Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/j72pSb1hyBbMPMASk5F4wcjw_wA.roa
File: j72pSb1hyBbMPMASk5F4wcjw_wA.roa (raw, json)
Hash identifier: syPPpZ6KjfVvkHl6i0B8kGG+52y+s/mQ+vDjkd8jnkU=
Subject key identifier: 8F:BD:A9:49:BD:61:C8:16:CC:3C:C0:12:93:91:78:C1:C8:F0:FF:00
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7AB059AE229A5E8DAE764EC98F1C5067
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/j72pSb1hyBbMPMASk5F4wcjw_wA.roa
Signing time: Sat 09 Sep 2023 16:04:52 +0000
ROA not before: Sat 09 Sep 2023 16:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:7aaf:c4c8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7a:b0:59:ae:22:9a:5e:8d:ae:76:4e:c9:8f:1c:50:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 16:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fbda949bd61c816cc3cc012939178c1c8f0ff00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b2:d3:51:2b:8c:5e:a8:d8:df:58:18:5b:d3:
6b:9d:0a:46:69:29:2d:f4:dc:db:37:f1:14:ab:93:
2a:b0:e8:5c:97:3f:9a:09:51:03:41:44:27:f0:92:
fa:a6:0c:8f:be:d3:95:42:c3:28:7e:0b:e4:91:d7:
41:c1:d4:7b:4f:c3:43:d4:ad:05:11:7f:71:c1:f9:
fa:d0:5b:1d:75:32:8b:82:2b:45:17:57:86:7a:a5:
ba:d1:c0:7e:91:61:40:42:c0:a1:a0:53:dc:0b:5c:
1a:a8:0d:0b:7f:08:97:cf:08:1c:64:45:c1:47:25:
16:85:4e:2d:b1:f8:09:80:df:fb:b7:bf:f0:50:f0:
b1:9f:95:0e:c0:ac:1b:be:27:58:37:ae:7a:ca:69:
a6:17:a2:b1:5d:67:e5:95:cb:59:d1:6c:97:c9:a3:
fc:98:2a:86:9e:ed:a8:b9:4e:1d:03:fd:6e:6a:fd:
ea:51:41:d0:dc:de:8f:6e:01:75:e1:3e:03:f5:36:
66:93:6f:16:64:5d:f9:47:01:91:bc:ee:44:f7:b2:
de:ee:0c:3c:d9:f7:5a:ad:22:44:46:fd:73:17:73:
fd:f3:62:d2:3c:1f:d1:cb:a1:e4:53:90:d0:f0:8b:
e0:e6:77:82:ab:1a:b6:21:5f:29:54:c3:9b:0c:1e:
85:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:BD:A9:49:BD:61:C8:16:CC:3C:C0:12:93:91:78:C1:C8:F0:FF:00
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/j72pSb1hyBbMPMASk5F4wcjw_wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:4d:df:33:7e:7e:1b:c6:34:49:05:81:6e:1b:cb:16:9f:76:
16:be:50:78:09:53:b2:4c:02:58:9c:43:5d:4d:0b:fb:df:26:
d8:e7:82:a2:b7:cb:17:74:d0:31:44:5b:ec:9e:4a:3d:f9:5e:
4e:62:f7:1f:89:70:1e:c3:9f:06:c2:fc:7a:bd:86:c7:04:7b:
6f:95:d3:37:2d:b9:d8:19:c7:09:0d:b2:bd:07:64:7b:f9:74:
df:d7:9f:81:07:14:ea:46:00:9c:2d:17:ed:4b:e1:3d:19:7b:
25:31:ba:7a:cc:8f:ba:65:e8:a5:97:51:53:d3:e5:4f:4a:4c:
7c:67:23:96:03:e8:50:e6:db:6d:1a:ea:84:74:e7:73:ff:d5:
44:57:50:80:c7:9c:73:4a:f4:5a:db:e9:3e:2b:67:88:15:4c:
e7:86:ad:97:c8:3d:10:fc:f6:ff:2f:c0:7c:a2:83:d3:5a:2c:
fc:98:05:fd:d0:40:01:ac:a3:04:06:26:2e:2a:7c:81:c5:b9:
71:ce:cb:f4:20:f5:eb:94:b3:3d:be:e6:7f:83:36:59:3d:dd:
be:58:a2:f0:e7:9e:97:40:0d:d8:af:ce:75:25:30:c3:e9:ee:
c1:1c:c7:22:ac:25:48:0e:e5:d7:8f:a1:d3:96:b8:08:e4:06:
2d:bd:37:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp6sFmuIppeja52TsmPHFBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MTYwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmJkYTk0OWJkNjFjODE2Y2MzY2MwMTI5MzkxNzhjMWM4ZjBmZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLLTUSuMXqjY31gYW9NrnQpGaSkt
9NzbN/EUq5MqsOhclz+aCVEDQUQn8JL6pgyPvtOVQsMofgvkkddBwdR7T8ND1K0F
EX9xwfn60FsddTKLgitFF1eGeqW60cB+kWFAQsChoFPcC1waqA0LfwiXzwgcZEXB
RyUWhU4tsfgJgN/7t7/wUPCxn5UOwKwbvidYN656ymmmF6KxXWfllctZ0WyXyaP8
mCqGnu2ouU4dA/1uav3qUUHQ3N6PbgF14T4D9TZmk28WZF35RwGRvO5E97Le7gw8
2fdarSJERv1zF3P982LSPB/Ry6HkU5DQ8Ivg5neCqxq2IV8pVMObDB6FCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI+9qUm9YcgWzDzAEpOReMHI8P8AMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvajcycFNiMWh5QmJNUE1BU2s1RjR3Y2p3X3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADVN3zN+fhvGNEkFgW4b
yxafdha+UHgJU7JMAlicQ11NC/vfJtjngqK3yxd00DFEW+yeSj35Xk5i9x+JcB7D
nwbC/Hq9hscEe2+V0zctudgZxwkNsr0HZHv5dN/Xn4EHFOpGAJwtF+1L4T0ZeyUx
unrMj7pl6KWXUVPT5U9KTHxnI5YD6FDm220a6oR053P/1URXUIDHnHNK9Frb6T4r
Z4gVTOeGrZfIPRD89v8vwHyig9NaLPyYBf3QQAGsowQGJi4qfIHFuXHOy/Qg9euU
sz2+5n+DNlk93b5YovDnnpdADdivznUlMMPp7sEcxyKsJUgO5dePodOWuAjkBi29
N9w=
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:10:32 2025 by rpki-client