Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Cvi5Ske4fQBVZ6OzyXVwRaTwo3g.roa
File: Cvi5Ske4fQBVZ6OzyXVwRaTwo3g.roa (raw, json)
Hash identifier: Y4gIC4RT+4X4jJ1qHivXi/4Qg6/WXHYXgpHFlxSeVyg=
Subject key identifier: 0A:F8:B9:4A:47:B8:7D:00:55:67:A3:B3:C9:75:70:45:A4:F0:A3:78
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6C19F23EA4F6DE6A96F9E4A88525059E
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Cvi5Ske4fQBVZ6OzyXVwRaTwo3g.roa
Signing time: Wed 06 Sep 2023 20:05:54 +0000
ROA not before: Wed 06 Sep 2023 20:05:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:6c18:82e5/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6c:19:f2:3e:a4:f6:de:6a:96:f9:e4:a8:85:25:05:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 20:05:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0af8b94a47b87d005567a3b3c9757045a4f0a378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:87:d7:47:cf:86:4f:b7:b5:0b:2e:56:72:da:
e9:e8:e0:35:51:3b:0d:05:6f:2d:fc:ff:41:2f:2b:
51:23:cd:35:81:d4:cd:ba:8a:14:2a:ac:bb:78:85:
21:94:93:b0:84:2e:f2:f4:71:5d:4e:27:c3:57:e9:
81:ca:51:ad:00:e6:36:79:0b:2a:58:42:3c:f2:0b:
3b:bd:64:35:75:ae:11:f5:17:2a:d1:14:4d:74:e2:
cd:80:cd:15:29:5f:8c:79:40:e5:09:1a:ca:bc:b5:
10:db:1f:f6:00:76:b0:60:b7:1a:c0:fa:75:75:9a:
a4:e5:67:18:0f:f7:15:c6:86:f4:82:41:35:45:5d:
16:13:6a:52:43:7d:07:36:92:d6:a8:e4:d8:bf:c7:
87:2d:9c:5b:b5:58:63:48:59:22:fd:8d:56:7a:02:
6c:96:19:10:c2:db:e5:27:03:2b:9a:a8:92:ff:94:
e7:7f:8e:6c:10:3d:f4:6a:57:35:45:3a:82:89:bf:
57:38:89:02:bf:e0:d2:f2:8e:99:dc:77:fe:91:17:
f1:94:d4:bc:53:66:18:e3:8e:a0:45:4e:ff:59:63:
51:09:29:aa:5d:b6:6f:c0:90:ba:35:64:c4:b7:d5:
ee:7d:92:ef:69:63:e0:77:7a:20:ae:b8:d5:4c:71:
52:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F8:B9:4A:47:B8:7D:00:55:67:A3:B3:C9:75:70:45:A4:F0:A3:78
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Cvi5Ske4fQBVZ6OzyXVwRaTwo3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:a4:c7:22:45:75:cf:eb:a0:7b:76:8a:6e:96:ba:2a:2f:1d:
a6:ab:1d:c4:dc:9e:13:ee:75:7c:e2:21:85:37:06:43:ec:d2:
75:ec:03:f8:df:cb:bf:4c:24:ac:95:2b:a9:23:59:fb:b3:7e:
c8:9e:82:d4:ea:48:f2:fb:7c:df:33:a7:6e:36:a5:7f:d6:d6:
89:c3:15:fa:5e:e1:57:aa:4d:d1:b6:88:11:9d:89:e9:58:7a:
7a:3f:46:36:3a:28:a5:dc:eb:90:f8:5f:3b:bb:30:eb:a3:c7:
2c:fa:3f:cd:90:1f:dd:ad:61:32:00:ba:b4:a1:bd:a4:fb:11:
1e:39:b7:96:5a:25:59:e9:5f:56:67:cc:85:c9:53:b5:36:24:
98:5e:20:34:1c:91:e5:55:d8:9e:9b:3e:b9:59:d0:f0:1a:bb:
79:d7:d7:2e:81:dd:56:22:48:6e:02:6a:62:62:e1:8c:e2:4f:
b9:75:1f:b6:d7:1d:81:c7:ef:02:84:c9:99:c1:21:94:64:55:
e7:60:d0:7d:e5:83:3d:74:ee:81:67:81:27:8e:14:f8:46:27:
03:2e:81:d9:08:15:98:7c:1c:a8:ba:50:4b:43:56:16:86:2f:
7b:0e:e8:22:6e:74:05:bf:13:20:14:d3:10:7c:e9:aa:21:ad:
c8:d4:6a:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpsGfI+pPbeapb55KiFJQWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MjAwNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWY4Yjk0YTQ3Yjg3ZDAwNTU2N2EzYjNjOTc1NzA0NWE0ZjBhMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIfXR8+GT7e1Cy5Wctrp6OA1UTsN
BW8t/P9BLytRI801gdTNuooUKqy7eIUhlJOwhC7y9HFdTifDV+mBylGtAOY2eQsq
WEI88gs7vWQ1da4R9Rcq0RRNdOLNgM0VKV+MeUDlCRrKvLUQ2x/2AHawYLcawPp1
dZqk5WcYD/cVxob0gkE1RV0WE2pSQ30HNpLWqOTYv8eHLZxbtVhjSFki/Y1WegJs
lhkQwtvlJwMrmqiS/5Tnf45sED30alc1RTqCib9XOIkCv+DS8o6Z3Hf+kRfxlNS8
U2YY446gRU7/WWNRCSmqXbZvwJC6NWTEt9XufZLvaWPgd3ogrrjVTHFSVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAr4uUpHuH0AVWejs8l1cEWk8KN4MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQ3ZpNVNrZTRmUUJWWjZPenlYVndSYVR3bzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEakxyJFdc/roHt2im6W
uiovHaarHcTcnhPudXziIYU3BkPs0nXsA/jfy79MJKyVK6kjWfuzfsiegtTqSPL7
fN8zp242pX/W1onDFfpe4VeqTdG2iBGdielYeno/RjY6KKXc65D4Xzu7MOujxyz6
P82QH92tYTIAurShvaT7ER45t5ZaJVnpX1ZnzIXJU7U2JJheIDQckeVV2J6bPrlZ
0PAau3nX1y6B3VYiSG4CamJi4YziT7l1H7bXHYHH7wKEyZnBIZRkVedg0H3lgz10
7oFngSeOFPhGJwMugdkIFZh8HKi6UEtDVhaGL3sO6CJudAW/EyAU0xB86aohrcjU
alE=
-----END CERTIFICATE-----
Generated at Mon May 12 02:17:17 2025 by rpki-client