Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/N5i-r64cP2VhtUhcVaJJlxJU-9g.roa
File: N5i-r64cP2VhtUhcVaJJlxJU-9g.roa (raw, json)
Hash identifier: F0Z1yDxbAsIjcREriqIm0mLjlschNR2N+9vbrGQoRGc=
Subject key identifier: 37:98:BE:AF:AE:1C:3F:65:61:B5:48:5C:55:A2:49:97:12:54:FB:D8
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AACAF64056552CC09E7A4D4C118F8E1A1
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/N5i-r64cP2VhtUhcVaJJlxJU-9g.roa
Signing time: Tue 19 Sep 2023 09:04:50 +0000
ROA not before: Tue 19 Sep 2023 09:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64:ffff:0:18a:acaf:1207/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:af:64:05:65:52:cc:09:e7:a4:d4:c1:18:f8:e1:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 19 09:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3798beafae1c3f6561b5485c55a249971254fbd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e6:5d:3a:cb:cc:52:76:48:3e:36:ea:9b:00:
5f:a7:da:d8:52:07:cf:d9:2a:95:a4:96:ec:9f:ff:
67:c4:b0:74:5b:3f:26:18:49:08:02:29:79:c8:b5:
89:79:94:46:81:e6:92:cb:de:ab:35:a2:94:e4:4b:
7e:d1:56:3b:80:1d:6d:2c:1b:7f:c9:87:89:18:d9:
86:13:74:ee:8a:7b:dd:74:97:62:3b:68:32:3c:62:
b9:c1:0f:24:7d:4b:e3:2c:25:cf:7f:30:60:9d:a4:
bb:33:98:5c:32:39:ec:e3:07:16:d8:b7:52:03:ca:
b2:25:3c:90:80:bd:a1:a7:a6:7f:ea:94:d0:4f:0d:
2e:61:f5:5c:88:8b:89:74:38:70:4c:70:3b:2c:58:
4a:2b:8a:12:33:aa:4e:c1:7a:69:2c:0f:58:bf:c1:
30:71:c8:7b:f4:ed:26:9f:22:83:f5:3a:a5:c7:9b:
a1:d5:87:2f:7d:8c:24:aa:f2:01:30:0d:f8:8e:2c:
77:b0:5c:62:d5:a8:22:b3:0c:00:c2:8d:a4:53:7c:
d0:27:2e:d6:79:7a:63:72:f8:99:e4:86:40:31:92:
83:01:84:51:84:ca:c9:b5:a6:b3:4b:e3:c9:e4:4c:
d7:ee:13:e6:49:dd:2d:b6:df:21:71:fa:d1:bb:98:
ef:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:98:BE:AF:AE:1C:3F:65:61:B5:48:5C:55:A2:49:97:12:54:FB:D8
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/N5i-r64cP2VhtUhcVaJJlxJU-9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
54:c6:9f:3c:5a:6e:18:ec:95:59:1e:e3:d5:fb:73:ff:0d:1d:
a1:f8:cf:3e:6a:4e:11:45:ef:2a:68:8a:3d:45:ef:c5:61:64:
c0:dc:ea:c6:fe:35:77:26:c7:6c:bd:81:6c:f6:99:21:17:de:
47:f4:02:30:2c:b7:9b:73:18:a8:a8:9c:0b:c6:82:0e:97:33:
25:6e:23:f8:06:64:8a:db:c9:fe:82:e5:76:04:78:59:a9:50:
52:d7:00:18:4e:5c:7c:ef:f6:5f:72:40:0d:b0:77:4b:5e:64:
9a:23:8b:b7:5b:4b:a9:08:4a:26:90:78:9a:a7:49:bc:25:68:
fd:77:b1:be:4b:4a:cb:0a:43:46:61:a5:ff:eb:21:a5:59:cd:
fb:2c:59:9c:f0:83:16:5e:b9:a3:8c:e1:b2:f6:de:25:fe:3e:
c5:05:f1:0f:10:57:eb:8a:c2:82:6d:5c:f5:5d:b2:db:94:13:
93:4c:af:f0:73:2e:1b:1e:3a:e4:7c:cf:8d:e1:69:29:ae:45:
65:e7:2a:59:eb:d6:a9:d6:28:f9:99:33:bf:a0:73:aa:8e:c6:
79:bb:9b:c3:8e:31:48:50:32:7f:ba:cd:04:92:62:f6:73:70:
62:e4:3a:74:6e:a3:f1:7a:35:90:84:29:01:41:7a:6f:65:a8:
ef:57:75:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqsr2QFZVLMCeek1MEY+OGhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE5MDkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzk4YmVhZmFlMWMzZjY1NjFiNTQ4NWM1NWEyNDk5NzEyNTRmYmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+ZdOsvMUnZIPjbqmwBfp9rYUgfP
2SqVpJbsn/9nxLB0Wz8mGEkIAil5yLWJeZRGgeaSy96rNaKU5Et+0VY7gB1tLBt/
yYeJGNmGE3TuinvddJdiO2gyPGK5wQ8kfUvjLCXPfzBgnaS7M5hcMjns4wcW2LdS
A8qyJTyQgL2hp6Z/6pTQTw0uYfVciIuJdDhwTHA7LFhKK4oSM6pOwXppLA9Yv8Ew
cch79O0mnyKD9Tqlx5uh1YcvfYwkqvIBMA34jix3sFxi1agiswwAwo2kU3zQJy7W
eXpjcviZ5IZAMZKDAYRRhMrJtaazS+PJ5EzX7hPmSd0ttt8hcfrRu5jvkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDeYvq+uHD9lYbVIXFWiSZcSVPvYMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTjVpLXI2NGNQMlZodFVoY1ZhSkpseEpVLTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFTGnzxabhjslVke49X7
c/8NHaH4zz5qThFF7ypoij1F78VhZMDc6sb+NXcmx2y9gWz2mSEX3kf0AjAst5tz
GKionAvGgg6XMyVuI/gGZIrbyf6C5XYEeFmpUFLXABhOXHzv9l9yQA2wd0teZJoj
i7dbS6kISiaQeJqnSbwlaP13sb5LSssKQ0Zhpf/rIaVZzfssWZzwgxZeuaOM4bL2
3iX+PsUF8Q8QV+uKwoJtXPVdstuUE5NMr/BzLhseOuR8z43haSmuRWXnKlnr1qnW
KPmZM7+gc6qOxnm7m8OOMUhQMn+6zQSSYvZzcGLkOnRuo/F6NZCEKQFBem9lqO9X
dWQ=
-----END CERTIFICATE-----
Generated at Sun May 11 23:23:34 2025 by rpki-client