Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/vfXc0zRIyfba01KeKkjeTsGfwI0.roa
File: vfXc0zRIyfba01KeKkjeTsGfwI0.roa (raw, json)
Hash identifier: 8wtLfkCDPMciep7GvgTvZJrNs1VEA6EpUAu8xQLVuOs=
Subject key identifier: BD:F5:DC:D3:34:48:C9:F6:DA:D3:52:9E:2A:48:DE:4E:C1:9F:C0:8D
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA307771D615988250568E9DD6E8505C6
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/vfXc0zRIyfba01KeKkjeTsGfwI0.roa
Signing time: Sun 17 Sep 2023 12:04:50 +0000
ROA not before: Sun 17 Sep 2023 12:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:a307:40c7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a3:07:77:1d:61:59:88:25:05:68:e9:dd:6e:85:05:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 12:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdf5dcd33448c9f6dad3529e2a48de4ec19fc08d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ce:f1:71:9e:e4:bc:58:bd:17:f8:31:d0:82:
5c:4d:ff:c0:54:39:30:16:6a:fe:5d:50:0f:57:bb:
8d:c5:1a:57:90:5f:8a:f7:b1:82:f8:81:a6:c5:8f:
25:1d:24:7b:2a:e6:10:2b:ac:d0:39:f2:e3:69:04:
8e:a7:32:24:d2:76:6d:62:98:fd:46:46:12:8b:06:
b4:75:e8:0b:ed:15:c3:c9:bb:2a:e2:9a:52:0e:c3:
bf:51:9e:02:be:ca:6c:68:bc:3a:93:d1:57:dd:fb:
a1:23:2f:f9:d4:b3:c6:84:c2:88:97:24:e2:3e:0f:
51:28:8f:33:03:bc:8e:86:1c:87:05:b8:65:5e:69:
4d:3f:53:e4:85:4e:ae:43:bd:fc:5f:48:e0:a5:01:
6e:e4:37:c4:c0:e8:87:b8:e9:02:4a:36:64:6a:77:
da:6b:36:1d:cf:78:f9:49:2e:39:52:c2:e5:ff:c4:
54:be:93:a1:f0:2f:db:12:eb:92:c5:7e:20:1f:ed:
37:7f:80:22:59:8d:89:7a:81:35:78:35:60:ef:2f:
c0:f8:60:18:58:d3:26:4b:df:b4:95:88:96:50:fd:
8d:a1:24:8e:de:57:8e:94:67:59:2b:45:75:82:dc:
de:3b:65:70:53:05:fb:84:88:fb:ed:2e:d3:e9:a3:
11:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F5:DC:D3:34:48:C9:F6:DA:D3:52:9E:2A:48:DE:4E:C1:9F:C0:8D
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/vfXc0zRIyfba01KeKkjeTsGfwI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:49:ec:cf:c1:bd:6d:1a:f5:8b:9b:8a:12:86:55:84:a7:5f:
ae:98:38:70:fa:da:be:9f:6a:a3:48:b2:5c:bd:3a:0d:07:a1:
ca:94:ab:65:f1:08:ac:66:f8:c8:5f:a5:57:e4:9c:af:97:b9:
b1:ef:3f:9c:2c:d8:3b:79:f5:bd:e0:51:a1:8e:26:1a:8f:bb:
e6:b8:6c:2c:e3:ec:29:9e:f0:ce:a6:9a:b7:f5:34:63:20:be:
a7:ea:05:1f:16:26:40:fd:7f:30:52:5a:d6:1c:11:40:b9:78:
41:15:d8:ae:b8:55:5d:c1:07:00:26:72:66:6e:8f:b3:c6:b1:
33:57:27:a4:f5:db:b7:5b:18:d9:0e:c9:05:0f:f3:09:35:24:
d7:71:c6:20:09:12:6e:90:6d:72:cc:32:95:dd:97:9d:30:4b:
07:75:c2:b6:47:a0:45:6a:ad:f4:fa:a1:29:2d:4e:7f:a5:c1:
ff:0a:21:9b:41:65:fe:7f:42:35:17:e5:79:4c:50:da:b0:28:
2d:af:5b:62:c3:db:95:9c:d9:74:f1:e4:59:4f:3b:4c:2d:34:
12:1f:f6:39:c8:e1:e2:32:84:e7:5c:b4:db:7e:0c:ab:ac:b8:
bf:db:32:5c:c8:32:28:ec:39:7d:30:32:25:67:de:c0:a2:8a:
01:d5:f1:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqjB3cdYVmIJQVo6d1uhQXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGY1ZGNkMzM0NDhjOWY2ZGFkMzUyOWUyYTQ4ZGU0ZWMxOWZjMDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgc7xcZ7kvFi9F/gx0IJcTf/AVDkw
Fmr+XVAPV7uNxRpXkF+K97GC+IGmxY8lHSR7KuYQK6zQOfLjaQSOpzIk0nZtYpj9
RkYSiwa0degL7RXDybsq4ppSDsO/UZ4CvspsaLw6k9FX3fuhIy/51LPGhMKIlyTi
Pg9RKI8zA7yOhhyHBbhlXmlNP1PkhU6uQ738X0jgpQFu5DfEwOiHuOkCSjZkanfa
azYdz3j5SS45UsLl/8RUvpOh8C/bEuuSxX4gH+03f4AiWY2JeoE1eDVg7y/A+GAY
WNMmS9+0lYiWUP2NoSSO3leOlGdZK0V1gtzeO2VwUwX7hIj77S7T6aMRNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL313NM0SMn22tNSnipI3k7Bn8CNMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdmZYYzB6Ukl5ZmJhMDFLZUtramVUc0dmd0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE9J7M/BvW0a9YubihKG
VYSnX66YOHD62r6faqNIsly9Og0HocqUq2XxCKxm+MhfpVfknK+XubHvP5ws2Dt5
9b3gUaGOJhqPu+a4bCzj7Cme8M6mmrf1NGMgvqfqBR8WJkD9fzBSWtYcEUC5eEEV
2K64VV3BBwAmcmZuj7PGsTNXJ6T127dbGNkOyQUP8wk1JNdxxiAJEm6QbXLMMpXd
l50wSwd1wrZHoEVqrfT6oSktTn+lwf8KIZtBZf5/QjUX5XlMUNqwKC2vW2LD25Wc
2XTx5FlPO0wtNBIf9jnI4eIyhOdctNt+DKusuL/bMlzIMijsOX0wMiVn3sCiigHV
8Xo=
-----END CERTIFICATE-----
Generated at Sun May 11 18:11:08 2025 by rpki-client