Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yzZhkW-cFEbO85oeA3joR1hYtXY.roa
File: yzZhkW-cFEbO85oeA3joR1hYtXY.roa (raw, json)
Hash identifier: WmHhlDyUQnttYdbYAwTvGAwHOz4cH90seYhMcDg9wH0=
Subject key identifier: CB:36:61:91:6F:9C:14:46:CE:F3:9A:1E:03:78:E8:47:58:58:B5:76
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A669063F142B292F02C8883BDB7513FB4
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yzZhkW-cFEbO85oeA3joR1hYtXY.roa
Signing time: Tue 05 Sep 2023 18:17:33 +0000
ROA not before: Tue 05 Sep 2023 18:17:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:66:90:63:f1:42:b2:92:f0:2c:88:83:bd:b7:51:3f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 18:17:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb3661916f9c1446cef39a1e0378e8475858b576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6b:0e:58:5d:ca:78:51:0e:9e:a8:16:e4:da:
fa:57:49:82:87:9e:40:e3:42:ac:b7:77:97:a3:c0:
6b:a0:46:3d:ce:96:c6:10:28:31:05:b3:87:3e:b4:
50:98:aa:13:a4:89:aa:8c:47:0b:37:6c:10:05:c6:
46:a2:66:55:07:28:60:f5:25:c1:07:a8:0d:cc:34:
d6:00:c0:11:4a:fb:2a:54:77:63:7b:c9:da:79:6f:
b8:fd:0b:81:86:b5:a5:5b:2e:2a:2f:6f:6a:9f:cb:
da:1a:42:f8:2a:0a:58:ab:ca:ae:aa:3b:38:4c:85:
42:83:05:70:7a:52:d2:c5:58:4d:83:17:4a:fc:46:
fb:d7:0d:ae:92:b2:29:66:92:76:e9:82:c9:0b:3c:
e1:3f:b3:ac:43:27:a8:59:8f:66:6d:09:9a:86:2f:
41:f9:5e:52:d6:65:fc:3c:0b:9e:75:93:ef:dd:be:
5b:d7:08:db:3d:15:1c:fb:21:32:e5:ef:e9:7e:93:
57:5c:38:ca:39:cb:39:c6:3b:23:0b:76:07:21:0c:
7e:ba:c1:48:30:c3:2f:da:85:9d:cc:53:2d:03:aa:
ca:0e:ad:11:a8:06:9e:f0:4e:9e:72:77:a1:a8:26:
cc:64:91:ec:f3:d5:02:44:59:60:39:9f:20:e1:9a:
25:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:36:61:91:6F:9C:14:46:CE:F3:9A:1E:03:78:E8:47:58:58:B5:76
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yzZhkW-cFEbO85oeA3joR1hYtXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:1a:89:1e:e5:16:3c:5e:60:62:58:df:cc:b4:d2:a8:05:96:
c7:0c:c8:e7:16:96:d3:a6:60:f5:68:55:82:61:d3:0b:27:b7:
2c:43:0c:4c:d4:2c:72:26:8a:e6:c8:f2:c0:23:a9:e3:19:42:
c6:f7:dc:61:d3:4e:46:43:22:de:d5:2e:2e:a7:a2:7d:e5:65:
e7:d6:e2:46:47:96:35:31:bd:2d:6c:88:6e:ea:83:20:82:50:
4a:d1:04:f7:1e:c5:87:69:03:54:a8:18:8b:09:97:aa:de:eb:
47:57:8b:c7:81:62:81:ec:a2:8c:8c:eb:39:7a:99:c7:83:30:
f1:0c:41:05:38:b5:95:f4:ba:7e:11:fa:0a:c0:a1:8d:d8:27:
15:6d:30:62:3f:39:ab:e0:a3:ac:62:21:1c:2a:bf:eb:41:4c:
f1:eb:85:62:de:95:52:90:52:d6:1f:17:bd:13:70:b0:63:70:
51:e7:88:4e:16:ec:6f:0a:bb:c1:70:b2:f2:f6:4c:db:71:9b:
dd:15:ea:11:6b:46:5d:28:88:1a:49:43:39:60:7b:fe:db:6b:
2c:d0:dc:22:23:f8:33:9d:ca:3a:d4:91:57:40:dc:66:4f:da:
8f:a3:a7:6e:09:0f:2c:9c:33:40:19:b8:b8:29:88:bb:be:94:
0c:32:bb:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpmkGPxQrKS8CyIg723UT+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MTgxNzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM2NjE5MTZmOWMxNDQ2Y2VmMzlhMWUwMzc4ZTg0NzU4NThiNTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWsOWF3KeFEOnqgW5Nr6V0mCh55A
40Kst3eXo8BroEY9zpbGECgxBbOHPrRQmKoTpImqjEcLN2wQBcZGomZVByhg9SXB
B6gNzDTWAMARSvsqVHdje8naeW+4/QuBhrWlWy4qL29qn8vaGkL4KgpYq8quqjs4
TIVCgwVwelLSxVhNgxdK/Eb71w2ukrIpZpJ26YLJCzzhP7OsQyeoWY9mbQmahi9B
+V5S1mX8PAuedZPv3b5b1wjbPRUc+yEy5e/pfpNXXDjKOcs5xjsjC3YHIQx+usFI
MMMv2oWdzFMtA6rKDq0RqAae8E6ecnehqCbMZJHs89UCRFlgOZ8g4ZolewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMs2YZFvnBRGzvOaHgN46EdYWLV2MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEveXpaaGtXLWNGRWJPODVvZUEzam9SMWhZdFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGoaiR7lFjxeYGJY38y0
0qgFlscMyOcWltOmYPVoVYJh0wsntyxDDEzULHImiubI8sAjqeMZQsb33GHTTkZD
It7VLi6non3lZefW4kZHljUxvS1siG7qgyCCUErRBPcexYdpA1SoGIsJl6re60dX
i8eBYoHsooyM6zl6mceDMPEMQQU4tZX0un4R+grAoY3YJxVtMGI/Oavgo6xiIRwq
v+tBTPHrhWLelVKQUtYfF70TcLBjcFHniE4W7G8Ku8FwsvL2TNtxm90V6hFrRl0o
iBpJQzlge/7bayzQ3CIj+DOdyjrUkVdA3GZP2o+jp24JDyycM0AZuLgpiLu+lAwy
u/4=
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:17:12 2025 by rpki-client