Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/uqh6uv6MY8MckamaoGKkOxaKCCw.roa
File: uqh6uv6MY8MckamaoGKkOxaKCCw.roa (raw, json)
Hash identifier: dtPkK1z6hN2NboHrgUk4htE3dLuJsC+ApOgLv3kNVXo=
Subject key identifier: BA:A8:7A:BA:FE:8C:63:C3:1C:91:A9:9A:A0:62:A4:3B:16:8A:08:2C
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA75881FF6D17D7F2A49B6A835A653EC2
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/uqh6uv6MY8MckamaoGKkOxaKCCw.roa
Signing time: Mon 18 Sep 2023 08:11:50 +0000
ROA not before: Mon 18 Sep 2023 08:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:58:81:ff:6d:17:d7:f2:a4:9b:6a:83:5a:65:3e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 18 08:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baa87abafe8c63c31c91a99aa062a43b168a082c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5d:86:9d:82:6a:e8:74:8f:78:bd:65:27:b9:
0a:bd:19:c3:28:6f:bb:e6:65:5f:4d:2f:b5:e6:50:
71:f5:97:88:02:da:62:20:c9:40:9c:aa:e1:7e:ce:
fb:23:50:93:98:5b:4e:72:93:8f:92:c2:bc:8d:e8:
0e:50:d8:40:e5:c5:70:3f:a1:f5:12:1f:86:5a:d9:
04:c3:43:7a:d0:e0:24:a3:82:d3:2b:0b:b4:da:ca:
12:52:fa:85:a9:43:a3:59:b4:9b:c9:6d:96:46:fc:
c6:ec:1a:d7:b3:64:0b:23:c6:88:1e:db:a4:71:d4:
b2:33:d9:d2:6f:67:da:b3:d6:aa:ee:75:a6:32:84:
3a:e1:d3:c0:47:d7:9e:e1:3c:7e:15:6e:0a:cd:3e:
08:e6:aa:06:61:21:aa:b5:58:cd:1a:f5:9d:25:88:
9d:5f:1e:fa:7f:45:64:00:1c:17:49:7c:d7:92:26:
c8:02:68:f7:5e:77:6b:de:64:a7:d6:45:af:96:c3:
1a:f5:f9:37:02:a1:f1:df:bc:4e:09:91:5f:38:f3:
7b:0f:e2:04:99:27:69:4b:01:58:0e:f1:d6:42:cc:
d5:e7:e9:ff:85:b5:a8:1c:f6:26:62:bf:80:29:b8:
73:2d:da:96:ec:d7:77:fd:ca:e2:27:95:1f:74:47:
b1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A8:7A:BA:FE:8C:63:C3:1C:91:A9:9A:A0:62:A4:3B:16:8A:08:2C
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/uqh6uv6MY8MckamaoGKkOxaKCCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:d2:42:b2:5c:b8:b3:00:22:87:d6:a5:ce:88:eb:c6:c0:06:
1d:18:d4:38:9f:18:8e:f2:b2:17:47:d9:07:ec:bb:ac:07:d1:
25:6c:cb:2d:18:98:1c:c1:3a:0c:85:65:68:72:84:a2:20:d9:
8b:0b:e0:b0:84:87:7f:8e:31:06:90:0b:69:e8:28:6d:f2:c7:
33:8d:b8:e3:1f:97:46:89:94:87:d5:20:1e:a4:d0:17:23:a1:
1a:87:9e:37:ba:af:89:69:88:ee:cb:07:96:6c:d2:a5:13:35:
bc:d3:10:78:e2:c2:e8:69:72:b0:86:74:c1:83:dc:eb:ba:d5:
28:7f:ad:5a:c4:b7:8b:9d:bd:8b:d7:73:79:d5:af:b1:d1:b2:
c5:fd:f1:ec:b2:db:1b:ba:99:ad:5f:11:59:02:2a:a5:32:8a:
15:79:69:61:99:89:4c:dd:8f:54:9d:b0:fc:80:df:6f:3d:e3:
cc:0b:09:e6:e9:34:ad:7a:fe:97:74:f3:00:ef:0f:6e:88:cb:
ee:cf:e3:a7:5b:36:53:45:ec:de:81:fa:36:82:78:75:bd:55:
e6:76:f8:c8:d8:bc:3a:c5:ac:38:05:e5:f4:f7:c2:f3:92:4a:
de:b2:5f:86:05:fd:08:fd:e8:a8:a5:b9:af:a7:12:c4:ac:ef:
57:27:da:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqnWIH/bRfX8qSbaoNaZT7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE4MDgxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWE4N2FiYWZlOGM2M2MzMWM5MWE5OWFhMDYyYTQzYjE2OGEwODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg12GnYJq6HSPeL1lJ7kKvRnDKG+7
5mVfTS+15lBx9ZeIAtpiIMlAnKrhfs77I1CTmFtOcpOPksK8jegOUNhA5cVwP6H1
Eh+GWtkEw0N60OAko4LTKwu02soSUvqFqUOjWbSbyW2WRvzG7BrXs2QLI8aIHtuk
cdSyM9nSb2fas9aq7nWmMoQ64dPAR9ee4Tx+FW4KzT4I5qoGYSGqtVjNGvWdJYid
Xx76f0VkABwXSXzXkibIAmj3Xndr3mSn1kWvlsMa9fk3AqHx37xOCZFfOPN7D+IE
mSdpSwFYDvHWQszV5+n/hbWoHPYmYr+AKbhzLdqW7Nd3/criJ5UfdEextQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLqoerr+jGPDHJGpmqBipDsWiggsMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdXFoNnV2Nk1ZOE1ja2FtYW9HS2tPeGFLQ0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKXSQrJcuLMAIofWpc6I
68bABh0Y1DifGI7yshdH2Qfsu6wH0SVsyy0YmBzBOgyFZWhyhKIg2YsL4LCEh3+O
MQaQC2noKG3yxzONuOMfl0aJlIfVIB6k0BcjoRqHnje6r4lpiO7LB5Zs0qUTNbzT
EHjiwuhpcrCGdMGD3Ou61Sh/rVrEt4udvYvXc3nVr7HRssX98eyy2xu6ma1fEVkC
KqUyihV5aWGZiUzdj1SdsPyA328948wLCebpNK16/pd08wDvD26Iy+7P46dbNlNF
7N6B+jaCeHW9VeZ2+MjYvDrFrDgF5fT3wvOSSt6yX4YF/Qj96Kilua+nEsSs71cn
2k8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:19 2025 by rpki-client