Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/p_0N3SL8GxJzuDzToMZJKlSW0tQ.roa
File: p_0N3SL8GxJzuDzToMZJKlSW0tQ.roa (raw, json)
Hash identifier: 6a7LdqLhsWlhTcvG72dcjDcs15c1i8+qTvDXr9WT+iQ=
Subject key identifier: A7:FD:0D:DD:22:FC:1B:12:73:B8:3C:D3:A0:C6:49:2A:54:96:D2:D4
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5DEFB319DB7B9AF94783F468889A8CEC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/p_0N3SL8GxJzuDzToMZJKlSW0tQ.roa
Signing time: Mon 04 Sep 2023 02:05:04 +0000
ROA not before: Mon 04 Sep 2023 02:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:5def:aaa/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5d:ef:b3:19:db:7b:9a:f9:47:83:f4:68:88:9a:8c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 02:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7fd0ddd22fc1b1273b83cd3a0c6492a5496d2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b5:53:73:b8:a0:85:a8:a8:21:fa:58:3f:3f:
3c:7c:4c:fa:1e:19:35:4d:cd:ab:06:f6:71:e8:b8:
19:f8:92:0b:49:d8:5c:ef:87:a5:69:d2:13:34:ac:
ea:9c:b3:ca:7b:52:cf:87:19:ae:ba:ab:46:af:a6:
76:d3:9e:d7:20:17:17:54:31:a5:5e:94:c7:d9:63:
d7:47:26:ff:92:7c:3c:63:44:4d:ec:11:1c:1b:7a:
46:ca:9f:4d:80:fa:8b:d9:f6:69:ed:79:31:ff:bc:
f2:17:d3:ce:b6:a6:ef:30:3d:a4:3a:e5:68:ac:53:
6b:c1:d0:1e:bb:be:71:2f:3c:91:f0:d9:6f:17:07:
81:a4:43:a0:6e:28:e6:f4:24:ef:74:d6:11:3f:65:
5f:3c:4d:27:63:18:74:78:79:54:0f:94:77:85:02:
67:e8:b9:d2:2d:3e:6e:ec:5b:e1:1f:0a:b6:c2:9b:
9a:f5:a6:e5:f7:92:28:56:17:b0:9a:56:06:b7:06:
ba:4e:ff:1d:d2:b5:90:cc:6b:44:4c:e0:f3:de:d6:
7a:9f:6a:47:8a:ef:64:39:63:fe:ee:74:79:2f:b8:
61:89:bd:54:69:38:34:c8:9a:69:8a:60:35:7e:65:
1e:18:01:66:12:3b:db:58:fa:3a:6f:33:b6:0e:1c:
b5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:FD:0D:DD:22:FC:1B:12:73:B8:3C:D3:A0:C6:49:2A:54:96:D2:D4
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/p_0N3SL8GxJzuDzToMZJKlSW0tQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:0d:56:f2:a8:29:17:a5:ab:12:ab:90:e3:93:fb:14:5d:f3:
7e:41:5a:60:f1:84:a7:78:bf:a3:c0:e3:0e:32:75:f6:ea:28:
b6:96:f0:b8:cc:d0:fd:cb:bd:23:d8:de:db:37:ae:85:b4:53:
41:34:14:e2:e2:25:47:24:c2:fa:03:dc:5e:08:21:6d:7c:61:
36:30:86:8c:ec:fa:05:89:10:31:9c:cb:d1:03:ba:12:92:e6:
4d:f3:25:a2:65:64:dd:46:92:06:9c:14:1f:83:51:2b:a3:09:
81:a3:f9:b2:29:67:a0:56:29:7e:3c:40:fc:8c:f5:dd:4d:76:
1f:70:f5:bd:c2:6c:b8:a8:1c:8b:ea:75:07:74:86:fa:3a:e0:
c7:a6:d7:e7:7e:69:a7:a4:dc:b1:a3:81:f8:cc:03:1a:2e:5b:
f5:79:c4:ce:db:8f:c9:54:f4:e6:98:85:36:71:7f:64:9b:b7:
3e:a4:38:01:35:fb:08:02:69:3c:45:7a:cb:64:e2:e0:3d:f4:
43:8f:d7:4e:83:eb:c5:d5:cf:58:8a:c5:7e:73:11:87:12:8d:
8c:b3:bc:4f:34:c3:cb:93:f5:a9:4a:7a:43:6e:92:43:5f:7f:
30:b8:77:8f:33:27:61:2a:d5:35:69:3e:d3:4d:c4:42:e7:b4:
6d:87:ad:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpd77MZ23ua+UeD9GiImozsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MDIwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2ZkMGRkZDIyZmMxYjEyNzNiODNjZDNhMGM2NDkyYTU0OTZkMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLVTc7ighaioIfpYPz88fEz6Hhk1
Tc2rBvZx6LgZ+JILSdhc74eladITNKzqnLPKe1LPhxmuuqtGr6Z2057XIBcXVDGl
XpTH2WPXRyb/knw8Y0RN7BEcG3pGyp9NgPqL2fZp7Xkx/7zyF9POtqbvMD2kOuVo
rFNrwdAeu75xLzyR8NlvFweBpEOgbijm9CTvdNYRP2VfPE0nYxh0eHlUD5R3hQJn
6LnSLT5u7FvhHwq2wpua9abl95IoVhewmlYGtwa6Tv8d0rWQzGtETODz3tZ6n2pH
iu9kOWP+7nR5L7hhib1UaTg0yJppimA1fmUeGAFmEjvbWPo6bzO2Dhy1SQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKf9Dd0i/BsSc7g806DGSSpUltLUMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcF8wTjNTTDhHeEp6dUR6VG9NWkpLbFNXMHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADMNVvKoKRelqxKrkOOT
+xRd835BWmDxhKd4v6PA4w4ydfbqKLaW8LjM0P3LvSPY3ts3roW0U0E0FOLiJUck
wvoD3F4IIW18YTYwhozs+gWJEDGcy9EDuhKS5k3zJaJlZN1GkgacFB+DUSujCYGj
+bIpZ6BWKX48QPyM9d1Ndh9w9b3CbLioHIvqdQd0hvo64Mem1+d+aaek3LGjgfjM
AxouW/V5xM7bj8lU9OaYhTZxf2Sbtz6kOAE1+wgCaTxFestk4uA99EOP106D68XV
z1iKxX5zEYcSjYyzvE80w8uT9alKekNukkNffzC4d48zJ2Eq1TVpPtNNxELntG2H
rRY=
-----END CERTIFICATE-----
Generated at Mon Jun 16 05:21:46 2025 by rpki-client