Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/xpenK0SMafZLWYU7v8Bhnrbg-7g.roa
File: xpenK0SMafZLWYU7v8Bhnrbg-7g.roa (raw, json)
Hash identifier: Ap+JsM62hrJNpoQKHPCWtvx8iji0dNP1YQBbup203/o=
Subject key identifier: C6:97:A7:2B:44:8C:69:F6:4B:59:85:3B:BF:C0:61:9E:B6:E0:FB:B8
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6D34D7F812F5D990DE7B17875F7CEE42
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/xpenK0SMafZLWYU7v8Bhnrbg-7g.roa
Signing time: Thu 07 Sep 2023 01:14:54 +0000
ROA not before: Thu 07 Sep 2023 01:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6d:34:d7:f8:12:f5:d9:90:de:7b:17:87:5f:7c:ee:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 7 01:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c697a72b448c69f64b59853bbfc0619eb6e0fbb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2b:05:ea:78:26:f5:c1:1a:d2:d4:f4:e9:07:
62:8d:80:63:1a:39:fb:0c:f2:60:09:ea:50:84:f6:
09:54:ab:f6:4a:9f:d0:e4:16:62:df:17:a6:e7:8e:
48:cc:5b:16:a8:7f:1d:cd:54:37:82:8c:0b:fa:93:
22:11:92:e5:c7:25:3b:7a:e6:0b:95:c8:fb:e3:18:
1a:12:d8:05:d2:ed:72:e8:df:6a:eb:c5:34:52:8f:
94:8d:0d:97:3a:4f:89:f9:67:b7:d0:d6:b7:ec:1b:
d1:3a:14:7f:43:48:d9:25:82:51:9e:c4:c1:e4:cb:
36:e0:09:2e:a1:ee:80:1e:d1:b4:0e:b3:85:54:8e:
55:5b:21:3c:7d:57:10:3a:ac:cd:17:88:a6:72:ce:
e9:ad:19:a8:5b:c7:3e:7d:97:cd:a3:dc:8c:ad:d7:
79:81:17:67:bc:a6:cb:90:9e:55:ce:5d:65:35:05:
13:21:16:fe:d5:8b:70:20:90:9e:cf:ad:1a:a1:d5:
65:b4:a1:1c:8e:23:f8:53:6e:6f:ab:35:54:fe:a4:
9d:b4:a0:f1:6c:7f:ad:4b:77:39:7b:92:f6:a2:05:
2d:44:72:6f:18:5e:4c:57:e6:91:9f:5b:37:e5:e2:
48:39:e5:e9:6f:b2:1c:1f:e8:f9:26:4c:a6:28:39:
17:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:97:A7:2B:44:8C:69:F6:4B:59:85:3B:BF:C0:61:9E:B6:E0:FB:B8
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/xpenK0SMafZLWYU7v8Bhnrbg-7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:6c:97:f0:fa:7d:61:10:a6:2e:90:6e:e9:24:f9:98:3a:cd:
9e:42:e4:fe:d8:51:76:be:09:10:f8:a5:8d:da:9b:cc:d6:38:
be:64:88:d6:6d:57:af:ca:f8:a2:54:5f:97:bd:53:66:86:39:
ee:a4:d1:20:ad:28:58:ba:8a:da:5f:cc:12:51:a4:b3:c6:c5:
0d:b2:bd:28:60:d8:22:c5:b1:1b:75:1e:3e:96:51:28:e9:69:
c2:18:4e:eb:c4:fe:d8:2d:90:41:34:2b:72:62:5c:75:5d:c2:
d4:1f:44:40:71:70:d2:c4:cd:e4:90:cb:f5:9b:b6:dc:dc:5d:
70:b8:eb:99:29:77:12:92:20:ef:48:88:d9:d0:e5:6e:03:86:
5d:a8:27:3f:47:4e:76:af:e0:15:bc:b1:ee:e2:81:f0:f1:b2:
d6:0e:bd:2c:ba:73:cf:7c:d9:cf:9b:24:07:62:7a:00:e3:05:
88:4d:1c:0d:db:a7:4f:e5:8b:00:af:13:30:79:90:80:97:34:
8c:e1:c6:00:2e:c7:d9:3c:29:a1:a2:42:17:66:57:c6:67:86:
e6:28:ad:a6:2f:8c:a6:8c:80:7d:6e:a6:6a:0f:31:c9:25:e1:
ec:21:3a:ac:62:b8:3f:0c:19:ce:eb:cb:02:49:19:a5:2c:ad:
09:cc:d9:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYptNNf4EvXZkN57F4dffO5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA3MDExNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjk3YTcyYjQ0OGM2OWY2NGI1OTg1M2JiZmMwNjE5ZWI2ZTBmYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSsF6ngm9cEa0tT06QdijYBjGjn7
DPJgCepQhPYJVKv2Sp/Q5BZi3xem545IzFsWqH8dzVQ3gowL+pMiEZLlxyU7euYL
lcj74xgaEtgF0u1y6N9q68U0Uo+UjQ2XOk+J+We30Na37BvROhR/Q0jZJYJRnsTB
5Ms24Akuoe6AHtG0DrOFVI5VWyE8fVcQOqzNF4imcs7prRmoW8c+fZfNo9yMrdd5
gRdnvKbLkJ5Vzl1lNQUTIRb+1YtwIJCez60aodVltKEcjiP4U25vqzVU/qSdtKDx
bH+tS3c5e5L2ogUtRHJvGF5MV+aRn1s35eJIOeXpb7IcH+j5JkymKDkXIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMaXpytEjGn2S1mFO7/AYZ624Pu4MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEveHBlbkswU01hZlpMV1lVN3Y4QmhucmJnLTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADRsl/D6fWEQpi6Qbukk
+Zg6zZ5C5P7YUXa+CRD4pY3am8zWOL5kiNZtV6/K+KJUX5e9U2aGOe6k0SCtKFi6
itpfzBJRpLPGxQ2yvShg2CLFsRt1Hj6WUSjpacIYTuvE/tgtkEE0K3JiXHVdwtQf
REBxcNLEzeSQy/WbttzcXXC465kpdxKSIO9IiNnQ5W4Dhl2oJz9HTnav4BW8se7i
gfDxstYOvSy6c8982c+bJAdiegDjBYhNHA3bp0/liwCvEzB5kICXNIzhxgAux9k8
KaGiQhdmV8ZnhuYoraYvjKaMgH1upmoPMckl4ewhOqxiuD8MGc7rywJJGaUsrQnM
2fE=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:14:41 2025 by rpki-client