Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/L5GxJm2_NYzf8OuhMqP937hctbQ.roa
File: L5GxJm2_NYzf8OuhMqP937hctbQ.roa (raw, json)
Hash identifier: PDyMEcCde06Y3JEJvqyGCOpyT4oE1AG8XdL17TMe6WU=
Subject key identifier: 2F:91:B1:26:6D:BF:35:8C:DF:F0:EB:A1:32:A3:FD:DF:B8:5C:B5:B4
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8E002AA9DEA7F9C67A672B45D25C8203
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/L5GxJm2_NYzf8OuhMqP937hctbQ.roa
Signing time: Wed 13 Sep 2023 10:04:50 +0000
ROA not before: Wed 13 Sep 2023 10:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64:ffff:0:18a:8dff:af4a/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:00:2a:a9:de:a7:f9:c6:7a:67:2b:45:d2:5c:82:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 10:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f91b1266dbf358cdff0eba132a3fddfb85cb5b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:50:38:07:1c:75:78:31:36:05:63:5b:b4:86:
2c:29:4d:47:f8:27:ef:63:a9:16:42:b9:17:1d:3d:
fe:02:ab:45:72:61:69:d5:86:a0:81:70:22:23:9c:
3c:a6:d0:3f:1e:0f:7d:d4:b9:0f:17:83:99:a0:2d:
6b:84:e6:3c:75:c4:78:f7:c9:c2:4e:c2:68:73:db:
d6:b8:c6:9d:55:97:59:1a:0a:f2:2e:79:2e:bb:a3:
6c:8c:70:71:05:73:a7:1a:7f:73:0b:5f:f1:d9:99:
70:c3:06:08:53:aa:1a:a5:32:e7:5d:27:b3:d7:d2:
dc:66:16:67:b8:cd:d9:be:1e:1f:a1:ec:cb:fa:60:
4e:02:d4:53:29:e7:05:72:c4:2a:5e:44:e4:95:ef:
2b:50:19:2b:a5:61:83:33:c4:83:67:34:7f:36:fe:
4c:d5:74:60:2f:00:b3:9f:a0:14:a0:7d:7d:07:09:
fb:b1:22:09:18:97:1f:87:28:ed:e0:97:fc:9c:92:
97:cc:ad:fc:41:e6:54:40:81:7a:eb:4d:8e:76:18:
96:1c:cc:59:8b:5f:d7:83:91:9e:e5:54:65:c4:cf:
f9:9b:3e:a3:04:b9:3b:b2:05:25:a0:9d:b1:ed:44:
5d:c5:ef:bd:6c:39:1f:4e:48:d4:fc:bd:d7:10:5c:
ac:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:91:B1:26:6D:BF:35:8C:DF:F0:EB:A1:32:A3:FD:DF:B8:5C:B5:B4
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/L5GxJm2_NYzf8OuhMqP937hctbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:fc:56:b8:7c:5e:42:d2:f3:3a:b9:4e:0f:1e:34:3c:bb:3b:
6f:f0:5a:97:bd:cf:b2:da:58:93:f0:71:8d:dd:eb:f0:09:1f:
94:66:b5:8a:08:fd:94:07:7e:ae:30:8a:96:76:ad:3a:20:39:
f4:30:7e:e2:2e:19:d4:c0:1a:f6:3a:db:fd:06:b6:9b:c1:02:
86:be:d9:ef:f9:f5:f6:fa:90:46:a4:f9:d2:38:d0:90:29:ad:
aa:45:f0:88:9a:35:5f:b0:3d:76:61:11:22:ce:a7:b0:4e:50:
de:f8:33:bc:8a:3a:e1:3c:f9:fa:7a:df:53:58:61:fd:02:11:
51:f5:9f:ba:59:d0:fa:fd:03:6e:57:a6:66:94:54:3f:2c:61:
96:b6:85:49:d7:a8:f1:ab:48:a9:fe:ea:1f:6d:33:8e:31:e7:
04:c3:2d:30:2d:83:f4:cd:fd:98:f1:18:b2:70:20:28:7d:44:
ae:6a:50:0b:dc:4c:9d:c9:2e:3f:f0:cb:d3:aa:1c:ba:90:94:
fb:05:87:cb:01:6b:bf:4a:71:d1:f8:3e:25:03:d9:d0:f0:48:
e5:83:63:7d:02:ea:66:11:2e:69:b0:4e:aa:7c:4a:9f:41:69:
85:0c:15:34:1e:55:4c:7f:90:a5:9b:b7:8c:09:1d:0c:d6:4c:
92:86:af:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqOACqp3qf5xnpnK0XSXIIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMTAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjkxYjEyNjZkYmYzNThjZGZmMGViYTEzMmEzZmRkZmI4NWNiNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVA4Bxx1eDE2BWNbtIYsKU1H+Cfv
Y6kWQrkXHT3+AqtFcmFp1YaggXAiI5w8ptA/Hg991LkPF4OZoC1rhOY8dcR498nC
TsJoc9vWuMadVZdZGgryLnkuu6NsjHBxBXOnGn9zC1/x2ZlwwwYIU6oapTLnXSez
19LcZhZnuM3Zvh4foezL+mBOAtRTKecFcsQqXkTkle8rUBkrpWGDM8SDZzR/Nv5M
1XRgLwCzn6AUoH19Bwn7sSIJGJcfhyjt4Jf8nJKXzK38QeZUQIF6602OdhiWHMxZ
i1/Xg5Ge5VRlxM/5mz6jBLk7sgUloJ2x7URdxe+9bDkfTkjU/L3XEFys+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC+RsSZtvzWM3/DroTKj/d+4XLW0MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTDVHeEptMl9OWXpmOE91aE1xUDkzN2hjdGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKb8Vrh8XkLS8zq5Tg8e
NDy7O2/wWpe9z7LaWJPwcY3d6/AJH5RmtYoI/ZQHfq4wipZ2rTogOfQwfuIuGdTA
GvY62/0GtpvBAoa+2e/59fb6kEak+dI40JAprapF8IiaNV+wPXZhESLOp7BOUN74
M7yKOuE8+fp631NYYf0CEVH1n7pZ0Pr9A25XpmaUVD8sYZa2hUnXqPGrSKn+6h9t
M44x5wTDLTAtg/TN/ZjxGLJwICh9RK5qUAvcTJ3JLj/wy9OqHLqQlPsFh8sBa79K
cdH4PiUD2dDwSOWDY30C6mYRLmmwTqp8Sp9BaYUMFTQeVUx/kKWbt4wJHQzWTJKG
r8A=
-----END CERTIFICATE-----
Generated at Sun May 11 18:08:34 2025 by rpki-client