Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4oAwp1Dk3nKVyTTPZG5yW055-Cw.roa
File: 4oAwp1Dk3nKVyTTPZG5yW055-Cw.roa (raw, json)
Hash identifier: cME4N6tmvCkFsePb6O3fIdpKgNb+rCSFTukr0jc1nNA=
Subject key identifier: E2:80:30:A7:50:E4:DE:72:95:C9:34:CF:64:6E:72:5B:4E:79:F8:2C
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A56DAF458890FD30FA7703BF9874B86F5
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4oAwp1Dk3nKVyTTPZG5yW055-Cw.roa
Signing time: Sat 02 Sep 2023 17:05:04 +0000
ROA not before: Sat 02 Sep 2023 17:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:56da:867d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:56:da:f4:58:89:0f:d3:0f:a7:70:3b:f9:87:4b:86:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 17:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e28030a750e4de7295c934cf646e725b4e79f82c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:27:10:b2:d1:9c:0f:a2:d4:44:30:2b:72:7b:
98:69:61:fe:d0:6d:38:81:38:96:6e:2e:0e:a8:5d:
eb:3d:d9:7d:20:94:e2:90:51:2a:64:ac:0a:1c:8e:
a6:47:c3:a3:0d:ca:0d:37:13:75:49:9a:e9:58:f0:
15:e9:12:c0:59:3a:46:1d:a1:2d:ce:9c:d4:d2:ff:
f1:d7:57:a6:ec:4c:c3:28:e2:f9:d1:66:89:eb:bd:
47:07:70:31:31:8a:8f:9a:c7:0c:6a:85:9f:5f:a8:
db:5e:fc:a5:9f:bd:fe:47:49:84:69:34:71:d6:bb:
71:42:7f:f6:4d:33:32:39:05:8c:78:57:57:07:3d:
76:a3:e1:50:41:8e:65:ba:fb:41:7a:0e:70:53:89:
a6:dc:f7:08:85:4f:9e:04:af:eb:e0:0a:01:56:1e:
0d:06:82:78:c2:b5:db:f0:a7:fd:7a:07:5b:ff:3f:
53:a4:ff:9e:73:41:a0:0f:b7:ee:df:b3:69:67:7c:
ee:52:36:8d:55:d2:9b:d6:9c:de:8d:a2:7b:8e:ca:
51:c7:1c:4d:19:99:01:1b:88:20:25:64:88:45:e0:
58:f4:27:cf:57:25:37:76:03:70:eb:2c:88:30:c4:
9d:53:ae:d7:a9:0f:8a:dd:83:10:56:ea:d6:57:57:
62:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:80:30:A7:50:E4:DE:72:95:C9:34:CF:64:6E:72:5B:4E:79:F8:2C
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/4oAwp1Dk3nKVyTTPZG5yW055-Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:82:8e:49:7e:5f:7d:fa:b6:81:9b:2a:7d:9f:9c:f5:04:5d:
74:eb:c6:49:dd:ff:78:6f:4e:a7:f4:67:ac:f7:af:01:69:41:
7b:0a:ef:9f:06:75:f0:a7:b7:e5:aa:ec:28:bf:e5:f4:db:f3:
fe:8f:66:8c:33:f4:a2:a6:64:d2:1a:5c:61:f1:a1:8e:b6:09:
86:0f:0e:a1:a4:af:f7:a6:b3:16:47:38:06:39:25:a2:dd:88:
5b:91:52:88:ef:74:70:35:6d:0c:6d:35:eb:bf:44:ca:6e:eb:
f8:92:0d:12:db:ea:74:da:f1:50:95:f3:c3:b0:75:4e:4c:a3:
ac:3e:2c:3d:75:ef:e7:02:80:44:3d:00:0c:c4:5b:d8:cd:e8:
69:83:b0:38:a3:5e:f7:67:4a:54:91:8c:b7:d1:c7:dd:d2:96:
85:1c:36:0f:66:df:9c:df:03:2f:1c:80:8f:5e:0c:0c:32:1e:
18:2b:c7:27:c5:06:82:b0:73:4f:ed:01:ce:19:32:29:f9:9d:
2f:ed:23:8a:1e:a5:b1:00:af:36:bc:40:66:ba:a3:09:a9:c8:
cc:35:ad:c0:7f:56:cc:21:21:13:b0:84:73:73:b3:b2:87:93:
98:f6:70:f2:2e:a8:38:f6:bc:8b:d6:7a:1f:f4:d4:09:f9:74:
82:d0:51:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpW2vRYiQ/TD6dwO/mHS4b1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMTcwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjgwMzBhNzUwZTRkZTcyOTVjOTM0Y2Y2NDZlNzI1YjRlNzlmODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxycQstGcD6LURDArcnuYaWH+0G04
gTiWbi4OqF3rPdl9IJTikFEqZKwKHI6mR8OjDcoNNxN1SZrpWPAV6RLAWTpGHaEt
zpzU0v/x11em7EzDKOL50WaJ671HB3AxMYqPmscMaoWfX6jbXvyln73+R0mEaTRx
1rtxQn/2TTMyOQWMeFdXBz12o+FQQY5luvtBeg5wU4mm3PcIhU+eBK/r4AoBVh4N
BoJ4wrXb8Kf9egdb/z9TpP+ec0GgD7fu37NpZ3zuUjaNVdKb1pzejaJ7jspRxxxN
GZkBG4ggJWSIReBY9CfPVyU3dgNw6yyIMMSdU67XqQ+K3YMQVurWV1di3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOKAMKdQ5N5ylck0z2RucltOefgsMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvNG9Bd3AxRGszbktWeVRUUFpHNXlXMDU1LUN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJmCjkl+X336toGbKn2f
nPUEXXTrxknd/3hvTqf0Z6z3rwFpQXsK758GdfCnt+Wq7Ci/5fTb8/6PZowz9KKm
ZNIaXGHxoY62CYYPDqGkr/emsxZHOAY5JaLdiFuRUojvdHA1bQxtNeu/RMpu6/iS
DRLb6nTa8VCV88OwdU5Mo6w+LD117+cCgEQ9AAzEW9jN6GmDsDijXvdnSlSRjLfR
x93SloUcNg9m35zfAy8cgI9eDAwyHhgrxyfFBoKwc0/tAc4ZMin5nS/tI4oepbEA
rza8QGa6owmpyMw1rcB/VswhIROwhHNzs7KHk5j2cPIuqDj2vIvWeh/01An5dILQ
USU=
-----END CERTIFICATE-----
Generated at Tue Jun 17 13:59:04 2025 by rpki-client