Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ygCToc4_8xxZJVGQu_wo4tQlDMY.roa
File: ygCToc4_8xxZJVGQu_wo4tQlDMY.roa (raw, json)
Hash identifier: 9d/z7RNYJBaoleNjvg+ONdcOjtiUETRd+7MDpMJVD0Y=
Subject key identifier: CA:00:93:A1:CE:3F:F3:1C:59:25:51:90:BB:FC:28:E2:D4:25:0C:C6
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA0E97991EFDE1C3B9B0CE9EAD68D4F4B
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ygCToc4_8xxZJVGQu_wo4tQlDMY.roa
Signing time: Sun 17 Sep 2023 02:12:50 +0000
ROA not before: Sun 17 Sep 2023 02:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a0:e9:79:91:ef:de:1c:3b:9b:0c:e9:ea:d6:8d:4f:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 02:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca0093a1ce3ff31c59255190bbfc28e2d4250cc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:eb:58:6a:0f:78:f6:69:1f:eb:da:51:ab:5c:
d6:9e:66:66:14:51:91:b2:fc:44:23:54:05:39:8a:
27:54:c0:d5:1c:44:08:d3:44:34:d3:5b:08:c0:76:
8e:30:d5:41:3c:a7:f8:5d:b4:61:d9:92:a7:0c:76:
bd:dc:2d:4e:90:ed:0b:c9:58:bd:f8:8b:5b:b1:03:
11:c6:01:ec:14:40:ee:d7:e3:07:07:93:21:0b:79:
ba:81:ec:69:15:e1:33:ca:9e:24:6e:2c:d6:6d:0a:
cf:61:41:19:f6:ad:68:f8:92:49:20:0e:6b:3e:0d:
61:21:b4:e0:37:58:78:0a:66:83:e7:16:b1:a5:60:
e1:f3:a4:87:36:da:8a:d6:3f:79:03:8a:68:d1:88:
22:fa:90:f1:ed:15:3a:65:67:3e:cc:dd:3f:f5:d8:
cb:e9:a6:8b:d4:d3:d3:ca:8e:7a:d8:9e:2b:9b:87:
dd:8e:9e:48:c5:5e:d9:16:64:76:7f:6a:a4:70:f4:
59:6f:29:bc:ac:cb:56:f7:ec:b5:25:17:f5:b1:4c:
67:b9:9f:3a:95:92:36:9d:0a:96:fe:96:2f:bc:eb:
83:0e:c7:28:c0:db:36:ec:fd:7b:50:55:e2:25:cd:
58:ca:af:10:66:6e:a6:db:f7:04:8d:8f:ed:d3:ce:
aa:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:00:93:A1:CE:3F:F3:1C:59:25:51:90:BB:FC:28:E2:D4:25:0C:C6
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ygCToc4_8xxZJVGQu_wo4tQlDMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:af:6d:3d:7f:9d:41:92:ef:d7:c5:60:83:f0:31:c1:75:5b:
30:36:ce:be:92:12:7c:43:ae:c8:47:af:a7:4d:0d:f6:62:d7:
23:d0:47:49:28:84:de:ee:ad:27:06:aa:9b:85:af:ca:30:53:
8b:58:e9:4e:43:1e:28:91:96:41:81:c5:bd:e2:a0:3f:1f:e9:
01:be:0c:c4:a7:b9:39:de:6a:4a:ef:96:ca:8e:11:73:f2:6b:
90:f1:79:d8:4c:61:21:1a:c2:2a:71:7f:5e:cd:4b:5b:e1:e4:
34:39:e6:38:87:ec:11:98:89:da:2a:4c:b2:fc:1a:32:80:d7:
5c:32:2a:8b:1a:33:d6:b7:88:a2:dc:63:09:f7:87:c9:c2:74:
02:fd:df:e8:e1:5f:e9:15:41:6d:87:74:19:6e:38:51:93:c6:
16:5e:db:38:7e:72:67:0e:e6:07:e2:59:bd:b2:2d:b8:d7:40:
a1:52:c7:b3:1c:9a:97:11:c7:57:80:74:2d:72:a4:2e:55:4b:
ca:a2:90:a6:a7:1d:76:eb:61:fe:a7:60:b1:47:3b:bc:f6:2d:
29:6d:72:a5:e3:6c:bf:88:57:0c:64:27:ff:30:f9:a9:ba:a1:
83:0a:8b:d7:5e:98:eb:03:87:b9:50:34:01:2f:0a:8c:de:a0:
3e:1b:46:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqg6XmR794cO5sM6erWjU9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MDIxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTAwOTNhMWNlM2ZmMzFjNTkyNTUxOTBiYmZjMjhlMmQ0MjUwY2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+tYag949mkf69pRq1zWnmZmFFGR
svxEI1QFOYonVMDVHEQI00Q001sIwHaOMNVBPKf4XbRh2ZKnDHa93C1OkO0LyVi9
+ItbsQMRxgHsFEDu1+MHB5MhC3m6gexpFeEzyp4kbizWbQrPYUEZ9q1o+JJJIA5r
Pg1hIbTgN1h4CmaD5xaxpWDh86SHNtqK1j95A4po0Ygi+pDx7RU6ZWc+zN0/9djL
6aaL1NPTyo562J4rm4fdjp5IxV7ZFmR2f2qkcPRZbym8rMtW9+y1JRf1sUxnuZ86
lZI2nQqW/pYvvOuDDscowNs27P17UFXiJc1Yyq8QZm6m2/cEjY/t086qUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMoAk6HOP/McWSVRkLv8KOLUJQzGMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEveWdDVG9jNF84eHhaSlZHUXVfd280dFFsRE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEqvbT1/nUGS79fFYIPw
McF1WzA2zr6SEnxDrshHr6dNDfZi1yPQR0kohN7urScGqpuFr8owU4tY6U5DHiiR
lkGBxb3ioD8f6QG+DMSnuTneakrvlsqOEXPya5DxedhMYSEawipxf17NS1vh5DQ5
5jiH7BGYidoqTLL8GjKA11wyKosaM9a3iKLcYwn3h8nCdAL93+jhX+kVQW2HdBlu
OFGTxhZe2zh+cmcO5gfiWb2yLbjXQKFSx7McmpcRx1eAdC1ypC5VS8qikKanHXbr
Yf6nYLFHO7z2LSltcqXjbL+IVwxkJ/8w+am6oYMKi9demOsDh7lQNAEvCozeoD4b
Ric=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:57 2025 by rpki-client