Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hVeXpYAArwvEc2sTfsc8eDRsGwk.roa
File: hVeXpYAArwvEc2sTfsc8eDRsGwk.roa (raw, json)
Hash identifier: 1CaGvpUnsVHpOlaMT0Ysliz5HauyAbB4hB6+BxyI7+U=
Subject key identifier: 85:57:97:A5:80:00:AF:0B:C4:73:6B:13:7E:C7:3C:78:34:6C:1B:09
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA89BB189FE84E642BDE6736876122C2F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hVeXpYAArwvEc2sTfsc8eDRsGwk.roa
Signing time: Mon 18 Sep 2023 14:04:50 +0000
ROA not before: Mon 18 Sep 2023 14:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:a89b:4bac/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:9b:b1:89:fe:84:e6:42:bd:e6:73:68:76:12:2c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 18 14:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=855797a58000af0bc4736b137ec73c78346c1b09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:08:98:4f:87:7e:f2:12:f9:02:68:ad:a4:6e:
c6:38:20:de:39:97:66:6b:ae:ee:28:57:4a:ab:58:
6f:ef:24:6d:05:b6:75:30:2c:27:d9:46:27:2f:42:
e3:50:3b:1c:e6:f8:49:df:7a:35:59:d7:56:87:56:
b7:31:21:12:fc:1d:e7:43:37:3e:b9:5d:12:4e:c1:
21:94:d4:03:88:da:7c:83:72:c4:2d:db:3d:70:95:
d8:60:be:b5:0c:d0:0a:b4:98:52:17:78:9c:d4:29:
b2:b0:e0:3e:70:13:70:ec:4d:ab:6a:4a:39:22:b4:
74:d8:5f:db:35:4a:20:35:b3:09:86:78:4d:a6:33:
f1:32:04:24:13:2c:23:51:2b:5d:91:28:e3:30:b5:
38:2d:a3:5a:8d:a5:bd:19:6a:dc:6c:ad:23:49:2d:
8c:1f:ef:e5:0c:5b:a5:fd:c9:c8:11:27:83:d7:d0:
5c:b3:53:0d:00:3a:66:a1:af:e6:67:e8:bd:13:d7:
d8:ad:97:c2:26:ee:bd:4d:ce:53:56:18:b0:04:a2:
3d:5d:eb:e6:a5:3f:b4:e9:d2:c1:08:56:98:21:97:
ea:75:dc:3b:8a:34:9b:eb:ed:7d:1a:d7:81:5b:26:
54:24:70:33:9b:6c:d6:ff:c2:6d:7b:dd:67:c3:98:
ec:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:57:97:A5:80:00:AF:0B:C4:73:6B:13:7E:C7:3C:78:34:6C:1B:09
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hVeXpYAArwvEc2sTfsc8eDRsGwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
92:9a:c8:76:d6:a2:26:3d:54:4c:8e:64:91:89:68:29:ef:e0:
23:1b:25:e8:57:9b:ed:80:c4:90:49:b3:e1:2b:05:3b:b8:1b:
72:89:e5:62:35:0e:8f:8a:bf:91:dd:dc:fb:ec:76:e6:56:08:
ed:f4:a5:29:6e:49:69:5e:d4:bd:02:d9:c7:80:b5:8b:51:32:
a8:43:20:0b:27:75:ed:14:2e:15:2b:1a:ec:19:35:57:fa:7c:
34:28:e5:27:92:bb:74:ed:ca:c6:47:6b:88:51:e9:4b:61:28:
ce:42:8b:d7:a2:bd:9e:7f:6c:ed:bf:1d:df:78:70:77:8b:dc:
fd:bc:d5:c9:c2:5b:15:0a:82:3c:49:62:ca:9c:2d:d7:eb:dd:
40:79:26:57:8b:41:46:5d:50:b6:8c:3c:5f:19:b8:92:a0:15:
38:ff:73:9b:05:e3:a4:a8:02:99:f0:02:ad:a7:8a:ae:4b:2e:
e5:22:65:83:41:ca:34:d1:09:69:8c:49:89:49:bf:bc:bd:c3:
1e:b6:ba:88:a8:59:1c:fa:92:2e:83:c3:b2:79:be:50:1a:de:
e8:49:a0:d1:c4:12:0b:aa:df:c1:45:53:29:55:3c:63:73:7c:
7a:cc:ce:b3:28:9a:84:35:f1:4a:8b:2d:e2:54:28:35:95:59:
05:f5:b3:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqom7GJ/oTmQr3mc2h2EiwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE4MTQwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTU3OTdhNTgwMDBhZjBiYzQ3MzZiMTM3ZWM3M2M3ODM0NmMxYjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAiYT4d+8hL5AmitpG7GOCDeOZdm
a67uKFdKq1hv7yRtBbZ1MCwn2UYnL0LjUDsc5vhJ33o1WddWh1a3MSES/B3nQzc+
uV0STsEhlNQDiNp8g3LELds9cJXYYL61DNAKtJhSF3ic1CmysOA+cBNw7E2rako5
IrR02F/bNUogNbMJhnhNpjPxMgQkEywjUStdkSjjMLU4LaNajaW9GWrcbK0jSS2M
H+/lDFul/cnIESeD19Bcs1MNADpmoa/mZ+i9E9fYrZfCJu69Tc5TVhiwBKI9Xevm
pT+06dLBCFaYIZfqddw7ijSb6+19GteBWyZUJHAzm2zW/8Jte91nw5jsxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIVXl6WAAK8LxHNrE37HPHg0bBsJMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaFZlWHBZQUFyd3ZFYzJzVGZzYzhlRFJzR3drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJKayHbWoiY9VEyOZJGJ
aCnv4CMbJehXm+2AxJBJs+ErBTu4G3KJ5WI1Do+Kv5Hd3PvsduZWCO30pSluSWle
1L0C2ceAtYtRMqhDIAsnde0ULhUrGuwZNVf6fDQo5SeSu3TtysZHa4hR6UthKM5C
i9eivZ5/bO2/Hd94cHeL3P281cnCWxUKgjxJYsqcLdfr3UB5JleLQUZdULaMPF8Z
uJKgFTj/c5sF46SoApnwAq2niq5LLuUiZYNByjTRCWmMSYlJv7y9wx62uoioWRz6
ki6Dw7J5vlAa3uhJoNHEEguq38FFUylVPGNzfHrMzrMomoQ18UqLLeJUKDWVWQX1
s4E=
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:08:23 2025 by rpki-client