Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/RZnqR8_3kqf08lm_CAyfhyC_eH0.roa
File: RZnqR8_3kqf08lm_CAyfhyC_eH0.roa (raw, json)
Hash identifier: PeMvZP9LyRug/Ui0ddS+ZVUYhYQEh34lPdQ17lzdANM=
Subject key identifier: 45:99:EA:47:CF:F7:92:A7:F4:F2:59:BF:08:0C:9F:87:20:BF:78:7D
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A62714321EDA7755F5E2ED09C3F83CCB0
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/RZnqR8_3kqf08lm_CAyfhyC_eH0.roa
Signing time: Mon 04 Sep 2023 23:05:04 +0000
ROA not before: Mon 04 Sep 2023 23:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:6270:d48e/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:62:71:43:21:ed:a7:75:5f:5e:2e:d0:9c:3f:83:cc:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 23:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4599ea47cff792a7f4f259bf080c9f8720bf787d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fa:31:66:d4:33:25:96:25:34:f2:bd:60:f9:
c5:34:6b:38:1d:96:f2:1c:39:9d:2d:0a:2d:4a:ca:
ca:52:2f:1c:d4:ec:a3:7c:be:e9:71:01:52:23:27:
15:31:be:5a:20:2c:13:6d:19:19:7f:4d:ef:63:fb:
d9:de:e0:fb:13:e6:f3:32:6e:2a:09:da:91:0c:20:
1f:ba:cd:78:43:2b:bb:b5:8a:43:16:f0:46:53:1f:
b4:7d:95:71:d4:ab:73:00:b3:bc:31:ea:04:77:6b:
5b:65:06:d3:02:b9:ff:ce:df:0d:2e:34:e4:2e:f5:
05:66:6c:bb:ea:74:8b:a3:43:6c:5e:36:f6:dd:0f:
96:06:b7:17:dc:51:29:01:28:24:a6:e4:a5:2f:78:
e5:31:73:b6:e9:43:7a:85:76:30:97:0b:79:83:40:
46:d7:3c:95:ba:33:c3:a0:ed:e8:60:77:b6:33:5d:
21:3a:67:4c:0d:be:1f:ce:80:92:8d:b1:c4:88:a4:
83:d7:8a:9d:5c:c7:b4:a3:11:ee:b0:96:c7:db:1d:
b5:aa:9d:9b:54:ac:89:d9:aa:f0:70:89:c9:1d:33:
54:c7:d5:e2:e7:1d:55:ef:4e:ec:d9:7c:ee:ca:e1:
e4:83:68:03:65:25:7c:b3:82:fa:d4:5f:08:43:0c:
6f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:99:EA:47:CF:F7:92:A7:F4:F2:59:BF:08:0C:9F:87:20:BF:78:7D
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/RZnqR8_3kqf08lm_CAyfhyC_eH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:f9:73:92:61:60:0b:5b:2d:1f:a6:83:22:4c:86:eb:10:f0:
46:51:01:21:30:c6:43:c6:cd:97:e4:c6:e3:3f:57:69:87:c1:
22:c3:74:d5:43:71:b9:a7:4d:1e:c3:56:93:2e:f1:8f:b9:d3:
45:a2:5d:79:f4:1b:50:53:60:ce:29:2c:0f:fa:98:21:3b:64:
b0:9a:ca:a0:87:ba:32:7b:4e:90:c8:84:b4:6b:07:68:ad:24:
ac:1a:a5:7e:75:c4:e8:96:32:0a:7c:40:fb:c8:7b:27:8a:fc:
d5:1a:cb:60:c6:71:a3:c5:45:20:1e:e9:46:5e:b5:98:04:97:
d1:be:d5:c1:21:0e:58:4a:eb:aa:a3:19:a0:1f:93:6e:b3:fc:
0e:44:86:e3:d5:7a:43:bc:86:57:45:d4:9f:59:61:5c:ab:74:
5b:06:66:38:8f:39:45:39:58:50:d3:13:8f:04:33:a3:65:b5:
a2:61:82:57:f4:f6:f1:4a:00:1c:8f:1d:3b:13:74:2c:7c:f3:
67:a4:4a:aa:72:75:51:b9:2d:b1:c9:54:d5:f3:97:b4:9f:25:
46:03:79:32:e5:4b:c5:5f:68:e4:34:10:ad:3f:cf:8b:e0:df:
b0:ff:23:8b:58:b2:e8:b1:26:3c:7a:bf:eb:4d:87:e1:80:27:
36:1e:21:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpicUMh7ad1X14u0Jw/g8ywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MjMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTk5ZWE0N2NmZjc5MmE3ZjRmMjU5YmYwODBjOWY4NzIwYmY3ODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvoxZtQzJZYlNPK9YPnFNGs4HZby
HDmdLQotSsrKUi8c1OyjfL7pcQFSIycVMb5aICwTbRkZf03vY/vZ3uD7E+bzMm4q
CdqRDCAfus14Qyu7tYpDFvBGUx+0fZVx1KtzALO8MeoEd2tbZQbTArn/zt8NLjTk
LvUFZmy76nSLo0NsXjb23Q+WBrcX3FEpASgkpuSlL3jlMXO26UN6hXYwlwt5g0BG
1zyVujPDoO3oYHe2M10hOmdMDb4fzoCSjbHEiKSD14qdXMe0oxHusJbH2x21qp2b
VKyJ2arwcInJHTNUx9Xi5x1V707s2XzuyuHkg2gDZSV8s4L61F8IQwxvqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEWZ6kfP95Kn9PJZvwgMn4cgv3h9MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvUlpucVI4XzNrcWYwOGxtX0NBeWZoeUNfZUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEH5c5JhYAtbLR+mgyJM
husQ8EZRASEwxkPGzZfkxuM/V2mHwSLDdNVDcbmnTR7DVpMu8Y+500WiXXn0G1BT
YM4pLA/6mCE7ZLCayqCHujJ7TpDIhLRrB2itJKwapX51xOiWMgp8QPvIeyeK/NUa
y2DGcaPFRSAe6UZetZgEl9G+1cEhDlhK66qjGaAfk26z/A5EhuPVekO8hldF1J9Z
YVyrdFsGZjiPOUU5WFDTE48EM6NltaJhglf09vFKAByPHTsTdCx882ekSqpydVG5
LbHJVNXzl7SfJUYDeTLlS8VfaOQ0EK0/z4vg37D/I4tYsuixJjx6v+tNh+GAJzYe
IUE=
-----END CERTIFICATE-----
Generated at Mon Jun 16 06:14:16 2025 by rpki-client