Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/wIAyPbuzJF9bQjTQBrmW_WoMROg.roa
File: wIAyPbuzJF9bQjTQBrmW_WoMROg.roa (raw, json)
Hash identifier: MB3hNu111OwGcHF4YN0eBchuY3woBf9oICRyMrGswDQ=
Subject key identifier: C0:80:32:3D:BB:B3:24:5F:5B:42:34:D0:06:B9:96:FD:6A:0C:44:E8
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A74EBABE33C3B45F2ECD1CBA4345EF086
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/wIAyPbuzJF9bQjTQBrmW_WoMROg.roa
Signing time: Fri 08 Sep 2023 13:11:56 +0000
ROA not before: Fri 08 Sep 2023 13:11:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:74e5:3139/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:74:eb:ab:e3:3c:3b:45:f2:ec:d1:cb:a4:34:5e:f0:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 8 13:11:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c080323dbbb3245f5b4234d006b996fd6a0c44e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:50:44:ef:ba:14:73:d8:55:d2:c2:fd:c8:79:
11:0b:74:2a:8f:2f:cb:94:b8:9b:1e:70:b8:d4:b0:
7b:3a:90:35:d4:f7:59:08:7b:e6:8e:ef:1a:19:ce:
20:66:b6:fe:94:57:53:a9:bb:40:d9:cd:93:63:13:
a5:29:c5:28:c4:95:e4:ec:54:aa:16:0b:f0:8e:b0:
15:48:d7:c7:66:e1:62:66:65:4b:92:3b:6e:00:7f:
8e:65:62:b9:60:68:f8:2f:3d:57:e6:a9:11:dd:25:
9c:9d:32:8a:03:0b:2e:2c:ed:bd:0c:5f:09:47:9e:
3b:05:bc:da:bf:33:69:21:de:39:bc:8f:ee:09:88:
0a:35:44:8f:0e:87:da:af:46:e0:9c:14:1b:76:b5:
6e:2f:f9:1d:43:d2:2f:eb:e2:09:13:be:e1:a8:b4:
38:34:0d:77:af:d9:59:61:2a:5d:c5:34:35:95:21:
2b:4a:92:9f:6b:23:44:80:38:2f:70:45:13:50:a6:
10:6c:f4:2f:07:37:5a:f9:9f:a5:dd:33:f3:83:f9:
21:df:9f:77:bc:a9:85:d4:f7:09:11:d1:8a:01:7a:
01:68:b1:b2:50:aa:d4:fc:3e:b9:c1:0a:1c:e3:57:
1a:80:73:b6:c5:65:cb:af:10:20:bc:bf:01:bc:6f:
15:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:80:32:3D:BB:B3:24:5F:5B:42:34:D0:06:B9:96:FD:6A:0C:44:E8
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/wIAyPbuzJF9bQjTQBrmW_WoMROg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:22:ce:73:e0:6f:21:e9:be:a5:b9:fd:cf:f1:c3:c4:72:74:
86:ad:13:76:95:d3:96:6a:43:da:3c:96:8d:38:48:d2:2b:64:
42:c6:8e:7f:16:a2:e5:91:dd:9c:fe:fb:77:6a:d6:0f:87:12:
c2:81:6e:f8:a7:6a:a4:37:30:f5:9f:5d:6e:03:99:c8:92:55:
16:53:6d:a6:bb:c3:5c:e7:ba:08:e7:e5:0e:61:d9:0c:46:e7:
e3:e7:5e:b1:cc:8a:12:de:3c:cf:2e:f3:0a:97:c8:b3:6d:ba:
cf:9a:7c:73:7c:4f:92:84:c3:b4:6a:00:e0:7c:49:4d:13:0a:
82:da:b4:34:99:b6:4e:f3:0d:ce:de:81:c3:ef:dd:30:03:4c:
f8:90:9b:c3:b4:af:b7:ab:bb:c8:48:73:67:65:a2:5f:58:aa:
10:26:d9:36:51:ec:c7:16:a2:27:10:8d:45:f8:a3:3c:73:db:
33:6d:81:ee:39:c7:a7:bd:ec:f1:4a:f6:da:31:41:12:d8:32:
7f:c9:14:f4:bd:77:a9:d5:f7:9c:5e:a8:dc:ce:85:31:96:05:
d5:ea:ca:17:96:03:90:bd:e9:46:8a:d4:21:90:fb:f3:16:88:
fc:34:db:e8:e1:90:28:62:2c:8d:90:6d:c7:af:bc:61:80:d6:
f5:0d:a6:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp066vjPDtF8uzRy6Q0XvCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA4MTMxMTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDgwMzIzZGJiYjMyNDVmNWI0MjM0ZDAwNmI5OTZmZDZhMGM0NGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1BE77oUc9hV0sL9yHkRC3Qqjy/L
lLibHnC41LB7OpA11PdZCHvmju8aGc4gZrb+lFdTqbtA2c2TYxOlKcUoxJXk7FSq
FgvwjrAVSNfHZuFiZmVLkjtuAH+OZWK5YGj4Lz1X5qkR3SWcnTKKAwsuLO29DF8J
R547BbzavzNpId45vI/uCYgKNUSPDofar0bgnBQbdrVuL/kdQ9Iv6+IJE77hqLQ4
NA13r9lZYSpdxTQ1lSErSpKfayNEgDgvcEUTUKYQbPQvBzda+Z+l3TPzg/kh3593
vKmF1PcJEdGKAXoBaLGyUKrU/D65wQoc41cagHO2xWXLrxAgvL8BvG8VyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMCAMj27syRfW0I00Aa5lv1qDEToMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvd0lBeVBidXpKRjliUWpUUUJybVdfV29NUk9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACIiznPgbyHpvqW5/c/x
w8RydIatE3aV05ZqQ9o8lo04SNIrZELGjn8WouWR3Zz++3dq1g+HEsKBbvinaqQ3
MPWfXW4DmciSVRZTbaa7w1znugjn5Q5h2QxG5+PnXrHMihLePM8u8wqXyLNtus+a
fHN8T5KEw7RqAOB8SU0TCoLatDSZtk7zDc7egcPv3TADTPiQm8O0r7eru8hIc2dl
ol9YqhAm2TZR7McWoicQjUX4ozxz2zNtge45x6e97PFK9toxQRLYMn/JFPS9d6nV
95xeqNzOhTGWBdXqyheWA5C96UaK1CGQ+/MWiPw02+jhkChiLI2QbcevvGGA1vUN
pj8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:38 2025 by rpki-client