Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/u_w0uq7Lr9kD0F9fYpUz08mx_Hc.roa
File: u_w0uq7Lr9kD0F9fYpUz08mx_Hc.roa (raw, json)
Hash identifier: x0EwjE0LGsK4H5CaWBtAum33aeDZ+1lWNH0brbxnZA0=
Subject key identifier: BB:FC:34:BA:AE:CB:AF:D9:03:D0:5F:5F:62:95:33:D3:C9:B1:FC:77
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9F69DEC8A26CB7D97CCEB39D9BA3FC6F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/u_w0uq7Lr9kD0F9fYpUz08mx_Hc.roa
Signing time: Sat 16 Sep 2023 19:13:50 +0000
ROA not before: Sat 16 Sep 2023 19:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9f:69:de:c8:a2:6c:b7:d9:7c:ce:b3:9d:9b:a3:fc:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 16 19:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbfc34baaecbafd903d05f5f629533d3c9b1fc77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:86:e5:85:aa:63:fb:51:8d:38:a9:d0:71:ad:
9e:8a:ca:bf:d4:a5:f6:60:d7:64:d0:53:16:83:b3:
18:52:57:e3:6b:32:f0:a6:a4:18:96:a4:0b:b3:a1:
21:b4:ee:35:49:7d:70:b7:b5:d4:8d:fa:f6:31:d0:
dd:5c:6a:36:9d:3a:48:06:68:24:92:43:59:10:b1:
08:f7:63:6d:4a:9b:14:b4:c1:91:61:71:42:ae:07:
ea:a1:40:48:b8:0a:b8:a5:a4:95:03:da:d7:88:3a:
fd:1f:d6:b9:66:66:0b:bf:f1:bb:b8:0d:79:81:49:
1c:0c:09:2a:de:bf:bf:cf:44:9c:98:21:ae:a0:d5:
86:c6:37:d2:6f:0b:7b:0c:8a:ad:e7:20:2d:51:66:
5c:08:6a:68:56:a5:38:de:a1:a9:c4:74:4b:c0:b5:
ad:82:11:27:d4:f0:af:64:31:b3:8c:66:90:8d:ac:
39:6f:03:55:8a:81:b7:87:57:03:05:fc:66:6b:d4:
1b:dc:77:79:51:c6:d1:4f:86:e9:a5:a7:75:a0:fa:
d4:65:9c:d9:ef:f6:f6:6b:1f:3a:52:4c:d8:f6:fa:
ce:e9:de:e8:42:0a:37:f7:41:5d:cb:d9:fd:b7:ad:
6c:18:53:61:ee:a9:89:75:09:10:23:d0:f9:18:7d:
50:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FC:34:BA:AE:CB:AF:D9:03:D0:5F:5F:62:95:33:D3:C9:B1:FC:77
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/u_w0uq7Lr9kD0F9fYpUz08mx_Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:b4:2c:3a:86:03:bc:8a:28:8e:fa:a2:04:64:b4:35:9b:cf:
40:88:13:eb:23:35:1f:1f:b3:71:66:ca:09:db:72:0e:f6:c3:
9c:d4:74:e2:ab:d6:08:15:40:19:c1:e1:1d:94:8a:d3:87:bd:
fc:e8:4a:13:a6:d3:d4:a1:bd:fe:81:ee:5a:e7:e0:34:49:43:
fe:99:0a:8f:c8:ed:72:4b:1e:77:5c:cf:b7:5f:be:0e:75:81:
0e:3d:80:ba:21:eb:15:4c:68:bd:ec:21:02:f4:4e:b9:52:24:
0f:c0:dd:0a:29:8a:30:c7:a9:6b:78:2f:8a:9c:ed:e2:80:b8:
bd:6a:fb:90:7e:ad:e4:93:d4:77:11:58:b0:8f:98:bf:52:9b:
30:22:4e:2c:64:ac:e3:5f:ed:25:8d:bf:c1:c5:a8:59:3d:29:
4e:22:82:73:cd:13:eb:14:bc:0a:6b:32:6e:b5:40:b4:84:fd:
dc:83:76:5a:df:ad:f7:1e:c8:1b:fd:78:09:19:b3:67:8f:04:
2e:83:1d:72:c9:a6:b2:9b:8a:ac:1a:25:7f:e9:8e:84:92:11:
2a:76:45:44:43:ef:70:0f:5b:91:f7:1a:e6:f0:f4:a8:71:8c:
40:31:16:2a:21:78:e4:85:f8:f5:40:15:59:b7:63:e2:37:88:
51:a2:94:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqfad7Iomy32XzOs52bo/xvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE2MTkxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmZjMzRiYWFlY2JhZmQ5MDNkMDVmNWY2Mjk1MzNkM2M5YjFmYzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoblhapj+1GNOKnQca2eisq/1KX2
YNdk0FMWg7MYUlfjazLwpqQYlqQLs6EhtO41SX1wt7XUjfr2MdDdXGo2nTpIBmgk
kkNZELEI92NtSpsUtMGRYXFCrgfqoUBIuAq4paSVA9rXiDr9H9a5ZmYLv/G7uA15
gUkcDAkq3r+/z0ScmCGuoNWGxjfSbwt7DIqt5yAtUWZcCGpoVqU43qGpxHRLwLWt
ghEn1PCvZDGzjGaQjaw5bwNVioG3h1cDBfxma9Qb3Hd5UcbRT4bppad1oPrUZZzZ
7/b2ax86UkzY9vrO6d7oQgo390Fdy9n9t61sGFNh7qmJdQkQI9D5GH1QCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLv8NLquy6/ZA9BfX2KVM9PJsfx3MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdV93MHVxN0xyOWtEMEY5ZllwVXowOG14X0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABW0LDqGA7yKKI76ogRk
tDWbz0CIE+sjNR8fs3Fmygnbcg72w5zUdOKr1ggVQBnB4R2UitOHvfzoShOm09Sh
vf6B7lrn4DRJQ/6ZCo/I7XJLHndcz7dfvg51gQ49gLoh6xVMaL3sIQL0TrlSJA/A
3QopijDHqWt4L4qc7eKAuL1q+5B+reST1HcRWLCPmL9SmzAiTixkrONf7SWNv8HF
qFk9KU4ignPNE+sUvAprMm61QLSE/dyDdlrfrfceyBv9eAkZs2ePBC6DHXLJprKb
iqwaJX/pjoSSESp2RURD73APW5H3Gubw9KhxjEAxFioheOSF+PVAFVm3Y+I3iFGi
lPg=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:07:59 2025 by rpki-client