Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/wCL3b0VtuYE-ccRgiARQqw-KoQE.roa
File: wCL3b0VtuYE-ccRgiARQqw-KoQE.roa (raw, json)
Hash identifier: FNq8LwrK1sJ0YGIpFj//Y4ig9jc8PyIwtp4AjiKmkJ8=
Subject key identifier: C0:22:F7:6F:45:6D:B9:81:3E:71:C4:60:88:04:50:AB:0F:8A:A1:01
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5CAB99CC18EC60044DC2D3920433B5F8
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/wCL3b0VtuYE-ccRgiARQqw-KoQE.roa
Signing time: Sun 03 Sep 2023 20:11:04 +0000
ROA not before: Sun 03 Sep 2023 20:11:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5c:ab:99:cc:18:ec:60:04:4d:c2:d3:92:04:33:b5:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 20:11:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c022f76f456db9813e71c460880450ab0f8aa101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:91:ba:59:6d:e9:bc:34:b3:00:cb:dc:e8:9c:
b6:ec:04:c0:07:14:02:1b:66:31:4b:fb:76:9c:1a:
6d:6e:a7:12:b1:d0:5a:62:84:e4:87:e7:c5:2d:47:
1a:cd:48:14:6f:52:ee:22:ac:3a:00:76:19:c2:b6:
66:67:f2:85:f0:fd:f4:f4:08:15:c5:a8:f2:53:fb:
59:ff:a7:ae:1a:ab:30:27:f6:62:94:4e:3e:83:c9:
27:49:e8:3d:b8:50:b1:87:60:0b:97:45:6c:48:85:
c2:00:8f:57:a6:fd:e1:00:ae:cb:75:93:90:50:bd:
9f:af:eb:44:99:64:5f:42:31:ed:33:42:38:76:fa:
85:d2:4b:ef:ec:c6:9e:4e:79:0b:50:bf:61:ee:ca:
c6:c5:26:1b:2c:49:b3:50:b2:42:01:91:5f:56:8a:
d6:a8:51:67:20:8b:41:ec:c0:a5:f3:89:b0:f7:c4:
e5:f7:17:f8:91:49:3f:b5:5b:ac:a0:7c:44:34:6c:
ec:de:a6:25:b1:61:d7:cd:b0:61:06:0e:81:bf:a6:
a7:a8:03:af:d1:6c:fb:42:dd:65:47:da:0a:d7:d2:
21:f5:34:97:e6:c6:15:3e:9a:47:47:f4:62:dd:56:
aa:e3:44:0c:aa:cc:d9:1a:8e:e0:84:f1:23:4b:a5:
05:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:22:F7:6F:45:6D:B9:81:3E:71:C4:60:88:04:50:AB:0F:8A:A1:01
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/wCL3b0VtuYE-ccRgiARQqw-KoQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:31:d3:42:c4:b3:81:9a:af:88:44:56:71:2f:2f:12:1f:82:
13:44:f2:a3:e9:9e:f7:6a:93:e7:fa:af:e4:a5:5c:0c:aa:89:
49:c1:38:dd:e2:e3:7a:0a:4b:11:59:27:a0:76:fd:35:dd:af:
63:f9:22:e2:ae:4c:78:2c:fd:a5:ea:3b:aa:a3:b7:b4:ab:7c:
db:38:29:24:f4:6b:5f:cb:41:74:57:ca:00:59:c1:d1:d7:34:
a8:d6:e8:56:7f:eb:5e:3d:ce:2b:c3:19:f4:d6:47:23:c7:5f:
6c:64:4e:4a:01:0e:2a:4b:99:7f:9c:3c:25:38:ff:a2:56:6b:
1a:d9:3f:a3:0b:08:bb:d5:a9:2b:5a:70:b3:44:08:03:5b:73:
30:9c:29:33:5e:2e:20:16:64:e3:1f:d5:7a:43:16:1d:f6:82:
76:18:72:26:fd:03:3a:2b:aa:92:6f:da:62:1d:6f:1d:0a:ee:
f4:5e:88:1d:b5:7f:1f:b1:52:de:95:b1:d6:64:1d:db:b5:fc:
33:f8:98:9f:c1:47:65:4b:67:93:b7:11:55:ba:d5:09:19:4b:
4f:4f:b8:d7:6f:f9:90:15:06:65:d4:5e:46:63:32:ab:b5:2a:
50:bf:8e:ab:ad:4d:5b:34:a2:5e:8b:48:c0:a0:44:60:42:8e:
20:96:e7:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpcq5nMGOxgBE3C05IEM7X4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMjAxMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDIyZjc2ZjQ1NmRiOTgxM2U3MWM0NjA4ODA0NTBhYjBmOGFhMTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pG6WW3pvDSzAMvc6Jy27ATABxQC
G2YxS/t2nBptbqcSsdBaYoTkh+fFLUcazUgUb1LuIqw6AHYZwrZmZ/KF8P309AgV
xajyU/tZ/6euGqswJ/ZilE4+g8knSeg9uFCxh2ALl0VsSIXCAI9Xpv3hAK7LdZOQ
UL2fr+tEmWRfQjHtM0I4dvqF0kvv7MaeTnkLUL9h7srGxSYbLEmzULJCAZFfVorW
qFFnIItB7MCl84mw98Tl9xf4kUk/tVusoHxENGzs3qYlsWHXzbBhBg6Bv6anqAOv
0Wz7Qt1lR9oK19Ih9TSX5sYVPppHR/Ri3Vaq40QMqszZGo7ghPEjS6UFEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMAi929FbbmBPnHEYIgEUKsPiqEBMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvd0NMM2IwVnR1WUUtY2NSZ2lBUlFxdy1Lb1FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEUx00LEs4Gar4hEVnEv
LxIfghNE8qPpnvdqk+f6r+SlXAyqiUnBON3i43oKSxFZJ6B2/TXdr2P5IuKuTHgs
/aXqO6qjt7SrfNs4KST0a1/LQXRXygBZwdHXNKjW6FZ/6149zivDGfTWRyPHX2xk
TkoBDipLmX+cPCU4/6JWaxrZP6MLCLvVqStacLNECANbczCcKTNeLiAWZOMf1XpD
Fh32gnYYcib9AzorqpJv2mIdbx0K7vReiB21fx+xUt6VsdZkHdu1/DP4mJ/BR2VL
Z5O3EVW61QkZS09PuNdv+ZAVBmXUXkZjMqu1KlC/jqutTVs0ol6LSMCgRGBCjiCW
59I=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:21 2025 by rpki-client