Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/whaY_YUJk-heNFdf_3_McgQEOM8.roa
File: whaY_YUJk-heNFdf_3_McgQEOM8.roa (raw, json)
Hash identifier: FrW+DHFLtAlhlkMDdyr4xGYvgcXSxHLMkhY/EXolmLk=
Subject key identifier: C2:16:98:FD:85:09:93:E8:5E:34:57:5F:FF:7F:CC:72:04:04:38:CF
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9666BD2B469358906DB7447606923B7E
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/whaY_YUJk-heNFdf_3_McgQEOM8.roa
Signing time: Fri 15 Sep 2023 01:13:50 +0000
ROA not before: Fri 15 Sep 2023 01:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:96:66:bd:2b:46:93:58:90:6d:b7:44:76:06:92:3b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 15 01:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c21698fd850993e85e34575fff7fcc72040438cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:48:52:4e:20:61:63:51:24:36:ca:b7:a5:86:
8e:e0:94:9e:d3:8f:fa:2d:61:54:8c:be:9d:5b:7c:
eb:80:2b:50:18:56:54:24:4f:67:b3:3b:45:1d:20:
b2:36:46:cc:15:f9:63:6a:ff:da:ba:dc:3b:52:59:
6e:ad:c8:8e:d4:20:cb:b6:9b:f1:30:26:4f:50:de:
e6:cb:d2:bb:5f:4d:94:07:a0:ce:65:c8:b0:f4:06:
b7:f3:a8:32:19:7d:0c:c6:9e:75:41:71:a2:8c:08:
22:cf:d4:fe:9c:c5:fe:03:3a:6f:e3:6d:86:5e:4e:
7b:30:db:31:2c:bb:af:cc:84:c7:27:e3:cc:cd:13:
f2:06:1a:c5:45:be:b7:25:ba:dd:34:81:94:1f:85:
05:34:b2:01:5c:51:eb:50:f9:73:e3:91:80:50:0c:
88:73:bb:ff:93:25:61:d7:ea:5d:33:08:26:25:60:
f6:63:f3:77:97:c3:32:93:83:58:9e:47:91:49:1e:
ec:a9:6f:ae:26:62:14:a3:d2:d0:b5:d4:95:94:8e:
45:6f:c0:4e:2d:5f:f6:42:1c:7e:e9:96:8a:8a:ae:
e7:cf:4a:8b:ce:72:b4:36:07:c0:cb:56:10:5c:49:
36:2e:fd:72:0d:d2:55:1a:bc:c2:ca:93:cd:c2:ed:
e4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:16:98:FD:85:09:93:E8:5E:34:57:5F:FF:7F:CC:72:04:04:38:CF
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/whaY_YUJk-heNFdf_3_McgQEOM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1b:2c:b2:f1:ee:0e:43:98:96:20:4e:4b:ac:72:72:3a:fd:48:
2a:a9:9b:8e:5d:0a:e0:d6:79:20:f5:05:00:c8:55:6d:44:b3:
ed:d7:e2:fc:8b:b6:04:a9:0c:78:8d:dd:0e:9c:5e:de:f3:ec:
c6:74:a6:87:06:c0:5d:0a:e7:93:fa:50:8f:0b:ff:20:70:93:
81:72:c7:e6:cc:f4:48:c4:62:18:3b:2b:73:04:33:7e:0f:80:
be:79:12:14:50:4c:77:a4:19:35:b1:e5:97:61:c0:56:21:a0:
44:f6:1a:3b:05:49:e8:d3:80:4d:32:36:c2:bc:6b:12:7b:77:
b7:f5:ee:81:b1:41:0e:37:5f:7f:c0:56:b5:54:7a:b4:9e:36:
28:c7:1d:2b:03:f1:d3:51:6f:ab:82:e5:72:69:2e:5b:d9:4c:
9c:12:b4:72:76:4c:4c:1f:2d:14:a6:f2:0b:85:5c:dd:11:e0:
74:9d:db:ca:62:bf:de:0d:26:f8:c4:33:4b:43:a7:a5:2d:18:
fc:78:8e:12:04:1d:9d:c5:68:6f:e5:9f:f6:ab:74:80:25:ba:
d0:24:a7:fd:87:ab:cc:f3:80:59:41:64:c8:96:0f:78:44:fd:
40:d5:8f:2e:11:7a:1b:ed:5d:96:e8:eb:ec:d8:50:88:fe:93:
c4:1a:d9:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqWZr0rRpNYkG23RHYGkjt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE1MDExMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjE2OThmZDg1MDk5M2U4NWUzNDU3NWZmZjdmY2M3MjA0MDQzOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkhSTiBhY1EkNsq3pYaO4JSe04/6
LWFUjL6dW3zrgCtQGFZUJE9nsztFHSCyNkbMFfljav/autw7UllurciO1CDLtpvx
MCZPUN7my9K7X02UB6DOZciw9Aa386gyGX0Mxp51QXGijAgiz9T+nMX+Azpv422G
Xk57MNsxLLuvzITHJ+PMzRPyBhrFRb63JbrdNIGUH4UFNLIBXFHrUPlz45GAUAyI
c7v/kyVh1+pdMwgmJWD2Y/N3l8Myk4NYnkeRSR7sqW+uJmIUo9LQtdSVlI5Fb8BO
LV/2Qhx+6ZaKiq7nz0qLznK0NgfAy1YQXEk2Lv1yDdJVGrzCypPNwu3kdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMIWmP2FCZPoXjRXX/9/zHIEBDjPMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvd2hhWV9ZVUprLWhlTkZkZl8zX01jZ1FFT004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABsssvHuDkOYliBOS6xy
cjr9SCqpm45dCuDWeSD1BQDIVW1Es+3X4vyLtgSpDHiN3Q6cXt7z7MZ0pocGwF0K
55P6UI8L/yBwk4Fyx+bM9EjEYhg7K3MEM34PgL55EhRQTHekGTWx5ZdhwFYhoET2
GjsFSejTgE0yNsK8axJ7d7f17oGxQQ43X3/AVrVUerSeNijHHSsD8dNRb6uC5XJp
LlvZTJwStHJ2TEwfLRSm8guFXN0R4HSd28piv94NJvjEM0tDp6UtGPx4jhIEHZ3F
aG/ln/ardIAlutAkp/2Hq8zzgFlBZMiWD3hE/UDVjy4RehvtXZbo6+zYUIj+k8Qa
2bM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:41 2025 by rpki-client