Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yjdgSGivGjvhnWZx9CEcXbG3SmQ.roa
File: yjdgSGivGjvhnWZx9CEcXbG3SmQ.roa (raw, json)
Hash identifier: cJEjFvaYRHMNDjQlKaENheaYS13eY1DlRGI7csh0J48=
Subject key identifier: CA:37:60:48:68:AF:1A:3B:E1:9D:66:71:F4:21:1C:5D:B1:B7:4A:64
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A597CC80929405FFAAB73EDFEB9E45183
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yjdgSGivGjvhnWZx9CEcXbG3SmQ.roa
Signing time: Sun 03 Sep 2023 05:21:04 +0000
ROA not before: Sun 03 Sep 2023 05:21:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:59:7c:c8:09:29:40:5f:fa:ab:73:ed:fe:b9:e4:51:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 05:21:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca37604868af1a3be19d6671f4211c5db1b74a64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bc:06:05:da:17:1f:08:bd:64:7b:d6:22:c5:
07:1c:e4:3e:35:2b:89:bb:86:df:50:df:2f:55:a8:
7f:b5:27:fa:41:71:e7:e2:5c:c4:cc:95:77:ac:11:
55:b4:d6:0c:4a:29:1d:4c:70:d2:4e:4b:74:22:ec:
2a:17:8f:24:c5:e6:63:cd:2d:1c:41:bf:e2:6f:ac:
f4:38:1d:43:c9:da:b8:aa:7c:8e:7f:28:05:11:cc:
0f:60:77:d4:ea:fc:70:2d:bf:57:67:a0:98:f8:be:
26:0a:25:f8:1a:f1:d3:1e:fb:63:11:15:6d:d9:4a:
d1:74:5f:1d:14:57:26:6e:ec:a9:98:6d:13:b7:60:
24:14:dd:ba:4c:6d:f8:bf:da:96:55:8c:cf:24:9d:
80:40:94:d5:c9:6b:f9:d3:43:fd:3a:fd:98:f5:01:
52:02:56:01:4c:5d:d4:a0:d1:1e:a5:e4:65:60:9c:
9c:d3:9a:dc:f0:f4:f3:ce:06:d3:9f:bf:39:6e:52:
17:26:65:ff:fe:28:28:66:e3:93:87:fd:5a:35:f9:
f1:b5:04:5e:0e:2c:46:35:20:e5:37:43:d5:2a:c9:
48:b1:84:42:97:fb:6c:8f:77:cd:7c:de:21:ea:2c:
ac:62:21:14:67:7a:49:2d:74:ad:b0:ba:09:e5:c0:
2e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:37:60:48:68:AF:1A:3B:E1:9D:66:71:F4:21:1C:5D:B1:B7:4A:64
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yjdgSGivGjvhnWZx9CEcXbG3SmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:42:71:0a:32:54:a2:d3:73:a9:88:2a:89:34:d9:f4:14:7a:
68:d2:61:ca:df:79:35:14:00:b0:f2:cd:57:ea:e6:44:54:4f:
4d:0e:3a:4f:04:26:13:a8:b8:cc:3e:55:f9:42:f5:8c:04:38:
ac:01:50:83:25:ec:9e:0f:96:2a:29:da:8f:55:f5:3e:33:60:
77:44:02:5e:f9:84:13:0b:2a:01:83:1d:38:6b:6a:9e:65:1c:
8d:48:ec:57:be:c1:50:72:b2:87:99:09:48:46:a0:a0:07:f3:
17:fa:a3:a6:91:8d:fa:1c:13:23:08:ba:9e:ef:0a:75:25:da:
f6:e4:d2:8c:ff:3f:36:dc:ea:ae:8f:72:7e:85:86:22:48:a0:
73:1e:cf:9d:49:e2:56:16:3b:51:f3:e0:a0:1a:44:5a:8c:8b:
65:a7:cb:f7:93:a0:1f:bf:e0:2d:a2:bd:24:be:18:39:00:24:
df:d3:0b:7e:e8:ae:d4:5b:3f:88:92:b2:42:2a:88:49:36:11:
75:39:b9:27:5d:ef:33:9e:b6:83:c9:db:00:74:47:ad:84:f6:
78:35:81:9d:28:e5:2d:c7:2c:23:3e:bb:5c:6c:91:98:89:7a:
35:a1:26:fb:5f:8a:b2:1a:fe:23:17:74:67:31:d5:fd:bf:72:
fb:e6:36:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpZfMgJKUBf+qtz7f655FGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMDUyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM3NjA0ODY4YWYxYTNiZTE5ZDY2NzFmNDIxMWM1ZGIxYjc0YTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbwGBdoXHwi9ZHvWIsUHHOQ+NSuJ
u4bfUN8vVah/tSf6QXHn4lzEzJV3rBFVtNYMSikdTHDSTkt0IuwqF48kxeZjzS0c
Qb/ib6z0OB1Dydq4qnyOfygFEcwPYHfU6vxwLb9XZ6CY+L4mCiX4GvHTHvtjERVt
2UrRdF8dFFcmbuypmG0Tt2AkFN26TG34v9qWVYzPJJ2AQJTVyWv500P9Ov2Y9QFS
AlYBTF3UoNEepeRlYJyc05rc8PTzzgbTn785blIXJmX//igoZuOTh/1aNfnxtQRe
DixGNSDlN0PVKslIsYRCl/tsj3fNfN4h6iysYiEUZ3pJLXStsLoJ5cAuuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMo3YEhorxo74Z1mcfQhHF2xt0pkMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEveWpkZ1NHaXZHanZobldaeDlDRWNYYkczU21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABBCcQoyVKLTc6mIKok0
2fQUemjSYcrfeTUUALDyzVfq5kRUT00OOk8EJhOouMw+VflC9YwEOKwBUIMl7J4P
liop2o9V9T4zYHdEAl75hBMLKgGDHThrap5lHI1I7Fe+wVBysoeZCUhGoKAH8xf6
o6aRjfocEyMIup7vCnUl2vbk0oz/Pzbc6q6Pcn6FhiJIoHMez51J4lYWO1Hz4KAa
RFqMi2Wny/eToB+/4C2ivSS+GDkAJN/TC37ortRbP4iSskIqiEk2EXU5uSdd7zOe
toPJ2wB0R62E9ng1gZ0o5S3HLCM+u1xskZiJejWhJvtfirIa/iMXdGcx1f2/cvvm
NqY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:54 2025 by rpki-client