Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/t_cqSdw0G3SOVm1OnYjT1ztXyv8.roa
File: t_cqSdw0G3SOVm1OnYjT1ztXyv8.roa (raw, json)
Hash identifier: cdGxB993XUOJ8m4HDuAXkvqkEqQNkNgsWMTIRbYx53k=
Subject key identifier: B7:F7:2A:49:DC:34:1B:74:8E:56:6D:4E:9D:88:D3:D7:3B:57:CA:FF
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A89BBF0D8860CF9C9ECA5BBE7D1BE3214
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/t_cqSdw0G3SOVm1OnYjT1ztXyv8.roa
Signing time: Tue 12 Sep 2023 14:11:50 +0000
ROA not before: Tue 12 Sep 2023 14:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:bb:f0:d8:86:0c:f9:c9:ec:a5:bb:e7:d1:be:32:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 12 14:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7f72a49dc341b748e566d4e9d88d3d73b57caff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c7:8c:23:03:31:30:02:88:22:5e:3b:de:6b:
2f:51:f1:3f:54:b8:86:28:21:fe:80:05:1e:28:29:
39:bb:41:d2:96:35:76:d3:49:d8:5d:18:8d:49:68:
9b:e0:f7:0e:98:e8:38:f3:a5:2e:8a:3f:49:fc:98:
f7:2e:82:67:66:74:6c:ac:3b:09:fc:33:76:30:3b:
4a:90:4a:c2:e6:4a:be:88:93:bb:1b:28:82:1d:a5:
1f:3d:9d:34:6f:d5:30:f0:10:de:8c:56:2b:11:d7:
2c:66:1f:b8:dd:76:89:6f:dd:1b:be:86:f0:42:1a:
cd:31:b9:fb:81:5c:3f:fe:f2:b7:ae:bc:bf:97:7e:
d8:33:bd:2b:93:7d:0e:5c:12:26:a5:cf:82:11:92:
84:29:3e:00:07:d3:bf:45:81:e7:a9:49:1b:fb:20:
23:1c:8b:66:53:f6:e5:1b:2d:cb:24:55:ff:2e:e0:
42:a8:4e:2f:cb:eb:59:bc:36:49:06:0e:b0:3c:a8:
b6:1d:8a:cc:e7:d4:9b:88:88:f2:de:e4:f9:c9:2d:
38:c4:8c:6c:95:57:9a:7b:c1:7a:6a:62:97:7e:99:
80:8e:aa:7f:19:e0:c2:fa:1b:ce:0b:91:30:d4:c3:
da:1d:7d:c7:64:e5:b9:34:47:c5:d3:ea:92:dd:9c:
31:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F7:2A:49:DC:34:1B:74:8E:56:6D:4E:9D:88:D3:D7:3B:57:CA:FF
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/t_cqSdw0G3SOVm1OnYjT1ztXyv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:0b:44:5d:df:f8:cd:b9:28:fa:26:f3:92:7c:e2:b4:de:8a:
44:9e:d6:f3:7f:82:9f:51:a6:1b:12:b5:71:09:82:04:77:dd:
24:17:76:02:8b:a9:08:de:b4:59:2e:46:7a:ad:18:eb:b1:f1:
cc:86:ea:84:02:23:4c:73:7e:25:50:bf:c3:17:a2:4e:34:54:
10:11:b5:7c:b5:77:39:06:de:af:e3:0f:f3:48:ed:69:c7:1c:
7b:88:5d:f6:e4:65:80:d1:80:3c:ec:55:f3:0c:ee:b4:29:29:
d0:dc:24:13:ba:34:6b:74:9d:7b:64:4e:3e:7b:71:2b:aa:ee:
96:e0:7e:f3:8a:5c:0c:8f:17:c5:9d:27:5b:17:d0:27:0f:e2:
71:52:63:54:d7:30:3f:97:47:f0:1e:67:b0:00:2a:6c:15:d9:
b2:ab:9e:21:c7:c1:fa:f4:72:01:10:6a:eb:71:62:67:79:1e:
e0:46:bd:79:db:8d:0e:ec:27:70:99:e8:26:85:e4:5e:d2:f5:
90:1a:57:d1:6e:e4:b6:25:43:fd:4c:96:a0:06:17:cd:17:e2:
65:01:c1:5d:5e:6c:86:79:77:b3:9a:cb:ec:b7:5e:9d:72:b3:
4c:1f:04:7c:a0:c1:52:c6:76:49:30:60:b0:70:4b:43:4f:1a:
dd:9f:83:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqJu/DYhgz5yeylu+fRvjIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEyMTQxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Y3MmE0OWRjMzQxYjc0OGU1NjZkNGU5ZDg4ZDNkNzNiNTdjYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhceMIwMxMAKIIl473msvUfE/VLiG
KCH+gAUeKCk5u0HSljV200nYXRiNSWib4PcOmOg486Uuij9J/Jj3LoJnZnRsrDsJ
/DN2MDtKkErC5kq+iJO7GyiCHaUfPZ00b9Uw8BDejFYrEdcsZh+43XaJb90bvobw
QhrNMbn7gVw//vK3rry/l37YM70rk30OXBImpc+CEZKEKT4AB9O/RYHnqUkb+yAj
HItmU/blGy3LJFX/LuBCqE4vy+tZvDZJBg6wPKi2HYrM59SbiIjy3uT5yS04xIxs
lVeae8F6amKXfpmAjqp/GeDC+hvOC5Ew1MPaHX3HZOW5NEfF0+qS3ZwxUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLf3KkncNBt0jlZtTp2I09c7V8r/MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdF9jcVNkdzBHM1NPVm0xT25ZalQxenRYeXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAULRF3f+M25KPom85J8
4rTeikSe1vN/gp9RphsStXEJggR33SQXdgKLqQjetFkuRnqtGOux8cyG6oQCI0xz
fiVQv8MXok40VBARtXy1dzkG3q/jD/NI7WnHHHuIXfbkZYDRgDzsVfMM7rQpKdDc
JBO6NGt0nXtkTj57cSuq7pbgfvOKXAyPF8WdJ1sX0CcP4nFSY1TXMD+XR/AeZ7AA
KmwV2bKrniHHwfr0cgEQautxYmd5HuBGvXnbjQ7sJ3CZ6CaF5F7S9ZAaV9Fu5LYl
Q/1MlqAGF80X4mUBwV1ebIZ5d7Oay+y3Xp1ys0wfBHygwVLGdkkwYLBwS0NPGt2f
g8g=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:39 2025 by rpki-client