Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yvyHO9--62Ax1Vxx9o7bxVhgZ44.roa
File: yvyHO9--62Ax1Vxx9o7bxVhgZ44.roa (raw, json)
Hash identifier: 5nEk2H8XaUAY/dBJ12N30J/bQHYquDFxG3lhcNdAtHU=
Subject key identifier: CA:FC:87:3B:DF:BE:EB:60:31:D5:5C:71:F6:8E:DB:C5:58:60:67:8E
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8950D30503C7FE608C1AF4198445BCBF
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yvyHO9--62Ax1Vxx9o7bxVhgZ44.roa
Signing time: Tue 12 Sep 2023 12:14:50 +0000
ROA not before: Tue 12 Sep 2023 12:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:50:d3:05:03:c7:fe:60:8c:1a:f4:19:84:45:bc:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 12 12:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cafc873bdfbeeb6031d55c71f68edbc55860678e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e8:30:37:0e:21:19:e5:d1:84:f1:41:f2:57:
cb:e8:f1:9a:3d:51:c7:e3:2c:99:b8:56:10:20:7a:
f8:09:b0:8b:7e:6d:02:3c:b2:bb:12:c2:d3:24:a7:
8a:6d:3b:5b:5c:ab:3a:a8:8c:7e:83:27:bd:fd:35:
67:a9:26:83:48:bb:5f:ba:b6:c6:34:64:4b:aa:3c:
d9:c2:f6:1d:ef:b5:60:9e:3d:fa:2f:47:91:40:09:
c8:bc:6f:7b:2b:e8:80:46:fb:f0:2f:40:37:37:a6:
6e:34:4d:04:ef:71:b9:e1:27:fa:02:b1:0f:69:8a:
42:83:fe:45:74:1a:29:06:04:ca:00:6e:dc:9b:b6:
e2:61:54:4e:89:fc:69:4f:72:fc:23:35:74:d2:0b:
be:5e:ae:e5:8a:52:74:28:db:54:63:04:d3:7a:f4:
3d:3f:84:0e:aa:af:c0:42:f8:96:9f:3d:62:94:42:
b2:47:a2:c9:e5:c8:e4:98:8f:5a:ef:77:e7:e7:ed:
a4:9f:23:5f:e1:f1:81:c9:8c:a7:a3:79:52:3e:fc:
b9:49:4e:74:66:ff:96:f1:33:54:9d:e3:d7:be:79:
bc:a7:7b:33:96:71:f7:46:98:34:e8:0b:d2:86:ea:
c2:ec:d9:5c:9e:ce:65:cb:5e:8d:d0:ae:bb:33:75:
18:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FC:87:3B:DF:BE:EB:60:31:D5:5C:71:F6:8E:DB:C5:58:60:67:8E
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yvyHO9--62Ax1Vxx9o7bxVhgZ44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:cd:b2:af:46:7d:99:b4:6a:11:3a:fb:c0:ee:28:eb:3e:f2:
ab:03:4b:a6:d6:15:9a:35:f5:fe:86:03:ef:32:ca:fa:99:01:
53:e1:63:7d:e5:5a:63:b6:90:9e:64:b8:ab:8d:53:c7:54:41:
76:6e:a4:b5:af:81:b2:2b:fc:4f:85:06:65:1d:f6:d7:7c:7a:
e2:f1:51:12:49:47:45:6c:6d:f5:07:56:6e:56:dc:17:8b:9f:
35:cd:1f:5c:13:34:c3:58:e6:a9:bc:3c:e3:94:97:29:4a:b6:
ff:07:0f:aa:2b:fa:c6:21:a8:22:e4:2f:c9:db:1d:5a:fa:7f:
09:d0:f1:68:7b:fd:3b:5c:f9:ac:c7:1b:21:f0:6f:03:9f:9e:
b8:05:ae:c3:b8:3a:c6:bb:2b:84:d8:66:0b:09:28:e6:68:cf:
79:b2:24:d2:fc:2e:ac:6d:df:dc:da:d6:09:27:cf:15:3f:18:
59:52:da:dd:6d:12:0b:a5:a1:29:b7:3f:8d:ac:fd:d2:55:4c:
65:78:12:f4:58:7c:32:70:d9:8d:10:a9:33:e7:af:2b:52:24:
f8:fa:6c:54:f0:15:b7:41:13:93:ea:2e:c9:27:7c:d3:5d:45:
0b:dd:b1:71:f8:6d:e8:d5:51:d8:b9:d4:46:38:1c:b8:6e:bc:
e3:92:32:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqJUNMFA8f+YIwa9BmERby/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEyMTIxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWZjODczYmRmYmVlYjYwMzFkNTVjNzFmNjhlZGJjNTU4NjA2NzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOgwNw4hGeXRhPFB8lfL6PGaPVHH
4yyZuFYQIHr4CbCLfm0CPLK7EsLTJKeKbTtbXKs6qIx+gye9/TVnqSaDSLtfurbG
NGRLqjzZwvYd77Vgnj36L0eRQAnIvG97K+iARvvwL0A3N6ZuNE0E73G54Sf6ArEP
aYpCg/5FdBopBgTKAG7cm7biYVROifxpT3L8IzV00gu+Xq7lilJ0KNtUYwTTevQ9
P4QOqq/AQviWnz1ilEKyR6LJ5cjkmI9a73fn5+2knyNf4fGByYyno3lSPvy5SU50
Zv+W8TNUnePXvnm8p3szlnH3Rpg06AvShurC7Nlcns5ly16N0K67M3UYjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMr8hzvfvutgMdVccfaO28VYYGeOMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEveXZ5SE85LS02MkF4MVZ4eDlvN2J4VmhnWjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA3Nsq9GfZm0ahE6+8Du
KOs+8qsDS6bWFZo19f6GA+8yyvqZAVPhY33lWmO2kJ5kuKuNU8dUQXZupLWvgbIr
/E+FBmUd9td8euLxURJJR0VsbfUHVm5W3BeLnzXNH1wTNMNY5qm8POOUlylKtv8H
D6or+sYhqCLkL8nbHVr6fwnQ8Wh7/Ttc+azHGyHwbwOfnrgFrsO4Osa7K4TYZgsJ
KOZoz3myJNL8Lqxt39za1gknzxU/GFlS2t1tEguloSm3P42s/dJVTGV4EvRYfDJw
2Y0QqTPnrytSJPj6bFTwFbdBE5PqLsknfNNdRQvdsXH4bejVUdi51EY4HLhuvOOS
MoY=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:01:11 2025 by rpki-client