Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/gIELYIp3Tr3cXt4hW-iN1G4raSs.roa
File: gIELYIp3Tr3cXt4hW-iN1G4raSs.roa (raw, json)
Hash identifier: WX9eVuG/MR1rkMKke4Hs75pWjU2A1oq4pPbuit9Ecdo=
Subject key identifier: 80:81:0B:60:8A:77:4E:BD:DC:5E:DE:21:5B:E8:8D:D4:6E:2B:69:2B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A65720D8B2E3783C7003FE9E0AEB27C92
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/gIELYIp3Tr3cXt4hW-iN1G4raSs.roa
Signing time: Tue 05 Sep 2023 13:04:47 +0000
ROA not before: Tue 05 Sep 2023 13:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:6571:b72e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:72:0d:8b:2e:37:83:c7:00:3f:e9:e0:ae:b2:7c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 13:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80810b608a774ebddc5ede215be88dd46e2b692b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:50:a7:55:6d:6a:56:0d:7e:b2:bb:70:00:a6:
a0:ed:f3:86:cc:78:f7:fd:0b:93:f9:41:f5:a8:3e:
7d:2c:a5:40:dc:28:e2:8b:b5:18:31:75:20:08:2d:
7a:ae:2a:8c:58:5c:e3:b6:d9:f0:64:b2:a5:7c:2c:
68:df:b7:33:ed:f9:ff:f9:2c:25:a3:a3:89:9c:b5:
01:65:b1:00:58:56:70:9e:34:de:7d:41:66:3b:c4:
d0:f9:17:2a:ae:15:d6:79:67:4f:48:11:36:bc:8c:
b4:37:d3:84:ad:e4:91:70:64:2a:76:bf:0d:2a:54:
26:81:c3:17:32:71:ad:75:bd:10:ff:ad:d4:c6:37:
c8:d1:c1:82:0b:6c:3c:f1:1d:02:87:2a:76:bf:0c:
73:93:5a:07:5d:2f:a0:ae:e7:aa:34:89:b0:39:2d:
22:03:66:9a:c7:ca:47:7a:76:9e:b4:3a:5e:37:b9:
e8:ec:e0:1c:d1:93:0c:c9:4b:01:3f:26:ec:85:19:
61:b3:9d:93:16:a8:cc:2e:25:4c:98:f8:59:53:73:
38:20:60:60:48:ce:34:26:2e:6c:d5:40:cd:78:a9:
df:91:00:77:b8:7c:28:4c:59:ca:7f:3c:88:40:55:
f1:7f:ce:6a:1a:45:e9:71:d1:fd:8c:4a:9e:4a:68:
8c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:81:0B:60:8A:77:4E:BD:DC:5E:DE:21:5B:E8:8D:D4:6E:2B:69:2B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/gIELYIp3Tr3cXt4hW-iN1G4raSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:f2:e4:3d:bd:04:1c:d4:3c:fd:d5:ee:19:f2:f1:d4:a1:e7:
83:e7:8c:88:7e:f8:90:23:19:c5:22:7c:e1:e5:4d:07:6f:0c:
2f:b9:38:f7:27:30:3d:25:b2:94:10:8e:b5:5b:88:6c:0d:e9:
6d:4f:34:c3:63:3b:77:9a:5f:78:d3:c8:7e:25:61:dc:92:39:
77:7c:85:10:2c:45:ca:51:34:85:05:60:69:cf:16:17:09:45:
18:50:68:76:1b:24:de:96:a3:cc:a0:f1:e2:e4:48:ee:28:89:
6d:e4:1a:24:a3:32:04:66:10:37:17:0a:ef:dc:e1:ce:83:b8:
a5:ca:eb:61:8c:6f:4a:d5:b7:37:d9:a3:46:84:e3:89:1f:fb:
75:18:10:21:5f:f9:71:2e:da:7f:64:6a:55:1b:5e:53:4b:ce:
9a:cc:58:ac:6e:e4:59:ff:1d:6f:46:27:09:55:3e:4d:05:92:
de:41:41:fd:4f:0d:30:84:2a:cf:ed:7a:a1:1b:0b:8b:4a:51:
4a:e6:94:e5:24:85:9f:b3:94:15:d3:25:9f:29:51:e0:06:d9:
37:75:39:70:39:50:87:e4:b7:0e:01:f4:ff:f0:7b:be:9a:4b:
66:6c:87:65:b7:d6:fe:27:d6:9b:f4:42:49:1b:74:f9:7b:13:
dd:12:a4:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYplcg2LLjeDxwA/6eCusnySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MTMwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDgxMGI2MDhhNzc0ZWJkZGM1ZWRlMjE1YmU4OGRkNDZlMmI2OTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVCnVW1qVg1+srtwAKag7fOGzHj3
/QuT+UH1qD59LKVA3Cjii7UYMXUgCC16riqMWFzjttnwZLKlfCxo37cz7fn/+Swl
o6OJnLUBZbEAWFZwnjTefUFmO8TQ+RcqrhXWeWdPSBE2vIy0N9OEreSRcGQqdr8N
KlQmgcMXMnGtdb0Q/63UxjfI0cGCC2w88R0Chyp2vwxzk1oHXS+grueqNImwOS0i
A2aax8pHenaetDpeN7no7OAc0ZMMyUsBPybshRlhs52TFqjMLiVMmPhZU3M4IGBg
SM40Ji5s1UDNeKnfkQB3uHwoTFnKfzyIQFXxf85qGkXpcdH9jEqeSmiMhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFICBC2CKd0693F7eIVvojdRuK2krMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvZ0lFTFlJcDNUcjNjWHQ0aFctaU4xRzRyYVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG7y5D29BBzUPP3V7hny
8dSh54PnjIh++JAjGcUifOHlTQdvDC+5OPcnMD0lspQQjrVbiGwN6W1PNMNjO3ea
X3jTyH4lYdySOXd8hRAsRcpRNIUFYGnPFhcJRRhQaHYbJN6Wo8yg8eLkSO4oiW3k
GiSjMgRmEDcXCu/c4c6DuKXK62GMb0rVtzfZo0aE44kf+3UYECFf+XEu2n9kalUb
XlNLzprMWKxu5Fn/HW9GJwlVPk0Fkt5BQf1PDTCEKs/teqEbC4tKUUrmlOUkhZ+z
lBXTJZ8pUeAG2Td1OXA5UIfktw4B9P/we76aS2Zsh2W31v4n1pv0QkkbdPl7E90S
pKc=
-----END CERTIFICATE-----
Generated at Mon Jun 16 08:21:02 2025 by rpki-client