc66CoTUu8ayGZaYgR5MbN4=
Subject key identifier: B5:11:0C:82:F3:3A:BA:49:C7:EE:E8:30:20:88:29:F8:7E:63:82:29
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6C8D4D5731A38E8BAB277A1BF4C212D0
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tREMgvM6uknH7ugwIIgp-H5jgik.roa
Signing time: Wed 06 Sep 2023 22:11:54 +0000
ROA not before: Wed 06 Sep 2023 22:11:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6c:8d:4d:57:31:a3:8e:8b:ab:27:7a:1b:f4:c2:12:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 22:11:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5110c82f33aba49c7eee830208829f87e638229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6b:04:3e:02:eb:e1:0b:ae:9d:c0:aa:3b:4b:
5e:34:b6:75:bf:6f:85:0e:d4:25:c5:91:c0:4c:4f:
fd:a6:e8:6d:96:00:58:ea:8a:6a:17:61:7b:2c:7c:
53:70:02:74:d6:c7:10:09:40:af:a6:85:f7:77:4d:
c8:08:22:d1:8a:b3:f6:63:b6:03:e0:b5:f1:50:01:
7c:e3:bb:70:8f:6a:f8:f9:2c:d3:ef:d3:2e:d6:0d:
db:07:39:cc:cb:0c:3b:2c:7f:0a:3e:86:e5:50:e7:
37:54:d7:f6:8f:43:43:35:fa:f5:27:ce:ca:7e:06:
6d:2a:50:db:b2:a8:67:6f:db:c6:8a:56:f3:1d:f6:
37:c7:6e:2a:da:d6:03:23:e2:cb:96:c2:0c:48:22:
4b:bd:eb:51:b3:54:ec:71:c5:b4:72:5d:dd:79:f2:
94:26:98:3b:9a:cd:95:7b:0d:13:7f:96:60:07:5a:
33:3d:96:36:57:cf:ca:86:a2:b4:c6:81:63:56:4c:
3c:50:0a:34:cd:0a:76:46:09:fb:60:2f:1c:e7:9d:
16:62:b8:48:5b:30:f7:63:9c:4e:da:03:0c:1b:e2:
cf:a4:5b:63:01:e4:a4:76:c6:55:b1:82:35:13:0f:
35:3c:e5:68:6a:3f:fc:f9:9d:39:69:f4:81:68:2a:
52:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:11:0C:82:F3:3A:BA:49:C7:EE:E8:30:20:88:29:F8:7E:63:82:29
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tREMgvM6uknH7ugwIIgp-H5jgik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:2f:38:8b:12:17:5d:79:ec:9f:24:31:38:85:31:d5:e4:c1:
55:81:0a:7e:93:1a:cf:7a:fc:04:8c:50:93:0c:24:50:22:2a:
1c:58:c4:89:4a:c9:78:11:ab:7c:56:7e:28:ea:4c:ed:7c:39:
7e:77:cb:9c:ea:ad:4a:28:19:c7:20:5e:b0:38:ac:bc:0a:2a:
2c:91:46:ae:91:ff:b0:07:b6:55:71:12:ab:89:eb:40:38:3e:
5b:2e:d7:25:6d:47:eb:4a:39:5b:47:8e:f2:1c:ab:e5:7d:4f:
c4:c4:9c:91:23:67:47:12:8e:e2:2f:80:71:e3:aa:4a:17:f5:
55:92:e9:12:9f:fa:fc:d4:26:1b:ec:6e:e9:b7:a4:30:a0:13:
07:70:fb:d9:6f:a5:f6:7e:70:b6:de:45:7c:5c:06:d2:bf:31:
bd:0c:9a:b2:64:b1:4a:a7:19:42:8d:60:a1:43:59:4a:6d:c4:
bc:cf:7e:3d:97:ac:22:ec:e4:d1:af:30:b4:ce:28:76:5f:48:
ea:b3:88:ea:fd:7e:83:5f:ef:83:55:51:6e:64:5c:38:e0:2c:
ba:62:b2:dd:a8:d8:0f:9a:d9:e8:35:0b:a5:a4:50:6b:4d:c2:
5c:5c:34:7d:5a:56:c2:03:da:35:2a:88:00:d8:c0:58:70:2f:
a0:1a:e6:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpsjU1XMaOOi6snehv0whLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MjIxMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTExMGM4MmYzM2FiYTQ5YzdlZWU4MzAyMDg4MjlmODdlNjM4MjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2sEPgLr4QuuncCqO0teNLZ1v2+F
DtQlxZHATE/9puhtlgBY6opqF2F7LHxTcAJ01scQCUCvpoX3d03ICCLRirP2Y7YD
4LXxUAF847twj2r4+SzT79Mu1g3bBznMyww7LH8KPoblUOc3VNf2j0NDNfr1J87K
fgZtKlDbsqhnb9vGilbzHfY3x24q2tYDI+LLlsIMSCJLvetRs1TsccW0cl3defKU
Jpg7ms2Vew0Tf5ZgB1ozPZY2V8/KhqK0xoFjVkw8UAo0zQp2Rgn7YC8c550WYrhI
WzD3Y5xO2gMMG+LPpFtjAeSkdsZVsYI1Ew81POVoaj/8+Z05afSBaCpSEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLURDILzOrpJx+7oMCCIKfh+Y4IpMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdFJFTWd2TTZ1a25IN3Vnd0lJZ3AtSDVqZ2lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFwvOIsSF1157J8kMTiF
MdXkwVWBCn6TGs96/ASMUJMMJFAiKhxYxIlKyXgRq3xWfijqTO18OX53y5zqrUoo
GccgXrA4rLwKKiyRRq6R/7AHtlVxEquJ60A4Plsu1yVtR+tKOVtHjvIcq+V9T8TE
nJEjZ0cSjuIvgHHjqkoX9VWS6RKf+vzUJhvsbum3pDCgEwdw+9lvpfZ+cLbeRXxc
BtK/Mb0MmrJksUqnGUKNYKFDWUptxLzPfj2XrCLs5NGvMLTOKHZfSOqziOr9foNf
74NVUW5kXDjgLLpist2o2A+a2eg1C6WkUGtNwlxcNH1aVsID2jUqiADYwFhwL6Aa
5s8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:53 2025 by rpki-client