Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8gN_WzDFuh1_6nEZbgpbjPgmP2Y.roa
File: 8gN_WzDFuh1_6nEZbgpbjPgmP2Y.roa (raw, json)
Hash identifier: Hr+C+7+djxjsUx4tYqxrpGcnHxZjNADM4aQ+Ss5G5TE=
Subject key identifier: F2:03:7F:5B:30:C5:BA:1D:7F:EA:71:19:6E:0A:5B:8C:F8:26:3F:66
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A65E73CF438F2B8080B6C0C0C2D9484BF
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8gN_WzDFuh1_6nEZbgpbjPgmP2Y.roa
Signing time: Tue 05 Sep 2023 15:12:47 +0000
ROA not before: Tue 05 Sep 2023 15:12:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:e7:3c:f4:38:f2:b8:08:0b:6c:0c:0c:2d:94:84:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 15:12:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2037f5b30c5ba1d7fea71196e0a5b8cf8263f66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ab:73:2a:60:50:1e:83:7d:7c:28:cc:0f:90:
7e:a0:64:c0:2d:b1:7a:a4:bb:b3:fc:85:26:31:ac:
a2:82:64:1d:77:0e:dc:99:d0:a3:54:18:86:04:66:
8c:31:ce:e3:88:88:b4:85:53:c0:30:bc:7a:c0:5c:
2b:d9:de:c5:d9:fe:0f:98:08:80:09:0c:e0:4d:70:
a3:ba:75:66:0b:23:31:d4:3d:c2:82:5d:ad:ec:6e:
25:09:91:ab:2e:d6:02:15:67:ff:ce:9c:aa:96:aa:
3c:a5:4b:ca:9d:b5:17:ab:ae:d4:bc:ac:80:fa:94:
bb:a9:db:04:e4:cc:3c:1f:e3:00:ba:e5:6f:ef:f5:
e0:f8:19:cd:ca:5c:fb:aa:16:fd:c0:c0:e2:42:ab:
54:34:14:7f:fc:ca:c5:e4:cb:46:0d:21:fc:46:b2:
ef:18:1e:f7:e4:3a:69:3a:a0:fd:9c:15:b2:4e:6c:
26:28:80:28:cd:75:09:17:f3:1f:4c:a9:aa:34:da:
30:11:b3:e6:f4:b0:df:9f:44:ec:e3:10:f8:f7:41:
7d:dd:f4:29:95:46:af:42:12:7b:e7:d7:d4:a2:12:
7b:fd:9d:9a:f1:d2:0f:bd:c1:f0:5a:02:d6:b9:1d:
6b:82:98:33:d8:77:77:88:f2:d3:44:8e:ff:59:8e:
e6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:03:7F:5B:30:C5:BA:1D:7F:EA:71:19:6E:0A:5B:8C:F8:26:3F:66
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8gN_WzDFuh1_6nEZbgpbjPgmP2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:f9:2a:9c:4a:4b:29:9c:57:5e:99:1e:f8:a4:19:35:60:7a:
0e:f9:6d:b4:de:8a:95:e5:2e:dd:ce:11:a6:2b:d8:8c:5d:a1:
da:4e:1f:32:7e:93:90:29:85:27:28:90:4a:45:7e:5d:82:87:
39:bd:5c:a4:48:6f:38:ba:29:7b:83:4e:57:c4:54:00:dd:c6:
46:22:27:7d:c0:b8:cb:76:fc:3e:55:07:ab:fb:68:4b:87:e6:
57:25:ba:63:6d:fa:ec:cf:36:d0:54:cc:c8:ff:26:a5:ff:53:
5d:06:27:6d:1c:c7:ba:e3:1c:2f:30:35:4c:bd:db:9a:88:79:
cd:a6:d5:fa:8d:03:47:d1:d8:0a:07:ca:8b:5f:0f:02:c2:ee:
b1:72:71:20:9b:91:f9:51:34:e0:38:67:d1:fa:89:cd:0f:69:
f3:46:b8:eb:da:90:a6:00:4e:f6:f0:8d:e7:02:d1:f5:d4:38:
59:dd:7c:26:e3:9f:54:ad:c2:d9:d0:2a:93:9c:3d:19:80:8d:
4f:57:0f:35:27:e6:03:11:2f:7c:9f:f6:9d:31:b0:ea:5a:43:
1b:10:4b:95:6e:b9:22:de:c2:e1:a3:75:e0:a4:a2:b3:b9:5b:
34:a4:8b:94:60:5c:3c:51:83:d3:90:63:e9:fd:96:e7:e6:c1:
3d:c5:6d:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpl5zz0OPK4CAtsDAwtlIS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MTUxMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjAzN2Y1YjMwYzViYTFkN2ZlYTcxMTk2ZTBhNWI4Y2Y4MjYzZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6tzKmBQHoN9fCjMD5B+oGTALbF6
pLuz/IUmMayigmQddw7cmdCjVBiGBGaMMc7jiIi0hVPAMLx6wFwr2d7F2f4PmAiA
CQzgTXCjunVmCyMx1D3Cgl2t7G4lCZGrLtYCFWf/zpyqlqo8pUvKnbUXq67UvKyA
+pS7qdsE5Mw8H+MAuuVv7/Xg+BnNylz7qhb9wMDiQqtUNBR//MrF5MtGDSH8RrLv
GB735DppOqD9nBWyTmwmKIAozXUJF/MfTKmqNNowEbPm9LDfn0Ts4xD490F93fQp
lUavQhJ759fUohJ7/Z2a8dIPvcHwWgLWuR1rgpgz2Hd3iPLTRI7/WY7mwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPIDf1swxbodf+pxGW4KW4z4Jj9mMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvOGdOX1d6REZ1aDFfNm5FWmJncGJqUGdtUDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFn5KpxKSymcV16ZHvik
GTVgeg75bbTeipXlLt3OEaYr2IxdodpOHzJ+k5AphScokEpFfl2Chzm9XKRIbzi6
KXuDTlfEVADdxkYiJ33AuMt2/D5VB6v7aEuH5lclumNt+uzPNtBUzMj/JqX/U10G
J20cx7rjHC8wNUy925qIec2m1fqNA0fR2AoHyotfDwLC7rFycSCbkflRNOA4Z9H6
ic0PafNGuOvakKYATvbwjecC0fXUOFndfCbjn1StwtnQKpOcPRmAjU9XDzUn5gMR
L3yf9p0xsOpaQxsQS5VuuSLewuGjdeCkorO5WzSki5RgXDxRg9OQY+n9lufmwT3F
bTg=
-----END CERTIFICATE-----
Generated at Sun May 11 18:09:48 2025 by rpki-client