Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zHLF05IfX9gg5Am_4QGIfzW1_qU.roa
File: zHLF05IfX9gg5Am_4QGIfzW1_qU.roa (raw, json)
Hash identifier: KBaDgfrkPvO2RJnUHZPY4xsVguxF9cpdLrY0Ueuv9e0=
Subject key identifier: CC:72:C5:D3:92:1F:5F:D8:20:E4:09:BF:E1:01:88:7F:35:B5:FE:A5
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5E317CE6D94D0EC340136B086148B78D
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zHLF05IfX9gg5Am_4QGIfzW1_qU.roa
Signing time: Mon 04 Sep 2023 03:16:56 +0000
ROA not before: Mon 04 Sep 2023 03:16:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5e:31:7c:e6:d9:4d:0e:c3:40:13:6b:08:61:48:b7:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 03:16:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc72c5d3921f5fd820e409bfe101887f35b5fea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:84:df:73:47:cb:a9:a6:0f:f7:cf:07:02:fe:
50:b4:55:8b:67:97:37:c2:b0:70:e0:e8:95:29:9c:
1b:f2:24:b9:67:8b:3b:fe:5e:c0:95:46:3c:15:32:
fd:9e:bb:02:15:a8:57:1d:95:7b:68:b4:19:1d:2d:
eb:5e:00:cf:35:d3:e8:93:df:bc:f8:13:a0:69:91:
86:5f:b3:d6:c4:85:52:25:af:22:7f:05:ab:b9:1a:
4a:b9:cf:e5:3e:da:42:74:6f:50:1f:d6:3d:0b:ee:
47:d5:c8:24:df:a6:5a:09:e2:23:e5:8e:31:3b:08:
a2:f0:79:cd:ba:87:1a:f1:12:d8:33:27:48:d2:e5:
3d:ae:32:77:6c:a7:e1:e3:46:c8:55:e3:38:ad:89:
a8:02:70:29:62:c5:d2:88:9a:4d:0d:59:7a:fb:9f:
71:1d:74:44:0a:b5:13:77:ac:f5:5b:b0:b4:28:35:
d2:a5:7f:6a:72:0d:e6:eb:22:33:ea:bf:36:c1:ba:
a6:00:a6:a2:d2:dd:90:a7:43:b8:af:a0:09:a9:a2:
4a:f6:4c:4f:39:c6:c7:e0:13:1e:b9:4b:65:07:e3:
a2:4c:55:e8:53:74:05:0c:80:b3:d8:46:77:63:59:
6f:88:cf:72:e8:d9:d0:17:f2:79:d3:76:bb:4c:68:
1b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:72:C5:D3:92:1F:5F:D8:20:E4:09:BF:E1:01:88:7F:35:B5:FE:A5
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zHLF05IfX9gg5Am_4QGIfzW1_qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
70:4c:f9:f9:67:77:89:6d:a4:63:96:e8:7e:57:33:22:40:9d:
c4:98:d8:4e:cb:90:e0:cf:04:d9:10:fe:fd:3b:25:7e:ac:33:
03:72:29:5d:61:f5:9c:6e:f1:77:f1:6a:fc:7e:e1:18:7c:6b:
66:c0:b7:02:c8:58:5a:ad:9d:d5:a6:95:aa:7f:9f:80:74:94:
33:74:0d:b1:e0:65:18:28:0a:69:23:f9:e8:bb:61:7a:6e:c8:
01:e4:b4:c6:e1:89:77:db:c9:30:8c:72:61:55:d9:ec:d7:81:
bc:a0:8f:4f:f5:4a:e3:33:e8:25:7e:2a:f5:0e:a3:97:53:c8:
a0:a9:7d:72:00:bc:1c:e0:e9:59:24:a3:4f:53:c6:b5:0c:24:
d5:64:94:86:2f:56:c7:35:a7:21:db:e3:45:c0:8e:ad:74:6e:
54:a6:e0:87:64:0e:59:69:f6:ee:de:19:4a:3b:78:ce:8c:8d:
3e:e1:0a:40:95:1d:67:db:b3:45:79:b6:60:13:a4:df:81:92:
b4:35:87:1f:38:c2:74:77:3e:f5:92:9f:86:11:31:84:ed:d1:
fa:b0:5b:c3:fa:e6:3a:b7:f2:a9:e1:7e:44:5d:09:a6:5a:4a:
c3:d9:ee:e1:f4:d4:2c:4d:27:a5:3c:2e:b3:04:a7:9b:63:c3:
9c:aa:b6:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpeMXzm2U0Ow0ATawhhSLeNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MDMxNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzcyYzVkMzkyMWY1ZmQ4MjBlNDA5YmZlMTAxODg3ZjM1YjVmZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoTfc0fLqaYP988HAv5QtFWLZ5c3
wrBw4OiVKZwb8iS5Z4s7/l7AlUY8FTL9nrsCFahXHZV7aLQZHS3rXgDPNdPok9+8
+BOgaZGGX7PWxIVSJa8ifwWruRpKuc/lPtpCdG9QH9Y9C+5H1cgk36ZaCeIj5Y4x
Owii8HnNuoca8RLYMydI0uU9rjJ3bKfh40bIVeM4rYmoAnApYsXSiJpNDVl6+59x
HXRECrUTd6z1W7C0KDXSpX9qcg3m6yIz6r82wbqmAKai0t2Qp0O4r6AJqaJK9kxP
OcbH4BMeuUtlB+OiTFXoU3QFDICz2EZ3Y1lviM9y6NnQF/J503a7TGgbNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMxyxdOSH1/YIOQJv+EBiH81tf6lMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvekhMRjA1SWZYOWdnNUFtXzRRR0lmelcxX3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHBM+flnd4ltpGOW6H5X
MyJAncSY2E7LkODPBNkQ/v07JX6sMwNyKV1h9Zxu8Xfxavx+4Rh8a2bAtwLIWFqt
ndWmlap/n4B0lDN0DbHgZRgoCmkj+ei7YXpuyAHktMbhiXfbyTCMcmFV2ezXgbyg
j0/1SuMz6CV+KvUOo5dTyKCpfXIAvBzg6Vkko09TxrUMJNVklIYvVsc1pyHb40XA
jq10blSm4IdkDllp9u7eGUo7eM6MjT7hCkCVHWfbs0V5tmATpN+BkrQ1hx84wnR3
PvWSn4YRMYTt0fqwW8P65jq38qnhfkRdCaZaSsPZ7uH01CxNJ6U8LrMEp5tjw5yq
thg=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:48 2025 by rpki-client