Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/u0G-ncqgBuLczoGHV4zewvE3XQc.roa
File: u0G-ncqgBuLczoGHV4zewvE3XQc.roa (raw, json)
Hash identifier: TDaM8nP3s+46njUY/n5enzF50bbZvFa2QFH2Otm6TVQ=
Subject key identifier: BB:41:BE:9D:CA:A0:06:E2:DC:CE:81:87:57:8C:DE:C2:F1:37:5D:07
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4629866B84F4D7AE6E7D1EC50A4F5A80
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/u0G-ncqgBuLczoGHV4zewvE3XQc.roa
Signing time: Wed 30 Aug 2023 11:17:21 +0000
ROA not before: Wed 30 Aug 2023 11:17:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:29:86:6b:84:f4:d7:ae:6e:7d:1e:c5:0a:4f:5a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 11:17:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb41be9dcaa006e2dcce8187578cdec2f1375d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d5:40:8d:51:71:74:cb:6e:ca:cc:b8:09:90:
a2:b4:28:7c:be:8c:25:b5:f8:83:b8:35:db:65:87:
1c:96:71:b2:d8:11:4a:9a:68:37:12:31:ed:80:a7:
38:db:17:04:d8:46:53:00:65:60:a0:4d:13:51:c5:
39:36:e6:7d:ee:49:6f:c8:a7:d3:aa:7f:22:7f:e4:
59:58:83:18:1e:11:b3:cf:0e:d8:c2:a1:5b:00:63:
80:88:81:4e:41:44:f9:7b:e8:ea:78:58:2e:0a:a8:
f9:05:7f:9f:f4:23:25:a1:03:62:bb:ed:b4:d3:90:
64:c3:c4:90:a0:60:2f:4c:97:82:41:2d:c9:b2:5c:
e1:11:7b:32:66:60:e5:fe:23:42:65:3f:55:88:7e:
b9:00:c0:36:c1:fb:82:20:e3:20:52:48:8c:c5:3f:
16:f2:8f:db:0b:63:bd:97:bd:c6:60:42:3b:70:09:
0e:37:8b:c6:ab:9f:ef:10:51:ec:9f:e9:f9:49:3b:
29:f6:3c:57:9b:97:60:7b:75:46:31:13:e6:e0:51:
69:4d:e8:78:34:e3:0b:23:a5:b8:20:6e:4a:3c:07:
ba:27:db:ff:15:b5:82:d1:dd:7b:20:89:91:1c:72:
f1:12:59:f7:f8:83:04:86:7d:99:31:dd:bb:19:3a:
0e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:41:BE:9D:CA:A0:06:E2:DC:CE:81:87:57:8C:DE:C2:F1:37:5D:07
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/u0G-ncqgBuLczoGHV4zewvE3XQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
25:8c:ac:e3:10:cc:ce:57:86:2c:1d:50:4b:f5:56:d0:a2:1e:
80:3e:48:fd:09:de:81:b7:0d:f2:d5:ef:6b:05:51:ec:4b:6b:
a9:4f:f7:3c:5b:8a:87:9a:44:4e:8e:c7:78:3e:af:95:d5:cc:
c4:7c:29:73:16:22:f7:c1:eb:e0:ef:97:dd:83:a5:00:35:67:
71:90:a2:88:de:0e:8f:a8:e4:0f:f9:97:56:84:30:e8:91:3a:
64:ec:7e:4b:43:22:52:6a:4c:ee:85:10:88:c2:44:25:94:1c:
f0:f1:3d:b1:3c:a2:5c:65:8c:9b:cb:43:ff:16:f6:55:82:fe:
6b:60:cc:a5:51:a3:0f:2a:a6:21:96:55:a6:2e:0b:99:fa:ba:
c2:3e:4f:5f:d2:f3:a0:cb:99:73:94:43:01:a4:f0:65:da:40:
52:e0:7d:4c:4e:47:53:d1:f2:8b:79:72:26:b4:f7:ab:bc:85:
55:65:ef:3e:1b:52:5d:f8:02:d9:bc:ea:3c:8e:70:4e:24:92:
21:16:06:a8:e8:bc:98:5f:4e:30:8c:0b:7f:4a:d3:0c:83:4b:
6f:6c:0a:95:92:ae:b0:6f:e9:7a:40:fb:ef:ce:8b:cd:4a:ee:
b2:a5:f2:bf:72:5c:10:bb:0a:77:45:72:46:4c:40:bb:d4:1d:
78:d2:e7:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpGKYZrhPTXrm59HsUKT1qAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMTExNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQxYmU5ZGNhYTAwNmUyZGNjZTgxODc1NzhjZGVjMmYxMzc1ZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntVAjVFxdMtuysy4CZCitCh8vowl
tfiDuDXbZYcclnGy2BFKmmg3EjHtgKc42xcE2EZTAGVgoE0TUcU5NuZ97klvyKfT
qn8if+RZWIMYHhGzzw7YwqFbAGOAiIFOQUT5e+jqeFguCqj5BX+f9CMloQNiu+20
05Bkw8SQoGAvTJeCQS3JslzhEXsyZmDl/iNCZT9ViH65AMA2wfuCIOMgUkiMxT8W
8o/bC2O9l73GYEI7cAkON4vGq5/vEFHsn+n5STsp9jxXm5dge3VGMRPm4FFpTeh4
NOMLI6W4IG5KPAe6J9v/FbWC0d17IImRHHLxEln3+IMEhn2ZMd27GToO6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLtBvp3KoAbi3M6Bh1eM3sLxN10HMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdTBHLW5jcWdCdUxjem9HSFY0emV3dkUzWFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACWMrOMQzM5XhiwdUEv1
VtCiHoA+SP0J3oG3DfLV72sFUexLa6lP9zxbioeaRE6Ox3g+r5XVzMR8KXMWIvfB
6+Dvl92DpQA1Z3GQoojeDo+o5A/5l1aEMOiROmTsfktDIlJqTO6FEIjCRCWUHPDx
PbE8olxljJvLQ/8W9lWC/mtgzKVRow8qpiGWVaYuC5n6usI+T1/S86DLmXOUQwGk
8GXaQFLgfUxOR1PR8ot5cia096u8hVVl7z4bUl34Atm86jyOcE4kkiEWBqjovJhf
TjCMC39K0wyDS29sCpWSrrBv6XpA++/Oi81K7rKl8r9yXBC7CndFckZMQLvUHXjS
5wI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:10 2025 by rpki-client