Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/LsVB9nUp0FXC7wVVLgROCzBWJGw.roa
File: LsVB9nUp0FXC7wVVLgROCzBWJGw.roa (raw, json)
Hash identifier: akexDJ/x9Z84ZW3/tbeOle+hJrVjjmNv2lNQKqakeHw=
Subject key identifier: 2E:C5:41:F6:75:29:D0:55:C2:EF:05:55:2E:04:4E:0B:30:56:24:6C
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A53351D9CCCE5ADB4554AB11FA808E030
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/LsVB9nUp0FXC7wVVLgROCzBWJGw.roa
Signing time: Sat 02 Sep 2023 00:05:04 +0000
ROA not before: Sat 02 Sep 2023 00:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:5334:848f/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:53:35:1d:9c:cc:e5:ad:b4:55:4a:b1:1f:a8:08:e0:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 00:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ec541f67529d055c2ef05552e044e0b3056246c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b9:ff:8f:af:78:a8:2e:3d:8f:7f:1c:fb:48:
48:1c:3b:91:ec:ba:4e:21:69:73:08:6c:ff:af:6b:
e7:16:b6:d4:62:fb:ea:e2:4a:c6:3a:1d:f5:23:9b:
e9:36:48:b7:88:0b:e7:59:9c:0f:8a:7d:b3:18:53:
5b:49:68:65:b3:40:88:8f:15:31:e6:c2:76:e7:21:
c5:27:07:64:32:f4:e2:5d:45:12:41:1d:61:e1:d9:
88:8b:36:e4:65:69:62:6b:13:3b:01:0a:8f:99:13:
a8:f8:be:34:ba:b5:3f:ea:d0:e3:c0:2d:13:7a:60:
aa:0c:f0:43:a9:59:41:c6:8b:43:53:3d:2c:c3:23:
da:a3:3b:f6:a6:95:d6:58:54:a2:78:75:4f:27:bb:
75:ae:37:31:ed:49:0d:2a:30:db:d2:9b:18:39:df:
10:0e:00:48:53:7a:ef:65:df:f5:c3:34:8b:27:50:
69:8a:31:2e:06:86:17:80:9b:17:88:c4:aa:8c:09:
d6:05:ed:fa:3c:40:60:97:9b:ae:f1:66:a0:54:32:
33:73:5e:6f:90:4d:a0:84:04:b6:46:c9:58:c4:93:
2a:df:8a:5d:e2:3b:c7:87:38:24:fb:a7:c8:5b:8a:
82:57:ba:bf:86:38:e1:62:af:a3:8d:7b:3a:e4:ef:
84:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C5:41:F6:75:29:D0:55:C2:EF:05:55:2E:04:4E:0B:30:56:24:6C
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/LsVB9nUp0FXC7wVVLgROCzBWJGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:bb:5e:8e:85:79:c6:a6:2a:39:2d:1e:d7:41:1e:3c:48:cf:
00:a5:a5:80:fe:59:cd:d5:a2:32:b6:ef:89:b1:6b:76:9f:34:
a8:f2:78:57:96:70:f1:c0:27:e6:18:2d:c1:94:ea:27:06:83:
e8:4e:ec:2e:3d:ab:b7:4e:b4:9f:7b:c3:13:5e:41:7c:03:b1:
a2:ac:d8:ea:f1:0f:9a:d7:bc:21:4f:08:05:b1:bf:ac:83:ea:
b9:1f:05:e0:d5:ca:7a:83:66:84:1a:e5:dc:a6:d6:a9:df:89:
93:bd:9f:f7:dd:64:f3:f0:bd:c0:93:65:31:e6:c4:7d:cc:2f:
93:f7:6d:54:2a:8d:12:ed:ff:e6:19:c9:7b:f1:0f:25:3c:94:
5c:11:ec:7a:77:1c:e9:b3:d0:70:5c:71:4d:b9:be:6f:d3:ca:
2e:f2:29:bd:98:6f:02:84:e8:5a:12:78:78:86:52:91:ae:5f:
e0:17:cb:65:37:5b:b6:a3:d7:a7:80:62:36:54:e1:a0:ac:67:
af:82:54:51:38:c7:36:46:23:d7:06:63:a8:30:4f:29:43:1d:
b5:16:40:42:60:64:b4:0f:90:93:6d:43:4a:fb:c2:67:c6:48:
28:2e:98:e9:4e:6f:fe:20:ed:6f:c9:14:ae:ef:02:69:48:11:
e1:43:b9:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpTNR2czOWttFVKsR+oCOAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMDAwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWM1NDFmNjc1MjlkMDU1YzJlZjA1NTUyZTA0NGUwYjMwNTYyNDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7n/j694qC49j38c+0hIHDuR7LpO
IWlzCGz/r2vnFrbUYvvq4krGOh31I5vpNki3iAvnWZwPin2zGFNbSWhls0CIjxUx
5sJ25yHFJwdkMvTiXUUSQR1h4dmIizbkZWliaxM7AQqPmROo+L40urU/6tDjwC0T
emCqDPBDqVlBxotDUz0swyPaozv2ppXWWFSieHVPJ7t1rjcx7UkNKjDb0psYOd8Q
DgBIU3rvZd/1wzSLJ1BpijEuBoYXgJsXiMSqjAnWBe36PEBgl5uu8WagVDIzc15v
kE2ghAS2RslYxJMq34pd4jvHhzgk+6fIW4qCV7q/hjjhYq+jjXs65O+EQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC7FQfZ1KdBVwu8FVS4ETgswViRsMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTHNWQjluVXAwRlhDN3dWVkxnUk9DekJXSkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADi7Xo6FecamKjktHtdB
HjxIzwClpYD+Wc3VojK274mxa3afNKjyeFeWcPHAJ+YYLcGU6icGg+hO7C49q7dO
tJ97wxNeQXwDsaKs2OrxD5rXvCFPCAWxv6yD6rkfBeDVynqDZoQa5dym1qnfiZO9
n/fdZPPwvcCTZTHmxH3ML5P3bVQqjRLt/+YZyXvxDyU8lFwR7Hp3HOmz0HBccU25
vm/Tyi7yKb2YbwKE6FoSeHiGUpGuX+AXy2U3W7aj16eAYjZU4aCsZ6+CVFE4xzZG
I9cGY6gwTylDHbUWQEJgZLQPkJNtQ0r7wmfGSCgumOlOb/4g7W/JFK7vAmlIEeFD
uWU=
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:07:38 2025 by rpki-client