Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/5pgzYumZkCS65VIKaTNhywoW2os.roa
File: 5pgzYumZkCS65VIKaTNhywoW2os.roa (raw, json)
Hash identifier: qapXcDMoQZGQ7a2hdO4VgHhKT6MQhUcCbxCvAn0qP6o=
Subject key identifier: E6:98:33:62:E9:99:90:24:BA:E5:52:0A:69:33:61:CB:0A:16:DA:8B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7741724DECA284C411BBA7503B062BBB
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/5pgzYumZkCS65VIKaTNhywoW2os.roa
Signing time: Sat 09 Sep 2023 00:04:52 +0000
ROA not before: Sat 09 Sep 2023 00:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:7741:572/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:77:41:72:4d:ec:a2:84:c4:11:bb:a7:50:3b:06:2b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 00:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6983362e9999024bae5520a693361cb0a16da8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5b:93:6d:fd:c4:38:bb:7a:80:29:84:ca:c1:
0d:e7:51:ce:5e:0c:ea:ee:ee:b4:94:a4:7f:56:a8:
4d:b7:88:e7:fb:88:51:df:6b:09:10:da:d6:a8:94:
35:d9:27:eb:b4:4b:78:dc:4e:ae:9f:59:c6:74:6b:
07:f6:41:7f:58:c7:8a:07:ee:24:22:90:f9:ad:85:
1a:8f:1f:32:b4:34:57:4a:c7:2e:8e:4d:6b:bd:f0:
28:a9:70:52:d2:fb:77:f0:a7:da:27:a8:bc:7a:ad:
89:23:86:ae:5b:80:39:3c:89:3f:4d:aa:51:05:2a:
72:40:70:2f:ab:62:8a:29:eb:7d:e6:ed:46:bd:4a:
f5:ed:1a:b9:93:df:c3:c6:f1:d8:05:0d:1d:60:5a:
48:ae:3c:d0:6e:24:60:67:73:36:90:c9:80:f3:cb:
d4:95:e0:b7:fe:fa:81:7f:69:22:a5:c9:54:da:ef:
3b:01:81:85:86:93:3e:a1:94:b0:e4:b0:76:72:8c:
a5:7e:94:b4:07:56:25:5b:48:1d:69:19:7a:1e:9a:
b7:9d:e8:1a:e6:c1:4a:79:0e:49:84:38:6e:21:ca:
6b:6c:31:f2:36:52:b4:36:e3:32:25:da:7e:3c:aa:
06:ee:f9:3b:93:50:c8:52:a7:cb:2e:a7:22:d3:ea:
43:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:98:33:62:E9:99:90:24:BA:E5:52:0A:69:33:61:CB:0A:16:DA:8B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/5pgzYumZkCS65VIKaTNhywoW2os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:c8:44:b4:88:cf:da:0c:14:bf:00:5a:88:e3:b6:be:5d:95:
82:9c:49:1d:c7:69:22:2a:fd:8c:ba:e1:8d:1c:e1:00:2c:5e:
84:f8:15:e4:a7:f6:f3:a2:93:c5:fa:97:6c:76:97:13:3b:fd:
47:13:4c:7a:ca:cd:04:35:f1:78:bb:cc:8f:cf:d1:ee:44:30:
15:84:39:6a:a0:c0:89:31:54:7a:b5:cf:2d:56:fc:88:a6:a1:
82:2c:44:f3:7b:65:4e:af:36:cd:ed:58:68:66:6f:c4:5a:5e:
15:26:8e:29:4f:dd:b8:68:e5:9e:f5:df:9b:d7:14:b0:75:81:
db:1d:93:a0:27:0d:40:29:26:a9:b7:57:06:22:4b:f2:47:62:
b9:bc:89:d6:2a:63:d7:5f:f7:b4:68:8c:ce:a3:d4:d3:2a:b3:
ec:bc:49:6d:d8:a8:1c:58:22:4f:5e:5a:45:fb:3f:41:4a:8b:
20:85:56:4b:98:79:52:17:6a:83:fa:81:2b:84:17:f2:f8:dd:
ea:f9:49:76:f5:c6:e7:c5:4d:1b:cc:90:1b:a2:c3:c3:7b:e1:
68:0b:d4:65:08:28:ea:5d:ea:c4:b9:56:78:57:52:6f:c5:3b:
79:17:53:be:01:a4:d1:1c:fb:53:97:99:84:cb:cf:83:c7:2f:
40:ce:05:5e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp3QXJN7KKExBG7p1A7Biu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MDAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjk4MzM2MmU5OTk5MDI0YmFlNTUyMGE2OTMzNjFjYjBhMTZkYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1uTbf3EOLt6gCmEysEN51HOXgzq
7u60lKR/VqhNt4jn+4hR32sJENrWqJQ12SfrtEt43E6un1nGdGsH9kF/WMeKB+4k
IpD5rYUajx8ytDRXSscujk1rvfAoqXBS0vt38KfaJ6i8eq2JI4auW4A5PIk/TapR
BSpyQHAvq2KKKet95u1GvUr17Rq5k9/DxvHYBQ0dYFpIrjzQbiRgZ3M2kMmA88vU
leC3/vqBf2kipclU2u87AYGFhpM+oZSw5LB2coylfpS0B1YlW0gdaRl6Hpq3nega
5sFKeQ5JhDhuIcprbDHyNlK0NuMyJdp+PKoG7vk7k1DIUqfLLqci0+pDawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOaYM2LpmZAkuuVSCmkzYcsKFtqLMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvNXBnell1bVprQ1M2NVZJS2FUTmh5d29XMm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEvIRLSIz9oMFL8AWojj
tr5dlYKcSR3HaSIq/Yy64Y0c4QAsXoT4FeSn9vOik8X6l2x2lxM7/UcTTHrKzQQ1
8Xi7zI/P0e5EMBWEOWqgwIkxVHq1zy1W/IimoYIsRPN7ZU6vNs3tWGhmb8RaXhUm
jilP3bho5Z7135vXFLB1gdsdk6AnDUApJqm3VwYiS/JHYrm8idYqY9df97RojM6j
1NMqs+y8SW3YqBxYIk9eWkX7P0FKiyCFVkuYeVIXaoP6gSuEF/L43er5SXb1xufF
TRvMkBuiw8N74WgL1GUIKOpd6sS5VnhXUm/FO3kXU74BpNEc+1OXmYTLz4PHL0DO
BV4=
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:31:16 2025 by rpki-client