Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pbTO4_IZWKSZaV-AqaE6d2Zg0LE.roa
File: pbTO4_IZWKSZaV-AqaE6d2Zg0LE.roa (raw, json)
Hash identifier: PqkWfiOyWSdJAbuSzWSA7O3o51nUkjdHP2BK08Z4H64=
Subject key identifier: A5:B4:CE:E3:F2:19:58:A4:99:69:5F:80:A9:A1:3A:77:66:60:D0:B1
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA0066C85B45F5081539012223160AF99
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pbTO4_IZWKSZaV-AqaE6d2Zg0LE.roa
Signing time: Sat 16 Sep 2023 22:04:50 +0000
ROA not before: Sat 16 Sep 2023 22:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:a005:d98a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a0:06:6c:85:b4:5f:50:81:53:90:12:22:31:60:af:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 16 22:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5b4cee3f21958a499695f80a9a13a776660d0b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:71:8c:ec:a1:90:bb:0b:74:d7:8b:bd:46:20:
3e:8b:d5:eb:4b:3e:26:ba:4c:5f:fe:7c:08:e1:05:
a2:32:1c:58:cc:88:9b:51:dd:cc:8b:37:06:6d:38:
5f:bf:9f:dc:d2:67:f1:4f:05:71:69:d8:2a:5d:b6:
8f:78:c9:6b:91:ab:c2:9f:6b:d1:01:54:f4:0a:9d:
0e:a8:14:4f:68:7c:62:d2:e3:06:09:2b:db:06:b2:
87:cb:7f:39:de:46:19:98:20:6d:0f:65:1e:76:9d:
44:1e:de:8f:01:10:4d:82:b8:ba:0a:20:60:61:9c:
0f:30:79:84:08:39:a4:ef:12:8a:98:80:82:7c:c5:
69:e9:98:27:8a:6f:20:d2:31:54:43:54:8f:21:73:
4d:c7:16:fb:b8:e9:52:9f:d8:5b:2c:a3:a1:de:53:
3f:7c:4d:3e:0b:0a:f4:cb:2a:14:f3:40:08:07:78:
f2:b7:53:43:8d:44:ef:31:1b:99:38:4d:a1:7b:9e:
da:67:e4:bc:1a:fc:65:14:39:9a:42:8d:ec:38:06:
8b:e1:bc:b0:b2:d5:d7:25:5a:94:b8:03:6b:d7:a0:
a5:b1:41:41:fb:f9:a2:65:1e:2c:43:03:33:db:18:
44:67:7c:59:c7:66:87:76:46:e7:a0:80:1d:c1:92:
88:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B4:CE:E3:F2:19:58:A4:99:69:5F:80:A9:A1:3A:77:66:60:D0:B1
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pbTO4_IZWKSZaV-AqaE6d2Zg0LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:00:5e:dd:30:02:37:3f:5e:7b:0f:d2:84:72:4b:61:0c:14:
b8:60:32:76:6d:56:96:bf:78:18:6e:58:8c:72:32:43:dd:cc:
3d:6e:91:36:26:70:b1:95:a7:07:b9:48:e8:f6:a1:0c:76:75:
d2:e2:79:d5:da:ae:d1:8e:fa:49:76:a6:94:a4:1c:7f:60:2c:
06:fe:82:ec:8b:68:81:20:85:8a:ab:cc:90:fe:94:14:09:c4:
d2:55:71:53:c4:13:80:e8:6a:ec:e1:26:c3:f9:ce:25:83:f8:
1a:ca:ec:ff:96:52:57:8d:2d:41:f8:36:83:4a:94:2c:b3:e6:
a1:82:e3:f4:c8:78:50:61:c4:9f:56:8f:60:ad:a1:52:f4:7f:
5c:4a:61:8c:5b:a1:bb:e2:7f:97:8e:f7:37:e2:41:e4:ee:7a:
8c:d9:0a:6b:c7:4d:6b:c1:04:f6:ad:5e:31:8e:ab:d6:ab:f6:
38:6f:b5:18:e4:2c:65:a2:0d:70:56:d2:9a:57:07:7a:15:36:
71:81:bc:01:7d:82:53:4c:24:e0:15:29:a8:26:24:d8:27:a8:
06:01:92:ba:2d:34:61:af:ba:93:ae:03:38:26:a4:c8:ff:64:
72:e5:4a:f3:19:57:12:50:b2:d8:f2:dd:0f:53:2a:29:23:ce:
3d:02:27:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqgBmyFtF9QgVOQEiIxYK+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE2MjIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWI0Y2VlM2YyMTk1OGE0OTk2OTVmODBhOWExM2E3NzY2NjBkMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3GM7KGQuwt014u9RiA+i9XrSz4m
ukxf/nwI4QWiMhxYzIibUd3MizcGbThfv5/c0mfxTwVxadgqXbaPeMlrkavCn2vR
AVT0Cp0OqBRPaHxi0uMGCSvbBrKHy3853kYZmCBtD2Uedp1EHt6PARBNgri6CiBg
YZwPMHmECDmk7xKKmICCfMVp6Zgnim8g0jFUQ1SPIXNNxxb7uOlSn9hbLKOh3lM/
fE0+Cwr0yyoU80AIB3jyt1NDjUTvMRuZOE2he57aZ+S8GvxlFDmaQo3sOAaL4byw
stXXJVqUuANr16ClsUFB+/miZR4sQwMz2xhEZ3xZx2aHdkbnoIAdwZKILQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKW0zuPyGVikmWlfgKmhOndmYNCxMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcGJUTzRfSVpXS1NaYVYtQXFhRTZkMlpnMExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEMAXt0wAjc/XnsP0oRy
S2EMFLhgMnZtVpa/eBhuWIxyMkPdzD1ukTYmcLGVpwe5SOj2oQx2ddLiedXartGO
+kl2ppSkHH9gLAb+guyLaIEghYqrzJD+lBQJxNJVcVPEE4DoauzhJsP5ziWD+BrK
7P+WUleNLUH4NoNKlCyz5qGC4/TIeFBhxJ9Wj2CtoVL0f1xKYYxbobvif5eO9zfi
QeTueozZCmvHTWvBBPatXjGOq9ar9jhvtRjkLGWiDXBW0ppXB3oVNnGBvAF9glNM
JOAVKagmJNgnqAYBkrotNGGvupOuAzgmpMj/ZHLlSvMZVxJQstjy3Q9TKikjzj0C
J4o=
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:56:03 2025 by rpki-client