Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/vq1P-meua9GxmMcITsQp3c8aczs.roa
File: vq1P-meua9GxmMcITsQp3c8aczs.roa (raw, json)
Hash identifier: XIawIVVfWkrXDzuYY6w1RgrziFz7ut59SZbCiWbR5Nk=
Subject key identifier: BE:AD:4F:FA:67:AE:6B:D1:B1:98:C7:08:4E:C4:29:DD:CF:1A:73:3B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA07B9CD9128F1E835D853901F3ED116D
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/vq1P-meua9GxmMcITsQp3c8aczs.roa
Signing time: Sun 17 Sep 2023 00:12:50 +0000
ROA not before: Sun 17 Sep 2023 00:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a0:7b:9c:d9:12:8f:1e:83:5d:85:39:01:f3:ed:11:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 00:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bead4ffa67ae6bd1b198c7084ec429ddcf1a733b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6b:e2:0e:51:5f:79:7f:de:f9:d1:f8:fe:c8:
1d:7f:f8:12:56:a3:f8:be:5f:2f:4f:52:7b:7c:6d:
9c:63:9a:d9:d4:b2:83:93:87:84:76:04:45:24:3e:
cf:60:a1:e8:91:39:d0:f5:f8:6f:07:b0:d5:b7:a9:
65:8b:8e:f3:51:84:bd:e7:59:0d:49:22:8b:f4:b4:
cb:b9:1b:bb:4c:6c:9f:07:b2:6e:19:60:f8:54:e2:
c2:df:79:f0:aa:2d:8f:ec:0e:e9:18:a4:52:d3:fa:
87:72:1b:5a:b9:8b:77:60:bb:6a:ae:87:0f:e8:da:
88:5a:0a:96:a5:b2:17:cf:30:c3:70:61:40:27:05:
99:cc:dc:55:81:2d:3b:08:4a:c9:e4:5f:10:6d:7b:
87:4f:b5:a3:c5:cd:b8:e7:49:08:3d:42:7b:36:e9:
40:4d:e2:05:e8:27:ff:c6:db:2b:8b:3f:e8:de:0f:
43:9c:09:72:ca:7f:07:40:da:61:38:46:99:1d:3b:
83:a2:32:65:e9:3a:5b:12:a0:85:c8:e6:7b:a1:85:
64:f1:bf:24:5f:d8:8e:2c:ce:99:c6:f5:25:ba:f1:
25:de:88:1c:d4:48:50:0c:a2:c6:58:f2:56:70:24:
5d:82:3c:86:73:f5:4b:af:e0:8f:8f:21:b1:37:3e:
e4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:AD:4F:FA:67:AE:6B:D1:B1:98:C7:08:4E:C4:29:DD:CF:1A:73:3B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/vq1P-meua9GxmMcITsQp3c8aczs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:cb:da:0d:6b:ec:15:bd:7f:38:9b:de:b8:1a:2f:e0:5b:a8:
07:6f:a8:ab:c3:53:47:14:51:35:37:49:b7:61:da:d8:bd:3a:
f1:2e:35:ab:ba:4a:09:56:9e:31:e6:f5:3f:a1:84:5f:b3:6f:
1b:c9:3f:65:89:f3:3d:dd:2a:cc:71:43:d4:d9:27:d8:15:8e:
6b:23:14:a4:62:4f:8a:12:56:5b:45:42:7a:44:e7:49:14:8a:
de:64:4a:c9:47:6b:63:59:60:0b:61:5a:b8:a6:27:5c:84:46:
aa:72:92:f5:2c:d3:7c:e5:9c:9a:e4:a3:2e:48:a9:e1:9d:ad:
51:45:de:be:d9:7f:dc:ea:86:ff:08:d5:c7:4c:38:75:a5:ab:
e4:84:8b:a1:67:76:3a:22:52:d1:6d:88:c2:42:d2:4b:57:e3:
c4:75:94:d0:10:a2:b5:79:83:ff:2a:20:21:53:70:51:be:f3:
36:ff:c3:2a:87:49:1c:83:23:21:51:d3:78:e7:c4:bc:5c:53:
d3:92:da:95:56:fd:62:e5:15:18:4c:10:73:53:66:c5:e6:03:
15:27:9d:1d:46:ff:d0:e9:e6:f3:99:c3:79:9b:49:35:d7:57:
e0:30:61:75:82:d3:62:3b:79:56:04:c4:80:0a:ad:71:4c:9c:
4b:f5:d8:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqge5zZEo8eg12FOQHz7RFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MDAxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWFkNGZmYTY3YWU2YmQxYjE5OGM3MDg0ZWM0MjlkZGNmMWE3MzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGviDlFfeX/e+dH4/sgdf/gSVqP4
vl8vT1J7fG2cY5rZ1LKDk4eEdgRFJD7PYKHokTnQ9fhvB7DVt6lli47zUYS951kN
SSKL9LTLuRu7TGyfB7JuGWD4VOLC33nwqi2P7A7pGKRS0/qHchtauYt3YLtqrocP
6NqIWgqWpbIXzzDDcGFAJwWZzNxVgS07CErJ5F8QbXuHT7Wjxc2450kIPUJ7NulA
TeIF6Cf/xtsriz/o3g9DnAlyyn8HQNphOEaZHTuDojJl6TpbEqCFyOZ7oYVk8b8k
X9iOLM6ZxvUluvEl3ogc1EhQDKLGWPJWcCRdgjyGc/VLr+CPjyGxNz7kwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL6tT/pnrmvRsZjHCE7EKd3PGnM7MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdnExUC1tZXVhOUd4bU1jSVRzUXAzYzhhY3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABfL2g1r7BW9fzib3rga
L+BbqAdvqKvDU0cUUTU3Sbdh2ti9OvEuNau6SglWnjHm9T+hhF+zbxvJP2WJ8z3d
KsxxQ9TZJ9gVjmsjFKRiT4oSVltFQnpE50kUit5kSslHa2NZYAthWrimJ1yERqpy
kvUs03zlnJrkoy5IqeGdrVFF3r7Zf9zqhv8I1cdMOHWlq+SEi6FndjoiUtFtiMJC
0ktX48R1lNAQorV5g/8qICFTcFG+8zb/wyqHSRyDIyFR03jnxLxcU9OS2pVW/WLl
FRhMEHNTZsXmAxUnnR1G/9Dp5vOZw3mbSTXXV+AwYXWC02I7eVYExIAKrXFMnEv1
2Jk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:41 2025 by rpki-client