Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zatGAhoF1JC0W8aVDDTacQuxzBA.roa
File: zatGAhoF1JC0W8aVDDTacQuxzBA.roa (raw, json)
Hash identifier: YmJsrLvu32zLLr2a/FI8BdHOWNpbXxDrFYy1QquO8Y8=
Subject key identifier: CD:AB:46:02:1A:05:D4:90:B4:5B:C6:95:0C:34:DA:71:0B:B1:CC:10
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4699E1F1BD9C473F228A1E71DED0EC1A
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zatGAhoF1JC0W8aVDDTacQuxzBA.roa
Signing time: Wed 30 Aug 2023 13:20:04 +0000
ROA not before: Wed 30 Aug 2023 13:20:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:99:e1:f1:bd:9c:47:3f:22:8a:1e:71:de:d0:ec:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 13:20:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdab46021a05d490b45bc6950c34da710bb1cc10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5c:ec:53:a1:25:01:dd:be:59:de:f4:3f:77:
53:7a:59:10:5e:dd:d6:e3:8b:ef:02:f5:90:90:06:
50:7e:57:d0:bd:ab:1e:a4:25:a2:e0:b5:01:3f:37:
3d:17:01:0d:4e:1d:85:65:fc:9f:33:11:52:70:e6:
33:9c:29:d0:61:e5:ef:23:f2:b3:5d:45:42:b1:e1:
4a:1e:fb:d2:3e:a5:6d:ab:b9:7d:a0:1f:8e:94:bc:
fe:3a:83:e3:1e:11:a7:ed:39:aa:18:94:1d:ac:f6:
1a:5d:b5:62:11:58:07:70:16:7b:fb:27:6e:c5:c2:
b1:31:58:d6:39:c6:e1:62:05:5d:4e:4a:42:63:fd:
31:c1:ef:b3:6c:89:63:bd:c5:29:17:61:60:6f:0b:
da:19:f6:7e:8d:80:03:55:5d:d2:a5:f4:61:bf:44:
55:17:c0:27:1e:cc:5f:46:5a:f3:ed:10:50:09:33:
22:b5:47:88:18:37:f6:4f:7f:bf:47:f5:bd:de:e5:
95:79:b6:85:03:6a:07:9b:a0:c8:b3:9b:9b:93:17:
80:48:e3:ae:dd:91:47:91:bb:d2:17:b4:00:39:d3:
a3:da:40:a0:a1:81:f8:15:5f:fd:45:ca:ff:d6:c4:
b5:60:70:0d:23:3f:0a:bd:02:74:ad:04:e0:0c:9f:
12:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:AB:46:02:1A:05:D4:90:B4:5B:C6:95:0C:34:DA:71:0B:B1:CC:10
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zatGAhoF1JC0W8aVDDTacQuxzBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:79:64:7a:ca:32:7a:0c:d2:eb:62:63:05:49:4e:a3:44:bc:
f0:62:ed:87:c8:e9:36:8a:a5:df:c0:43:ad:47:93:04:c7:a0:
6b:55:9d:5e:df:d7:0c:b4:df:a6:77:10:c9:91:14:58:2c:d3:
4a:85:32:46:d9:c3:12:8d:a4:c2:62:18:81:dd:e5:80:f3:ef:
13:73:a6:24:90:3f:eb:63:c7:df:6a:79:0e:22:f6:1a:ae:6b:
ee:25:d4:92:b9:94:1b:45:bc:12:37:9c:63:9f:64:8a:7b:41:
52:d5:a0:4a:80:8f:40:ca:98:4c:5c:77:c5:1a:e1:9f:b9:a4:
d1:bc:59:84:4b:7c:5f:ef:e8:49:62:f1:db:ed:c8:b6:29:fd:
7e:81:28:4c:cb:4f:19:42:e1:89:aa:e9:d1:d5:80:c5:8f:db:
13:c4:84:38:dc:fd:18:5d:60:d4:bc:98:7e:e4:9f:be:c2:ff:
b6:1e:df:41:ff:31:bb:bd:4f:36:21:40:55:9e:5f:5a:e5:ab:
31:22:fd:85:49:33:2a:5b:90:61:53:47:1a:e5:8e:6f:29:7c:
b5:9e:a9:7a:aa:e6:74:a4:f1:b3:55:43:af:a3:ec:bb:9a:5c:
8e:f9:5c:69:75:86:c2:2c:0a:9f:74:d2:41:38:d7:dd:fd:b6:
87:ac:e6:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpGmeHxvZxHPyKKHnHe0OwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMTMyMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGFiNDYwMjFhMDVkNDkwYjQ1YmM2OTUwYzM0ZGE3MTBiYjFjYzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1zsU6ElAd2+Wd70P3dTelkQXt3W
44vvAvWQkAZQflfQvasepCWi4LUBPzc9FwENTh2FZfyfMxFScOYznCnQYeXvI/Kz
XUVCseFKHvvSPqVtq7l9oB+OlLz+OoPjHhGn7TmqGJQdrPYaXbViEVgHcBZ7+ydu
xcKxMVjWOcbhYgVdTkpCY/0xwe+zbIljvcUpF2FgbwvaGfZ+jYADVV3SpfRhv0RV
F8AnHsxfRlrz7RBQCTMitUeIGDf2T3+/R/W93uWVebaFA2oHm6DIs5ubkxeASOOu
3ZFHkbvSF7QAOdOj2kCgoYH4FV/9Rcr/1sS1YHANIz8KvQJ0rQTgDJ8SXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM2rRgIaBdSQtFvGlQw02nELscwQMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvemF0R0Fob0YxSkMwVzhhVkREVGFjUXV4ekJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGN5ZHrKMnoM0utiYwVJ
TqNEvPBi7YfI6TaKpd/AQ61HkwTHoGtVnV7f1wy036Z3EMmRFFgs00qFMkbZwxKN
pMJiGIHd5YDz7xNzpiSQP+tjx99qeQ4i9hqua+4l1JK5lBtFvBI3nGOfZIp7QVLV
oEqAj0DKmExcd8Ua4Z+5pNG8WYRLfF/v6Eli8dvtyLYp/X6BKEzLTxlC4Ymq6dHV
gMWP2xPEhDjc/RhdYNS8mH7kn77C/7Ye30H/Mbu9TzYhQFWeX1rlqzEi/YVJMypb
kGFTRxrljm8pfLWeqXqq5nSk8bNVQ6+j7LuaXI75XGl1hsIsCp900kE41939toes
5hI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:49 2025 by rpki-client