Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8t5v9oclZQfhuz2YoXONez-nrsg.roa
File: 8t5v9oclZQfhuz2YoXONez-nrsg.roa (raw, json)
Hash identifier: IFOHv7F2u3i7bSM+Hpu7PvaFw9+y8oGZLNbY8iTCQPU=
Subject key identifier: F2:DE:6F:F6:87:25:65:07:E1:BB:3D:98:A1:73:8D:7B:3F:A7:AE:C8
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A63F1C8B4542834D71D83A4C9D7065A96
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8t5v9oclZQfhuz2YoXONez-nrsg.roa
Signing time: Tue 05 Sep 2023 06:05:04 +0000
ROA not before: Tue 05 Sep 2023 06:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:63f1:1c2b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:63:f1:c8:b4:54:28:34:d7:1d:83:a4:c9:d7:06:5a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 06:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2de6ff687256507e1bb3d98a1738d7b3fa7aec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:34:0a:b9:d9:9f:54:a4:20:fe:3f:16:4a:b5:
3f:0d:66:4a:fd:d8:6e:23:75:f3:ea:b4:ca:02:6d:
1c:d7:9d:52:af:6e:dd:ac:02:4f:b0:7a:41:37:20:
11:4e:80:2d:6a:40:96:39:59:ce:d5:bc:a7:98:5b:
16:f1:52:c7:ca:67:1e:f2:ee:03:59:54:71:75:46:
b6:06:e6:8f:f7:9b:d9:9d:2b:d4:5d:13:89:04:6b:
1b:16:c8:ef:f5:e1:be:3f:cd:96:76:0b:89:33:fb:
5d:14:33:46:5c:bc:7d:3a:22:ac:0c:ef:12:15:58:
4a:b5:d9:64:5a:9a:9a:d4:30:36:ea:ae:60:de:14:
24:ba:1f:9b:ca:3b:d0:0d:40:af:79:19:6e:ac:29:
3f:da:b2:88:7d:6d:11:4b:1d:5a:cd:a5:b9:35:6a:
07:c6:8e:26:d4:58:03:53:55:47:58:7b:77:71:e9:
f1:45:46:58:8f:ad:05:3b:27:7b:20:97:2f:4c:ac:
ab:0c:96:89:42:52:4b:4c:1f:43:23:ba:e3:fd:ab:
f2:26:4e:9c:78:18:e1:3f:56:9f:df:08:58:df:2b:
f9:92:32:05:4a:ea:25:91:a4:bd:05:6d:52:26:09:
42:4f:e7:8b:ee:d3:b2:7e:a0:6b:cf:7f:6d:3a:dd:
a5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:DE:6F:F6:87:25:65:07:E1:BB:3D:98:A1:73:8D:7B:3F:A7:AE:C8
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/8t5v9oclZQfhuz2YoXONez-nrsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
08:1a:f4:40:09:c0:da:ef:52:fa:51:a7:33:01:f2:20:e6:7f:
5d:79:b6:f0:bf:74:2c:de:cf:3c:b9:db:81:2e:33:99:03:81:
c7:4b:16:12:eb:01:c0:99:da:92:d4:a6:fd:d2:4a:36:ea:ef:
29:d9:27:e9:fd:e8:26:1d:a4:4c:8c:6e:fd:69:58:d9:fb:6b:
09:69:17:ca:cb:9a:ef:22:5c:e4:d4:70:c0:74:86:52:3d:c3:
66:f1:91:7e:5d:d9:dd:39:ca:e9:ca:4e:23:a9:6c:a2:7e:be:
09:a2:45:41:a4:7a:7c:7f:86:df:61:41:73:3c:91:23:77:4b:
65:75:22:d3:da:07:2b:0c:78:62:00:49:69:f0:98:e5:82:9b:
12:78:54:4b:03:39:ad:6e:d1:74:5b:89:f3:61:66:76:ad:bf:
08:9e:c2:10:8a:ca:54:cd:c8:d2:4a:03:d3:d1:ed:08:61:41:
d0:64:ea:f2:2c:11:af:1e:7c:eb:f2:7d:ef:16:f8:88:d7:af:
8c:a8:fb:8a:1d:50:4a:34:29:3e:ca:98:d8:fc:67:28:2d:75:
e7:c7:46:65:41:d5:59:53:0b:d0:00:83:cc:8b:b0:5f:93:1c:
4c:0e:d9:48:86:ea:2b:e3:1b:b8:7a:4e:7a:44:12:23:24:03:
58:62:e8:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpj8ci0VCg01x2DpMnXBlqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MDYwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmRlNmZmNjg3MjU2NTA3ZTFiYjNkOThhMTczOGQ3YjNmYTdhZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjQKudmfVKQg/j8WSrU/DWZK/dhu
I3Xz6rTKAm0c151Sr27drAJPsHpBNyARToAtakCWOVnO1bynmFsW8VLHymce8u4D
WVRxdUa2BuaP95vZnSvUXROJBGsbFsjv9eG+P82WdguJM/tdFDNGXLx9OiKsDO8S
FVhKtdlkWpqa1DA26q5g3hQkuh+byjvQDUCveRlurCk/2rKIfW0RSx1azaW5NWoH
xo4m1FgDU1VHWHt3cenxRUZYj60FOyd7IJcvTKyrDJaJQlJLTB9DI7rj/avyJk6c
eBjhP1af3whY3yv5kjIFSuolkaS9BW1SJglCT+eL7tOyfqBrz39tOt2lkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPLeb/aHJWUH4bs9mKFzjXs/p67IMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvOHQ1djlvY2xaUWZodXoyWW9YT05lei1ucnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAga9EAJwNrvUvpRpzMB
8iDmf115tvC/dCzezzy524EuM5kDgcdLFhLrAcCZ2pLUpv3SSjbq7ynZJ+n96CYd
pEyMbv1pWNn7awlpF8rLmu8iXOTUcMB0hlI9w2bxkX5d2d05yunKTiOpbKJ+vgmi
RUGkenx/ht9hQXM8kSN3S2V1ItPaBysMeGIASWnwmOWCmxJ4VEsDOa1u0XRbifNh
ZnatvwiewhCKylTNyNJKA9PR7QhhQdBk6vIsEa8efOvyfe8W+IjXr4yo+4odUEo0
KT7KmNj8ZygtdefHRmVB1VlTC9AAg8yLsF+THEwO2UiG6ivjG7h6TnpEEiMkA1hi
6CU=
-----END CERTIFICATE-----
Generated at Wed Jun 18 13:52:54 2025 by rpki-client