Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/F2dOfVfaKpWnxMmot9omAfIB6FY.roa
File: F2dOfVfaKpWnxMmot9omAfIB6FY.roa (raw, json)
Hash identifier: a980unzd/DN89ZxZFZQk+/K3re9myFyT8KTtB+0t0iw=
Subject key identifier: 17:67:4E:7D:57:DA:2A:95:A7:C4:C9:A8:B7:DA:26:01:F2:01:E8:56
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6C4FF63DCFD0A584EF50CDD1D454B450
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/F2dOfVfaKpWnxMmot9omAfIB6FY.roa
Signing time: Wed 06 Sep 2023 21:04:54 +0000
ROA not before: Wed 06 Sep 2023 21:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:6c4f:6d77/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6c:4f:f6:3d:cf:d0:a5:84:ef:50:cd:d1:d4:54:b4:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 21:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17674e7d57da2a95a7c4c9a8b7da2601f201e856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ad:cc:53:9b:8c:46:56:53:c0:be:da:93:51:
5d:f8:cc:f1:e8:41:b0:20:8b:f1:11:ea:58:46:6b:
a2:fd:cb:c4:b2:48:b9:4b:de:d6:34:39:46:b3:9c:
37:38:56:6e:05:db:c8:23:ee:28:09:34:9e:75:a0:
7b:1d:ca:ce:22:d0:85:66:8e:4a:d2:0b:39:25:a2:
67:77:e2:d8:7b:90:b8:0b:43:e2:ca:1e:cd:23:2a:
66:62:9b:e7:53:d7:f3:80:57:cc:85:89:d3:85:2f:
4b:f4:1f:7c:f3:bc:1b:14:8d:f5:79:da:f9:0b:12:
b3:94:4c:1c:c7:58:ec:b4:42:ef:0d:30:47:84:1c:
84:d3:f7:7a:06:21:d9:15:d0:99:01:06:bd:bf:5c:
59:ac:35:20:31:44:9b:ee:6e:a2:e8:07:6f:a3:79:
9c:95:35:1c:42:9a:f2:5a:e2:05:c1:d4:8d:12:50:
bf:ed:31:bf:33:ca:3d:8b:ed:21:ad:d0:9c:b2:00:
c2:fe:d1:a5:f7:a7:e3:d6:c8:64:32:55:36:79:8a:
c8:05:51:59:f1:c7:69:90:0a:e9:be:bf:e9:a0:48:
1a:e8:fd:a3:8a:f2:b2:a6:1c:33:b0:fc:3c:94:05:
37:a1:bc:9c:ad:65:12:ab:e6:38:48:b2:ba:b0:72:
81:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:67:4E:7D:57:DA:2A:95:A7:C4:C9:A8:B7:DA:26:01:F2:01:E8:56
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/F2dOfVfaKpWnxMmot9omAfIB6FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:64:78:38:81:7c:f4:29:48:32:f3:6c:11:b8:35:c7:ee:64:
16:99:08:8f:3d:f9:fe:35:91:84:05:b3:bc:a4:a8:e4:da:2b:
c8:d7:29:95:ad:d0:70:40:5d:0b:c5:63:fb:b5:d5:be:63:00:
52:a0:95:9d:e7:e8:aa:13:bb:bb:57:28:88:47:08:10:53:58:
41:44:3a:af:5c:08:92:c4:43:99:0e:96:af:c0:b2:b5:31:6a:
b3:0b:16:e9:8e:a9:29:24:c1:6b:48:20:3a:c7:fe:2a:45:7f:
bf:9c:a3:cb:7c:0e:b0:b6:84:4f:14:a7:2d:42:5c:65:35:c9:
e2:af:a4:e8:ac:82:93:99:22:8f:ea:cc:5e:c2:f0:e0:fb:b6:
00:16:1b:4f:30:83:da:08:5f:06:0c:16:55:ac:76:0f:68:08:
87:6a:56:ac:c7:41:40:2c:85:c7:40:6d:7b:3e:ee:56:51:c6:
7b:7e:07:a2:6c:f4:30:38:c2:2c:7a:e9:44:18:4f:77:5a:2d:
81:ec:f7:eb:cb:f8:66:d0:78:4f:e8:1d:f9:51:3e:e1:a0:68:
cd:e7:3c:b1:a1:31:e8:ce:4a:5f:3c:09:2a:b4:27:54:a0:3c:
f6:3e:dd:fc:89:67:45:8e:04:89:04:ec:4b:f2:b3:87:6e:1a:
3f:f0:49:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpsT/Y9z9ClhO9QzdHUVLRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MjEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzY3NGU3ZDU3ZGEyYTk1YTdjNGM5YThiN2RhMjYwMWYyMDFlODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq3MU5uMRlZTwL7ak1Fd+Mzx6EGw
IIvxEepYRmui/cvEski5S97WNDlGs5w3OFZuBdvII+4oCTSedaB7HcrOItCFZo5K
0gs5JaJnd+LYe5C4C0Piyh7NIypmYpvnU9fzgFfMhYnThS9L9B9887wbFI31edr5
CxKzlEwcx1jstELvDTBHhByE0/d6BiHZFdCZAQa9v1xZrDUgMUSb7m6i6Advo3mc
lTUcQpryWuIFwdSNElC/7TG/M8o9i+0hrdCcsgDC/tGl96fj1shkMlU2eYrIBVFZ
8cdpkArpvr/poEga6P2jivKyphwzsPw8lAU3obycrWUSq+Y4SLK6sHKBpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBdnTn1X2iqVp8TJqLfaJgHyAehWMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvRjJkT2ZWZmFLcFdueE1tb3Q5b21BZklCNkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABdkeDiBfPQpSDLzbBG4
NcfuZBaZCI89+f41kYQFs7ykqOTaK8jXKZWt0HBAXQvFY/u11b5jAFKglZ3n6KoT
u7tXKIhHCBBTWEFEOq9cCJLEQ5kOlq/AsrUxarMLFumOqSkkwWtIIDrH/ipFf7+c
o8t8DrC2hE8Upy1CXGU1yeKvpOisgpOZIo/qzF7C8OD7tgAWG08wg9oIXwYMFlWs
dg9oCIdqVqzHQUAshcdAbXs+7lZRxnt+B6Js9DA4wix66UQYT3daLYHs9+vL+GbQ
eE/oHflRPuGgaM3nPLGhMejOSl88CSq0J1SgPPY+3fyJZ0WOBIkE7Evys4duGj/w
SWQ=
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:10:55 2025 by rpki-client