Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KdbXVVLIZ8pzYIS8voTLJT-Y3pM.roa
File: KdbXVVLIZ8pzYIS8voTLJT-Y3pM.roa (raw, json)
Hash identifier: m4iLVaoPvPVW4ghJxctWxvR/Wtfvsh5Z35LxEZvhLF8=
Subject key identifier: 29:D6:D7:55:52:C8:67:CA:73:60:84:BC:BE:84:CB:25:3F:98:DE:93
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A517DA9A63E428B19834FE39A24CF93A7
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KdbXVVLIZ8pzYIS8voTLJT-Y3pM.roa
Signing time: Fri 01 Sep 2023 16:05:04 +0000
ROA not before: Fri 01 Sep 2023 16:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:517d:f0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:51:7d:a9:a6:3e:42:8b:19:83:4f:e3:9a:24:cf:93:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 16:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29d6d75552c867ca736084bcbe84cb253f98de93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:6e:31:48:b9:45:6a:78:2e:67:a4:3d:0c:18:
3e:19:9d:1e:88:ef:73:59:3f:73:db:a0:74:25:9b:
94:ed:c4:0f:fa:cd:6e:bb:f6:88:bb:51:1a:62:bc:
2d:76:d2:cf:0a:7d:20:1c:ef:f1:13:0d:98:3f:28:
7f:81:f5:73:eb:4d:64:df:64:fe:e2:ae:b9:68:c1:
5d:20:14:25:3e:41:e5:df:d5:91:32:9b:74:25:00:
79:36:e9:92:87:9a:79:d4:1f:ba:46:24:f7:46:ee:
eb:77:7d:35:39:35:78:bc:f5:8a:37:ba:a6:31:b4:
3d:c7:dd:72:fc:d1:f3:ea:8d:c2:b2:9f:49:d0:5f:
c3:36:a3:e6:40:ca:4c:a9:5d:bf:e6:bc:12:06:9f:
73:b9:0d:80:44:3e:b2:8c:ba:c6:ab:d6:34:6e:1e:
e8:48:5a:02:d1:80:03:1b:a8:08:4f:88:86:ca:ba:
41:6f:62:d6:51:4b:db:21:8a:be:8d:49:c8:fa:b8:
a9:44:05:c2:75:a9:88:53:25:cf:c7:e1:8e:53:ab:
7b:b9:0c:18:68:48:19:0f:22:54:17:6d:ba:6b:ed:
f0:b9:d3:75:08:a8:6f:99:07:f8:1b:d1:91:96:c0:
38:34:07:35:c1:ad:f7:28:75:09:f9:c0:74:8a:75:
9d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D6:D7:55:52:C8:67:CA:73:60:84:BC:BE:84:CB:25:3F:98:DE:93
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KdbXVVLIZ8pzYIS8voTLJT-Y3pM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:a4:c8:e1:7f:36:f1:f7:64:b8:ac:ab:2c:d5:e4:08:bc:3c:
71:2c:12:53:1e:05:32:be:97:03:44:20:e3:1e:7f:84:e8:7d:
4e:9b:0f:e1:5b:41:90:6a:87:70:98:f0:d2:94:55:d3:92:62:
77:ba:2f:41:3b:b9:38:51:b7:88:56:30:c6:4c:19:d8:35:52:
28:d3:07:c1:c3:dd:b7:7a:d8:b2:65:3e:2f:84:54:c0:bd:71:
f3:39:ee:d1:a0:9f:4a:e1:53:e5:a1:ac:84:78:34:f7:64:ff:
cd:30:7f:e8:29:aa:1a:13:c9:98:eb:9e:88:59:05:be:44:54:
4c:21:3b:96:8b:9b:db:0d:d0:ce:48:98:7d:a2:76:0a:ec:7a:
e7:f0:4a:1e:48:7a:79:3c:11:ab:6c:e7:e6:92:be:70:7d:a4:
70:49:23:75:ca:cf:09:b4:6e:8d:b0:c6:d1:65:0d:35:ef:c4:
00:53:d1:a4:6f:ff:1b:57:46:cc:57:3f:1a:27:8a:09:f1:12:
a7:b0:9d:ae:05:8e:3d:cf:c8:00:b3:1f:bc:5a:eb:39:ff:15:
f1:2a:55:33:40:a9:ca:d2:d7:ae:d8:b7:27:0b:8a:e1:0f:ee:
c5:a6:59:87:f2:81:dc:41:81:01:f1:35:0e:ed:ed:4d:e6:52:
17:eb:3e:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpRfammPkKLGYNP45okz5OnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMTYwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ2ZDc1NTUyYzg2N2NhNzM2MDg0YmNiZTg0Y2IyNTNmOThkZTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7m4xSLlFanguZ6Q9DBg+GZ0eiO9z
WT9z26B0JZuU7cQP+s1uu/aIu1EaYrwtdtLPCn0gHO/xEw2YPyh/gfVz601k32T+
4q65aMFdIBQlPkHl39WRMpt0JQB5NumSh5p51B+6RiT3Ru7rd301OTV4vPWKN7qm
MbQ9x91y/NHz6o3Csp9J0F/DNqPmQMpMqV2/5rwSBp9zuQ2ARD6yjLrGq9Y0bh7o
SFoC0YADG6gIT4iGyrpBb2LWUUvbIYq+jUnI+ripRAXCdamIUyXPx+GOU6t7uQwY
aEgZDyJUF226a+3wudN1CKhvmQf4G9GRlsA4NAc1wa33KHUJ+cB0inWdPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCnW11VSyGfKc2CEvL6EyyU/mN6TMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvS2RiWFZWTElaOHB6WUlTOHZvVExKVC1ZM3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABykyOF/NvH3ZLisqyzV
5Ai8PHEsElMeBTK+lwNEIOMef4TofU6bD+FbQZBqh3CY8NKUVdOSYne6L0E7uThR
t4hWMMZMGdg1UijTB8HD3bd62LJlPi+EVMC9cfM57tGgn0rhU+WhrIR4NPdk/80w
f+gpqhoTyZjrnohZBb5EVEwhO5aLm9sN0M5ImH2idgrseufwSh5Ienk8Eats5+aS
vnB9pHBJI3XKzwm0bo2wxtFlDTXvxABT0aRv/xtXRsxXPxonignxEqewna4Fjj3P
yACzH7xa6zn/FfEqVTNAqcrS167YtycLiuEP7sWmWYfygdxBgQHxNQ7t7U3mUhfr
Plo=
-----END CERTIFICATE-----
Generated at Sun May 11 21:29:53 2025 by rpki-client