Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/t_kKBJ5nSfbAX7qWO-LNpSUcfnI.roa
File: t_kKBJ5nSfbAX7qWO-LNpSUcfnI.roa (raw, json)
Hash identifier: mMUZVq+Jg6NMP564v+JnrmuaOcgccNyx7iVVtDtfFfQ=
Subject key identifier: B7:F9:0A:04:9E:67:49:F6:C0:5F:BA:96:3B:E2:CD:A5:25:1C:7E:72
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A577FBF99D6C65EC772D7C436B753F6BA
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/t_kKBJ5nSfbAX7qWO-LNpSUcfnI.roa
Signing time: Sat 02 Sep 2023 20:05:04 +0000
ROA not before: Sat 02 Sep 2023 20:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:577e:eec1/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:57:7f:bf:99:d6:c6:5e:c7:72:d7:c4:36:b7:53:f6:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 20:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7f90a049e6749f6c05fba963be2cda5251c7e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:43:8e:f6:08:91:51:8f:2f:b7:0b:34:4a:7d:
2b:2f:3e:36:9a:31:c4:4d:55:55:30:ae:3b:d6:ef:
4d:5b:c3:6d:0c:ba:6c:fa:dd:6b:26:a6:9f:84:9d:
d0:ec:de:f2:72:07:86:54:8a:4f:73:07:f2:00:c6:
64:95:bf:d3:f4:2d:9d:48:28:2c:f8:79:15:72:74:
52:99:49:e4:13:9c:b6:24:6d:f5:e2:88:c2:c3:85:
9f:40:ff:41:a0:d3:3b:3c:df:2b:f8:c3:6f:3a:f1:
30:7d:10:8c:34:38:09:1e:c7:11:78:a7:ed:de:59:
94:98:e5:5f:22:b6:dd:a3:45:a7:7f:0a:a9:4a:d6:
13:0d:2d:f2:19:b6:d4:78:64:4c:79:02:ac:ef:54:
5d:87:fd:e8:1f:cd:f0:d8:60:08:19:61:19:d5:66:
db:14:df:4a:ac:f3:38:cf:38:a0:c2:08:9d:5d:2b:
97:e5:6e:df:2e:eb:0e:d5:79:76:5e:54:02:b4:6f:
56:b0:85:93:64:e5:0f:b5:0f:75:f3:3c:0e:96:28:
5d:ae:ff:fe:b1:19:69:31:63:cc:cb:63:c7:48:88:
68:29:f8:20:a8:51:64:7c:f7:b1:cb:98:c1:a9:00:
09:08:5a:10:68:cb:9e:78:1b:2a:66:a0:95:3d:70:
30:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F9:0A:04:9E:67:49:F6:C0:5F:BA:96:3B:E2:CD:A5:25:1C:7E:72
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/t_kKBJ5nSfbAX7qWO-LNpSUcfnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:08:ef:61:cc:0e:40:d6:bb:43:7b:fb:67:62:44:7f:77:43:
82:1f:50:77:3a:4e:ca:2f:6d:42:56:ea:f8:7b:e6:4e:52:61:
05:a0:0d:3b:9a:c2:90:f8:ca:83:40:55:d4:95:3a:ba:bc:58:
34:af:c0:2f:db:51:44:77:ae:14:a0:e3:76:5c:6f:8a:93:72:
db:8a:66:2a:2b:45:48:cc:f4:ce:79:5d:c1:72:e2:37:80:08:
0f:6e:ee:91:8f:7d:4e:b1:5c:df:b2:cf:7c:2c:56:aa:3b:48:
74:a8:a8:0e:8c:9d:f6:9b:2f:77:d6:63:e7:5c:2c:ea:75:ba:
b9:8a:a6:13:01:8e:f7:1a:36:fa:33:d7:b6:8a:6a:21:58:c5:
3d:7b:06:81:13:3b:6f:e7:dc:a9:78:0d:f4:29:50:48:d4:a5:
4e:13:f3:14:5c:c8:92:d5:bc:b9:ae:12:53:8c:4e:3d:e9:be:
cb:70:2e:dc:95:12:7d:54:72:48:60:c3:36:b7:8c:ba:0f:a7:
dc:d9:c9:18:bc:2a:7d:1d:f7:74:eb:f9:ae:f3:54:37:7a:9e:
38:3d:a2:b0:71:6d:46:8b:35:f5:a1:83:58:0b:60:95:08:6f:
2d:f6:5e:36:1b:50:0a:ca:ee:33:e2:fc:ab:17:bb:92:14:f1:
f0:c3:ba:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpXf7+Z1sZex3LXxDa3U/a6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMjAwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Y5MGEwNDllNjc0OWY2YzA1ZmJhOTYzYmUyY2RhNTI1MWM3ZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkOO9giRUY8vtws0Sn0rLz42mjHE
TVVVMK471u9NW8NtDLps+t1rJqafhJ3Q7N7ycgeGVIpPcwfyAMZklb/T9C2dSCgs
+HkVcnRSmUnkE5y2JG314ojCw4WfQP9BoNM7PN8r+MNvOvEwfRCMNDgJHscReKft
3lmUmOVfIrbdo0WnfwqpStYTDS3yGbbUeGRMeQKs71Rdh/3oH83w2GAIGWEZ1Wbb
FN9KrPM4zzigwgidXSuX5W7fLusO1Xl2XlQCtG9WsIWTZOUPtQ918zwOlihdrv/+
sRlpMWPMy2PHSIhoKfggqFFkfPexy5jBqQAJCFoQaMueeBsqZqCVPXAwLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLf5CgSeZ0n2wF+6ljvizaUlHH5yMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdF9rS0JKNW5TZmJBWDdxV08tTE5wU1VjZm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHII72HMDkDWu0N7+2di
RH93Q4IfUHc6TsovbUJW6vh75k5SYQWgDTuawpD4yoNAVdSVOrq8WDSvwC/bUUR3
rhSg43Zcb4qTctuKZiorRUjM9M55XcFy4jeACA9u7pGPfU6xXN+yz3wsVqo7SHSo
qA6MnfabL3fWY+dcLOp1urmKphMBjvcaNvoz17aKaiFYxT17BoETO2/n3Kl4DfQp
UEjUpU4T8xRcyJLVvLmuElOMTj3pvstwLtyVEn1Uckhgwza3jLoPp9zZyRi8Kn0d
93Tr+a7zVDd6njg9orBxbUaLNfWhg1gLYJUIby32XjYbUArK7jPi/KsXu5IU8fDD
ugQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:30:22 2025 by rpki-client