Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/v8uF_uYQanq4uP_uLbpGB8rllS4.roa
File: v8uF_uYQanq4uP_uLbpGB8rllS4.roa (raw, json)
Hash identifier: 1I2SwKguGbgTRLLwnjIOsDzPOzcDWgAhur6aKIzru2Y=
Subject key identifier: BF:CB:85:FE:E6:10:6A:7A:B8:B8:FF:EE:2D:BA:46:07:CA:E5:95:2E
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7A12E1EBEC5991C5C584BF91B1B05CB9
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/v8uF_uYQanq4uP_uLbpGB8rllS4.roa
Signing time: Sat 09 Sep 2023 13:12:52 +0000
ROA not before: Sat 09 Sep 2023 13:12:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7a:12:e1:eb:ec:59:91:c5:c5:84:bf:91:b1:b0:5c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 13:12:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfcb85fee6106a7ab8b8ffee2dba4607cae5952e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:15:f7:c7:73:ac:e2:0b:98:d7:22:53:45:48:
eb:8a:1a:19:26:12:c9:60:da:55:81:c4:07:89:b7:
4f:4f:6b:ca:73:d0:1b:3f:86:4e:50:6b:c3:f5:f9:
1a:bd:49:e4:20:40:2b:61:bb:75:3e:81:5f:41:58:
3e:50:a8:fb:cf:f1:07:d9:bb:94:40:80:2f:27:04:
87:0b:be:27:84:f1:5b:bb:21:e3:ee:e4:7c:5a:22:
d3:83:87:4c:7f:c8:cf:36:07:3c:8f:87:b4:9c:3e:
11:b6:73:f7:f9:7e:ab:4e:a7:29:1c:6e:c5:45:eb:
1b:ca:62:89:31:73:c6:f7:04:c8:c0:2b:ca:97:d2:
52:33:34:30:6e:0a:8d:84:cf:fe:49:20:01:df:e3:
3c:52:5e:79:b0:17:9d:83:36:c4:5e:e0:5f:f6:0c:
59:aa:20:90:57:b0:4b:ea:62:96:70:47:fc:a3:2c:
08:c4:8c:f8:c0:25:92:1f:43:3c:a3:ee:78:be:1c:
d3:c9:ac:27:e1:44:d8:5c:36:85:0c:44:45:c4:3a:
39:a4:8a:89:f0:6e:f9:f8:fe:f0:40:71:9c:c8:eb:
de:bb:a1:31:6d:c2:59:6c:a6:21:32:e5:0e:bb:f2:
08:a2:8a:aa:a9:ef:4f:dd:7e:e6:4e:8d:91:88:15:
be:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CB:85:FE:E6:10:6A:7A:B8:B8:FF:EE:2D:BA:46:07:CA:E5:95:2E
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/v8uF_uYQanq4uP_uLbpGB8rllS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:28:ef:a6:49:96:3f:68:3a:1b:ea:aa:98:5c:53:22:25:db:
fb:45:27:b4:84:9c:46:bb:27:93:d2:b7:c6:f4:49:12:4a:5a:
6b:ed:22:f3:76:70:08:a3:a5:22:92:02:b0:44:88:65:e4:5e:
3f:2a:a5:38:d2:02:80:16:8f:49:a8:91:1f:92:aa:32:ea:7e:
16:fa:91:10:a8:6f:93:72:7a:a7:ee:ca:db:05:98:b2:aa:f0:
21:1b:4b:e6:de:31:c5:57:5c:f5:d3:9a:aa:50:41:03:ae:39:
99:7a:e8:27:af:46:f6:8b:82:87:81:d5:f3:a3:ff:ba:f0:7e:
b6:a6:e9:89:dd:cc:d7:84:ba:f3:f3:e8:45:05:6e:3d:f7:a8:
42:70:77:0d:f0:11:07:ee:fe:00:77:61:ae:d3:29:f3:b3:ca:
a1:49:c2:96:3b:c9:79:a2:54:18:c8:46:01:7c:e1:6a:0a:9f:
4a:2c:4d:92:30:f8:3a:6f:7a:89:c2:e2:85:ef:f9:0f:b9:6c:
53:bc:45:3d:69:5e:ae:46:d0:a2:57:05:0a:e1:9d:4a:4a:8f:
59:1e:61:02:80:26:7f:83:20:ef:ce:0c:e1:67:e9:81:4a:85:
55:37:ac:23:ea:07:8e:fb:eb:7a:5f:3e:3c:26:76:99:6e:91:
8b:4b:d2:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp6EuHr7FmRxcWEv5GxsFy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MTMxMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmNiODVmZWU2MTA2YTdhYjhiOGZmZWUyZGJhNDYwN2NhZTU5NTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxX3x3Os4guY1yJTRUjrihoZJhLJ
YNpVgcQHibdPT2vKc9AbP4ZOUGvD9fkavUnkIEArYbt1PoFfQVg+UKj7z/EH2buU
QIAvJwSHC74nhPFbuyHj7uR8WiLTg4dMf8jPNgc8j4e0nD4RtnP3+X6rTqcpHG7F
ResbymKJMXPG9wTIwCvKl9JSMzQwbgqNhM/+SSAB3+M8Ul55sBedgzbEXuBf9gxZ
qiCQV7BL6mKWcEf8oywIxIz4wCWSH0M8o+54vhzTyawn4UTYXDaFDERFxDo5pIqJ
8G75+P7wQHGcyOveu6ExbcJZbKYhMuUOu/IIooqqqe9P3X7mTo2RiBW+IwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL/Lhf7mEGp6uLj/7i26RgfK5ZUuMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdjh1Rl91WVFhbnE0dVBfdUxicEdCOHJsbFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAko76ZJlj9oOhvqqphc
UyIl2/tFJ7SEnEa7J5PSt8b0SRJKWmvtIvN2cAijpSKSArBEiGXkXj8qpTjSAoAW
j0mokR+SqjLqfhb6kRCob5NyeqfuytsFmLKq8CEbS+beMcVXXPXTmqpQQQOuOZl6
6CevRvaLgoeB1fOj/7rwfram6YndzNeEuvPz6EUFbj33qEJwdw3wEQfu/gB3Ya7T
KfOzyqFJwpY7yXmiVBjIRgF84WoKn0osTZIw+DpveonC4oXv+Q+5bFO8RT1pXq5G
0KJXBQrhnUpKj1keYQKAJn+DIO/ODOFn6YFKhVU3rCPqB47763pfPjwmdplukYtL
0vQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:37:39 2025 by rpki-client