Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/w2jJF5pyF7_Fx3YGYa5wHHHPN3k.roa
File: w2jJF5pyF7_Fx3YGYa5wHHHPN3k.roa (raw, json)
Hash identifier: 6KbCjH6DrSqZL/Amxh0Jd0hbqskE0exoR2TQzJG+3wA=
Subject key identifier: C3:68:C9:17:9A:72:17:BF:C5:C7:76:06:61:AE:70:1C:71:CF:37:79
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A66551A58180901105CF9B241AEB4A1A3
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/w2jJF5pyF7_Fx3YGYa5wHHHPN3k.roa
Signing time: Tue 05 Sep 2023 17:12:47 +0000
ROA not before: Tue 05 Sep 2023 17:12:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:66:55:1a:58:18:09:01:10:5c:f9:b2:41:ae:b4:a1:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 17:12:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c368c9179a7217bfc5c7760661ae701c71cf3779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:58:fb:05:2f:e3:8f:85:26:4b:99:be:6a:71:
96:53:ab:55:9d:3e:b6:0a:d7:f3:4f:fa:11:9f:ba:
26:f2:02:95:e8:c1:72:ba:0b:8e:84:4e:4d:11:4d:
69:4d:84:9b:c7:5d:ad:22:d7:9f:70:0d:5e:ae:88:
fe:ed:2a:03:51:f8:b9:2c:16:08:20:b1:52:a5:2a:
6c:8b:94:d2:8c:b4:9e:87:cb:e4:c2:bc:44:d0:aa:
7a:05:53:4d:08:39:1e:a0:ff:fe:33:14:23:7f:c8:
e7:5d:df:2b:72:de:45:3b:71:5c:df:38:71:7b:73:
14:f5:75:b0:05:aa:39:18:24:fc:ee:26:bb:19:9d:
4f:5a:36:63:bf:eb:89:65:73:d0:3f:05:31:b0:9a:
1a:45:e0:d9:53:39:1c:f1:56:6f:6d:57:77:c2:21:
75:b8:ca:e2:a9:9e:b5:9b:2a:61:7c:dd:7b:54:97:
b5:73:29:36:03:5b:1b:fe:9d:b3:58:36:26:43:41:
29:9d:fb:88:d4:f9:a5:1b:cc:6b:20:2d:35:e2:29:
21:e4:df:7b:1f:97:90:9b:be:1d:c7:a1:9c:67:2c:
b9:25:84:55:43:21:b3:aa:ce:eb:4b:73:5d:e1:93:
38:24:9c:d2:68:6b:a7:2b:4b:bd:a8:c1:99:2f:48:
8a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:68:C9:17:9A:72:17:BF:C5:C7:76:06:61:AE:70:1C:71:CF:37:79
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/w2jJF5pyF7_Fx3YGYa5wHHHPN3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:a9:a6:16:16:2b:f9:d6:01:b7:d7:f0:45:1f:a0:f9:b5:a1:
71:5d:d4:33:cc:7f:df:d5:5d:56:13:29:7b:0a:50:12:b9:83:
92:10:9b:8d:94:96:b5:c3:45:24:12:a2:69:4b:80:fa:83:3f:
45:d2:05:32:20:40:f9:44:e8:d4:09:cc:75:9a:70:3f:26:02:
6f:0a:c4:d3:c2:55:27:1f:2b:a2:4d:3d:95:4f:f7:48:e5:ff:
27:72:59:d5:aa:0f:86:d0:08:c4:38:b5:f3:65:16:ee:70:c4:
8d:bc:b0:29:fb:cf:41:da:0b:f0:41:90:a1:1a:7d:e1:d9:0b:
fe:3a:4b:21:9f:8f:24:14:80:75:8a:36:63:b9:1c:0c:b6:27:
86:2c:bb:26:3f:ca:ec:10:5b:cd:a6:4e:ec:ad:ed:ae:cd:b8:
7c:e9:c9:a7:5d:6b:f0:ae:8b:27:e1:f9:f4:71:a4:20:30:a7:
b9:2f:82:70:54:c7:af:b8:9b:a9:4e:59:67:7d:89:10:5a:d7:
cf:1d:3b:7b:73:c5:b5:c5:57:9c:b7:8e:74:a9:5e:06:7c:11:
b1:10:00:7e:a1:ef:af:8f:52:da:ff:89:1a:2c:ec:3a:78:59:
0b:cb:23:76:db:5c:d9:f3:65:0d:a4:0b:eb:bb:d6:f8:bd:4c:
c5:54:d5:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpmVRpYGAkBEFz5skGutKGjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MTcxMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzY4YzkxNzlhNzIxN2JmYzVjNzc2MDY2MWFlNzAxYzcxY2YzNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlj7BS/jj4UmS5m+anGWU6tVnT62
CtfzT/oRn7om8gKV6MFyuguOhE5NEU1pTYSbx12tItefcA1eroj+7SoDUfi5LBYI
ILFSpSpsi5TSjLSeh8vkwrxE0Kp6BVNNCDkeoP/+MxQjf8jnXd8rct5FO3Fc3zhx
e3MU9XWwBao5GCT87ia7GZ1PWjZjv+uJZXPQPwUxsJoaReDZUzkc8VZvbVd3wiF1
uMriqZ61myphfN17VJe1cyk2A1sb/p2zWDYmQ0EpnfuI1PmlG8xrIC014ikh5N97
H5eQm74dx6GcZyy5JYRVQyGzqs7rS3Nd4ZM4JJzSaGunK0u9qMGZL0iK7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMNoyReache/xcd2BmGucBxxzzd5MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdzJqSkY1cHlGN19GeDNZR1lhNXdISEhQTjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHSpphYWK/nWAbfX8EUf
oPm1oXFd1DPMf9/VXVYTKXsKUBK5g5IQm42UlrXDRSQSomlLgPqDP0XSBTIgQPlE
6NQJzHWacD8mAm8KxNPCVScfK6JNPZVP90jl/ydyWdWqD4bQCMQ4tfNlFu5wxI28
sCn7z0HaC/BBkKEafeHZC/46SyGfjyQUgHWKNmO5HAy2J4YsuyY/yuwQW82mTuyt
7a7NuHzpyadda/Cuiyfh+fRxpCAwp7kvgnBUx6+4m6lOWWd9iRBa188dO3tzxbXF
V5y3jnSpXgZ8EbEQAH6h76+PUtr/iRos7Dp4WQvLI3bbXNnzZQ2kC+u71vi9TMVU
1UI=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:24 2025 by rpki-client