Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/wPrmI49_FhLVvXbyETzPBFgF_Qw.roa
File: wPrmI49_FhLVvXbyETzPBFgF_Qw.roa (raw, json)
Hash identifier: YWbM1hDTzO9k3ygP1TbBAR2J7ESpCRd0YLiS8O+eamQ=
Subject key identifier: C0:FA:E6:23:8F:7F:16:12:D5:BD:76:F2:11:3C:CF:04:58:05:FD:0C
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A473B03DF59EF5C4A2EA260B554744450
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/wPrmI49_FhLVvXbyETzPBFgF_Qw.roa
Signing time: Wed 30 Aug 2023 16:16:04 +0000
ROA not before: Wed 30 Aug 2023 16:16:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:47:3b:03:df:59:ef:5c:4a:2e:a2:60:b5:54:74:44:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 16:16:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0fae6238f7f1612d5bd76f2113ccf045805fd0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:76:ab:36:ee:8a:49:f4:59:d6:fc:07:fe:94:
2e:15:55:e3:31:b2:2e:0d:00:1e:5e:9d:b0:d3:4b:
69:df:f9:01:92:1a:94:f2:67:cc:1d:e6:58:6d:d6:
01:20:bf:50:49:77:81:9d:f8:1e:70:77:3d:60:46:
e0:4b:26:8c:14:11:a6:ac:b1:87:15:64:35:fe:31:
2e:e3:7e:c7:4e:6e:e7:b8:56:07:9c:f4:b6:4a:7d:
ae:f3:19:2e:b3:a3:67:cd:14:92:f5:e0:8f:57:2a:
d6:34:93:2a:1c:87:a1:84:69:e9:bf:e5:ba:f4:01:
65:9f:bf:56:e9:50:14:ea:f3:b8:36:1d:90:03:48:
b9:fe:ed:7b:9f:44:74:71:77:8e:33:36:1c:29:5c:
47:42:e5:d2:a0:db:ee:7f:9c:ae:84:88:00:ba:18:
ae:d5:7b:7e:6a:03:0c:73:12:b5:6c:20:20:c1:46:
63:36:88:cd:8c:94:1b:9a:0a:ab:76:ec:43:54:53:
ed:2e:d5:86:5b:f4:d4:c2:a9:94:fc:17:49:3c:c4:
53:4b:88:a4:97:6f:e6:9d:11:95:28:7f:7c:75:b1:
70:bf:eb:5a:62:d4:2b:a7:ca:6c:f9:5d:31:8c:15:
5c:07:53:3c:3c:ce:f6:de:11:fc:98:ab:f5:be:9d:
d9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:FA:E6:23:8F:7F:16:12:D5:BD:76:F2:11:3C:CF:04:58:05:FD:0C
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/wPrmI49_FhLVvXbyETzPBFgF_Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:9e:d0:e8:06:48:8a:a8:5d:d8:c0:1d:da:ec:3f:56:45:cd:
21:ad:cf:ce:3b:5d:8f:5f:30:cb:53:53:d4:68:f1:b8:42:10:
86:c8:d0:ff:1f:71:c8:fb:6f:64:2a:56:da:ed:d8:66:ab:bd:
86:ce:62:6e:9a:a2:f8:c3:bb:e9:14:e9:ef:6c:5b:81:a6:8f:
43:10:69:0e:db:5b:76:eb:d7:ab:1e:9c:6d:00:2b:bf:b9:4f:
cb:2e:53:6f:0b:6d:18:22:90:0d:ac:cc:78:00:21:8d:87:62:
92:85:76:0c:62:65:5d:a3:9a:59:86:ea:cd:b7:ab:a3:7b:b4:
fa:c4:53:93:79:fe:ce:23:12:22:9d:d4:49:f5:8c:49:b3:bb:
d8:49:f8:be:42:81:6d:f8:c3:93:eb:38:96:f5:f4:90:b9:cc:
11:21:34:62:6d:e6:9c:58:d1:14:e2:a9:f8:76:8a:99:34:77:
58:68:4b:df:5a:ab:a9:45:b7:d2:be:cf:af:9c:1e:5c:80:09:
d9:f0:b7:45:47:fd:96:74:5e:83:d5:49:d1:2b:20:f2:43:9a:
5d:aa:f0:f4:71:35:61:cf:33:fb:72:f2:d6:81:c8:c7:0c:b8:
03:c7:14:6f:8a:21:59:fb:c1:cf:a6:ff:2c:bb:63:36:0f:87:
c8:e3:5b:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpHOwPfWe9cSi6iYLVUdERQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMTYxNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGZhZTYyMzhmN2YxNjEyZDViZDc2ZjIxMTNjY2YwNDU4MDVmZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3arNu6KSfRZ1vwH/pQuFVXjMbIu
DQAeXp2w00tp3/kBkhqU8mfMHeZYbdYBIL9QSXeBnfgecHc9YEbgSyaMFBGmrLGH
FWQ1/jEu437HTm7nuFYHnPS2Sn2u8xkus6NnzRSS9eCPVyrWNJMqHIehhGnpv+W6
9AFln79W6VAU6vO4Nh2QA0i5/u17n0R0cXeOMzYcKVxHQuXSoNvuf5yuhIgAuhiu
1Xt+agMMcxK1bCAgwUZjNojNjJQbmgqrduxDVFPtLtWGW/TUwqmU/BdJPMRTS4ik
l2/mnRGVKH98dbFwv+taYtQrp8ps+V0xjBVcB1M8PM723hH8mKv1vp3Z9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMD65iOPfxYS1b128hE8zwRYBf0MMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvd1BybUk0OV9GaExWdlhieUVUelBCRmdGX1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACCe0OgGSIqoXdjAHdrs
P1ZFzSGtz847XY9fMMtTU9Ro8bhCEIbI0P8fccj7b2QqVtrt2GarvYbOYm6aovjD
u+kU6e9sW4Gmj0MQaQ7bW3br16senG0AK7+5T8suU28LbRgikA2szHgAIY2HYpKF
dgxiZV2jmlmG6s23q6N7tPrEU5N5/s4jEiKd1En1jEmzu9hJ+L5CgW34w5PrOJb1
9JC5zBEhNGJt5pxY0RTiqfh2ipk0d1hoS99aq6lFt9K+z6+cHlyACdnwt0VH/ZZ0
XoPVSdErIPJDml2q8PRxNWHPM/ty8taByMcMuAPHFG+KIVn7wc+m/yy7YzYPh8jj
W0Y=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:59 2025 by rpki-client