Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8qpvSdHblR5Q0m43dMH0xoPrEBk.roa
File: 8qpvSdHblR5Q0m43dMH0xoPrEBk.roa (raw, json)
Hash identifier: sHwNs1V/4Arh01kevrfM0jcd2qtQfoaF9ovwF9l3WeA=
Subject key identifier: F2:AA:6F:49:D1:DB:95:1E:50:D2:6E:37:74:C1:F4:C6:83:EB:10:19
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5C383F87D5ADDC496C47072E6C5E1E99
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8qpvSdHblR5Q0m43dMH0xoPrEBk.roa
Signing time: Sun 03 Sep 2023 18:05:04 +0000
ROA not before: Sun 03 Sep 2023 18:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:5c37:9014/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5c:38:3f:87:d5:ad:dc:49:6c:47:07:2e:6c:5e:1e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 18:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2aa6f49d1db951e50d26e3774c1f4c683eb1019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5d:1f:e8:99:7a:28:a7:27:db:3a:2f:bb:38:
5f:3e:af:5b:7d:70:71:77:43:bc:12:2d:20:8a:75:
b9:c2:32:cb:ba:64:2c:52:a5:44:c9:ea:08:b5:51:
83:8e:27:00:9d:19:10:ae:51:f0:be:b4:ea:04:f1:
7a:43:98:d7:1b:58:a4:24:27:c8:9a:5d:2f:74:94:
b4:47:07:bf:f9:12:6f:2c:9f:a2:75:56:3d:c9:25:
79:05:65:31:5b:bb:3a:4b:6e:7c:43:08:95:2e:c5:
e4:cc:78:54:a7:40:ca:53:85:37:ce:f1:f1:49:05:
89:7a:60:c8:39:fd:27:b8:6f:63:27:4a:99:79:53:
8f:ed:8f:d2:bc:19:6d:bf:0d:a8:04:64:01:78:b0:
37:5b:59:34:a2:77:80:ed:b9:9d:68:86:85:8d:e9:
72:62:4e:ea:92:4c:b5:05:18:46:18:3a:6e:10:01:
84:a8:04:f3:13:d4:cd:46:d2:94:57:a0:0b:68:6c:
f7:b6:1a:81:be:9a:73:42:72:54:fe:b8:70:e8:1f:
6a:fa:6f:04:a6:68:f1:66:5d:c0:94:7f:9c:a5:b8:
76:33:26:07:c9:e0:9f:bf:6e:7d:b4:48:24:4f:99:
6f:15:29:d0:7d:e6:30:a8:78:5c:c4:51:f9:73:6f:
33:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AA:6F:49:D1:DB:95:1E:50:D2:6E:37:74:C1:F4:C6:83:EB:10:19
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8qpvSdHblR5Q0m43dMH0xoPrEBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:16:ce:c8:5b:c2:62:5f:33:ef:df:d5:6e:97:2a:03:5b:69:
76:7e:9d:03:0d:d2:95:ec:4a:4d:d0:c8:9d:1d:46:29:9c:77:
42:a1:b3:29:04:e7:71:9d:72:8f:1d:98:54:58:f2:81:60:0f:
79:be:e4:97:0d:fc:2d:1b:22:dd:2d:17:32:67:12:aa:a9:e5:
37:15:fc:3a:f5:25:f1:6b:87:9b:70:44:bb:6c:ae:6e:08:ee:
1e:8c:cc:e9:fd:e0:0a:77:c2:b6:ba:e6:cd:f3:b4:bf:ed:05:
95:18:c7:f5:43:21:ae:4c:c2:a2:d3:f7:17:50:8b:db:24:d5:
42:5b:20:e3:1b:7b:91:0e:d1:0a:7e:86:a0:e3:eb:96:9e:42:
a4:eb:64:f3:da:1d:5b:e6:d2:7a:7c:62:7b:5a:76:5c:4d:8f:
51:1b:3c:78:b7:e9:27:61:9b:52:ae:92:80:d4:95:02:14:5b:
f0:c4:01:f4:ef:97:d2:12:bb:06:58:c7:20:07:a7:87:59:2b:
92:4f:47:05:66:83:c7:6d:d7:7a:17:ee:35:5e:50:b5:9b:35:
5e:1c:7d:ce:dd:8e:ed:e3:7f:f3:f6:02:3d:82:2d:b7:09:e5:
2a:a2:21:aa:c4:8f:27:cb:47:bc:c3:65:14:6c:64:db:73:4c:
74:40:48:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpcOD+H1a3cSWxHBy5sXh6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMTgwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFhNmY0OWQxZGI5NTFlNTBkMjZlMzc3NGMxZjRjNjgzZWIxMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjl0f6Jl6KKcn2zovuzhfPq9bfXBx
d0O8Ei0ginW5wjLLumQsUqVEyeoItVGDjicAnRkQrlHwvrTqBPF6Q5jXG1ikJCfI
ml0vdJS0Rwe/+RJvLJ+idVY9ySV5BWUxW7s6S258QwiVLsXkzHhUp0DKU4U3zvHx
SQWJemDIOf0nuG9jJ0qZeVOP7Y/SvBltvw2oBGQBeLA3W1k0oneA7bmdaIaFjely
Yk7qkky1BRhGGDpuEAGEqATzE9TNRtKUV6ALaGz3thqBvppzQnJU/rhw6B9q+m8E
pmjxZl3AlH+cpbh2MyYHyeCfv259tEgkT5lvFSnQfeYwqHhcxFH5c28zzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPKqb0nR25UeUNJuN3TB9MaD6xAZMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvOHFwdlNkSGJsUjVRMG00M2RNSDB4b1ByRUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEYWzshbwmJfM+/f1W6X
KgNbaXZ+nQMN0pXsSk3QyJ0dRimcd0KhsykE53Gdco8dmFRY8oFgD3m+5JcN/C0b
It0tFzJnEqqp5TcV/Dr1JfFrh5twRLtsrm4I7h6MzOn94Ap3wra65s3ztL/tBZUY
x/VDIa5MwqLT9xdQi9sk1UJbIOMbe5EO0Qp+hqDj65aeQqTrZPPaHVvm0np8Ynta
dlxNj1EbPHi36Sdhm1KukoDUlQIUW/DEAfTvl9ISuwZYxyAHp4dZK5JPRwVmg8dt
13oX7jVeULWbNV4cfc7dju3jf/P2Aj2CLbcJ5SqiIarEjyfLR7zDZRRsZNtzTHRA
SAE=
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:03:36 2025 by rpki-client