Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/vc7wGy2q2GUuYJ8cS6eX7bw101E.roa
File: vc7wGy2q2GUuYJ8cS6eX7bw101E.roa (raw, json)
Hash identifier: Nk1UP2FrCtSuilcEqmn2OS6Kymf7v8f+/DtjJoD7dxk=
Subject key identifier: BD:CE:F0:1B:2D:AA:D8:65:2E:60:9F:1C:4B:A7:97:ED:BC:35:D3:51
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A50E5AF476C24BAF410BE1A4FFF8BE9C3
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/vc7wGy2q2GUuYJ8cS6eX7bw101E.roa
Signing time: Fri 01 Sep 2023 13:19:04 +0000
ROA not before: Fri 01 Sep 2023 13:19:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:e5:af:47:6c:24:ba:f4:10:be:1a:4f:ff:8b:e9:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 13:19:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdcef01b2daad8652e609f1c4ba797edbc35d351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0c:61:db:16:82:5f:c6:70:7a:33:aa:ba:9e:
ca:90:3b:84:f9:3b:6d:6f:67:08:dc:e9:c4:a2:c3:
87:d7:1b:39:bb:76:ee:28:c7:67:ba:3e:c3:84:a8:
3f:d9:7b:c8:03:85:98:63:eb:ca:b6:f7:13:af:63:
d3:0e:68:a8:ea:0b:65:7d:c2:3e:ec:88:11:a6:52:
02:c3:41:65:92:e3:65:20:3c:73:c2:10:ec:96:44:
42:e4:ad:b2:d2:7c:bc:30:0a:7a:d7:49:15:2f:8b:
67:0b:07:81:c5:45:f4:9c:83:63:63:4c:c5:9a:c8:
8a:72:a6:ae:f8:0e:96:8d:8a:ec:a8:a5:9c:d6:70:
42:eb:60:cf:f8:3d:39:db:ee:1c:8d:2c:75:b4:20:
ca:ba:21:f9:54:f4:fd:c1:d9:31:47:df:1c:b7:f0:
33:1a:ec:c9:79:3e:35:da:a6:64:07:a2:cf:ef:22:
4a:65:cd:6c:ad:62:c5:12:73:48:6d:7a:0f:10:01:
ce:28:a2:b5:e5:f0:24:e6:4f:4a:8b:3c:65:5e:3c:
20:a6:35:31:10:c7:a3:f7:15:0b:ba:95:5a:4d:21:
d0:f8:4b:12:67:d9:b2:6c:39:50:0b:39:68:a1:81:
48:30:b5:1d:bc:e2:fd:65:74:2f:f7:78:db:57:a8:
3c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:CE:F0:1B:2D:AA:D8:65:2E:60:9F:1C:4B:A7:97:ED:BC:35:D3:51
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/vc7wGy2q2GUuYJ8cS6eX7bw101E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:2b:2a:91:4f:92:07:7b:8f:d7:db:16:05:25:db:cc:26:71:
71:4a:58:27:e5:c3:2c:8b:ce:41:e1:53:82:31:85:f2:e3:5c:
76:b6:7f:22:41:b0:44:63:7d:be:68:90:64:0a:19:da:9e:a0:
29:43:92:cb:6f:8e:b4:2b:20:84:98:34:6c:a9:63:33:4c:a7:
73:ba:58:1c:6d:48:57:a3:20:fa:7f:40:0d:0b:30:fa:1f:67:
76:c3:0f:c9:a8:d4:b3:fa:ca:60:33:d8:16:be:48:12:61:62:
00:66:82:e7:a5:f9:e5:1c:3c:d5:ea:ae:84:8d:53:e2:23:77:
1c:cb:7b:71:44:3b:f3:e7:71:33:ab:83:ac:55:9e:76:cd:49:
fe:5f:8e:be:75:6d:cc:a1:23:96:a5:4e:ab:2e:ef:eb:b9:1b:
1b:02:e0:90:a7:3a:69:92:b2:ca:a6:eb:3c:a2:0c:9a:bd:76:
87:8a:83:65:a5:b6:ee:8c:17:73:a4:33:c0:e9:68:3b:81:2b:
7b:4d:32:05:13:09:fd:a6:cb:92:8e:f8:90:fd:0b:d1:0e:82:
20:8b:27:02:af:13:19:d3:89:d9:f5:f8:dd:aa:b6:35:63:d8:
af:f8:d3:4d:ce:e0:c8:41:68:2a:58:8e:d1:1f:07:4c:e3:4b:
e4:7f:a7:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpQ5a9HbCS69BC+Gk//i+nDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMTMxOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGNlZjAxYjJkYWFkODY1MmU2MDlmMWM0YmE3OTdlZGJjMzVkMzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wxh2xaCX8ZwejOqup7KkDuE+Ttt
b2cI3OnEosOH1xs5u3buKMdnuj7DhKg/2XvIA4WYY+vKtvcTr2PTDmio6gtlfcI+
7IgRplICw0FlkuNlIDxzwhDslkRC5K2y0ny8MAp610kVL4tnCweBxUX0nINjY0zF
msiKcqau+A6WjYrsqKWc1nBC62DP+D052+4cjSx1tCDKuiH5VPT9wdkxR98ct/Az
GuzJeT412qZkB6LP7yJKZc1srWLFEnNIbXoPEAHOKKK15fAk5k9KizxlXjwgpjUx
EMej9xULupVaTSHQ+EsSZ9mybDlQCzlooYFIMLUdvOL9ZXQv93jbV6g8wwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL3O8BstqthlLmCfHEunl+28NdNRMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdmM3d0d5MnEyR1V1WUo4Y1M2ZVg3YncxMDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADgrKpFPkgd7j9fbFgUl
28wmcXFKWCflwyyLzkHhU4IxhfLjXHa2fyJBsERjfb5okGQKGdqeoClDkstvjrQr
IISYNGypYzNMp3O6WBxtSFejIPp/QA0LMPofZ3bDD8mo1LP6ymAz2Ba+SBJhYgBm
guel+eUcPNXqroSNU+IjdxzLe3FEO/PncTOrg6xVnnbNSf5fjr51bcyhI5alTqsu
7+u5GxsC4JCnOmmSssqm6zyiDJq9doeKg2Wltu6MF3OkM8DpaDuBK3tNMgUTCf2m
y5KO+JD9C9EOgiCLJwKvExnTidn1+N2qtjVj2K/4003O4MhBaCpYjtEfB0zjS+R/
p7M=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:53:34 2025 by rpki-client