Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yTGHc9MiaSVxhyPgDgeU84wCWWs.roa
File: yTGHc9MiaSVxhyPgDgeU84wCWWs.roa (raw, json)
Hash identifier: VTL/dWHJeGlAlTa3pENWn+eleHFdsdtiY44rxQjdVl4=
Subject key identifier: C9:31:87:73:D3:22:69:25:71:87:23:E0:0E:07:94:F3:8C:02:59:6B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5A49DC0A1A52868446E7610A9A7A8CE3
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yTGHc9MiaSVxhyPgDgeU84wCWWs.roa
Signing time: Sun 03 Sep 2023 09:05:04 +0000
ROA not before: Sun 03 Sep 2023 09:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:5a49:1f35/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5a:49:dc:0a:1a:52:86:84:46:e7:61:0a:9a:7a:8c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 09:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9318773d3226925718723e00e0794f38c02596b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:61:45:4a:c8:01:bc:1c:53:17:14:d8:40:0d:
43:4d:18:49:cc:27:34:5f:18:98:f8:f5:cb:56:e9:
1b:7f:dc:49:b0:c4:09:c8:28:3d:5d:0c:24:cc:76:
bf:c9:4f:e2:c4:47:c2:b9:c5:f7:c2:ec:1d:d6:54:
35:80:bb:ec:8b:d2:31:84:b8:43:0f:00:de:ba:9a:
d6:73:85:ef:66:5f:ac:57:27:0f:57:11:28:14:24:
16:84:ee:db:51:fb:9a:77:42:29:69:d5:9d:6b:18:
fb:94:a1:c6:cb:76:ec:0d:ef:cc:50:9b:90:3a:85:
ab:fb:e0:87:c1:c3:54:9c:45:30:cf:2e:3a:e9:7f:
be:00:6b:e7:0e:02:c4:7c:09:19:86:a4:e0:ef:61:
7a:ec:19:f7:cf:89:c6:57:cd:9a:c7:7a:a3:f9:fe:
f6:3f:d4:79:17:da:31:26:ff:e2:67:ef:ef:b9:55:
fb:95:1c:a9:11:3f:aa:80:72:86:a0:80:a6:5a:03:
ea:97:d3:d7:f0:24:f5:f2:03:3c:3a:58:4d:c2:ae:
41:72:fe:5b:4c:f6:6f:27:69:85:36:4a:35:00:f1:
1e:40:20:02:9b:9b:b3:6f:cb:52:6b:cb:c7:43:26:
84:ca:84:fe:16:08:9e:18:7f:03:bb:c5:54:c9:91:
86:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:31:87:73:D3:22:69:25:71:87:23:E0:0E:07:94:F3:8C:02:59:6B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yTGHc9MiaSVxhyPgDgeU84wCWWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:ba:b0:07:f7:a1:96:63:c7:f1:f0:31:80:e2:e8:7a:81:b2:
9b:01:5c:61:7c:12:02:83:d0:a7:52:93:13:a8:ed:d6:c3:dc:
ef:28:be:cf:43:35:92:76:59:f4:c9:db:1b:66:4c:1a:47:21:
f0:fe:28:58:8d:67:49:2f:f5:32:4b:64:34:22:38:24:29:f0:
b7:cf:a1:4f:f6:7d:5c:2b:b5:20:32:53:92:36:18:8a:08:80:
43:f3:17:42:95:cc:c5:85:c7:af:06:bf:d1:63:91:76:11:6f:
5c:5d:f2:41:21:05:62:6d:11:64:70:ac:56:91:55:38:44:eb:
97:e2:18:59:64:6a:78:e9:81:a1:6d:94:e8:43:0b:d0:7e:6c:
73:63:e2:da:fd:87:f6:a3:27:4d:75:cf:81:a4:7e:d2:9b:e5:
2f:a8:c6:ae:19:ff:47:7b:96:15:c0:ee:11:bc:8a:ec:b6:53:
8f:6b:ff:92:93:09:93:88:98:6c:e7:f6:5e:38:3e:00:43:2a:
cb:c2:b8:76:84:3c:82:d3:86:81:7c:04:ce:65:df:1f:75:e3:
11:3f:9c:c1:28:ea:bf:a2:db:8a:ae:b5:6e:7b:f6:f5:05:6c:
fc:ea:e0:1d:b4:58:42:4b:c0:d4:b8:b5:e9:cd:60:6d:1b:00:
70:61:1e:7d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpaSdwKGlKGhEbnYQqaeozjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMDkwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTMxODc3M2QzMjI2OTI1NzE4NzIzZTAwZTA3OTRmMzhjMDI1OTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2FFSsgBvBxTFxTYQA1DTRhJzCc0
XxiY+PXLVukbf9xJsMQJyCg9XQwkzHa/yU/ixEfCucX3wuwd1lQ1gLvsi9IxhLhD
DwDeuprWc4XvZl+sVycPVxEoFCQWhO7bUfuad0IpadWdaxj7lKHGy3bsDe/MUJuQ
OoWr++CHwcNUnEUwzy466X++AGvnDgLEfAkZhqTg72F67Bn3z4nGV82ax3qj+f72
P9R5F9oxJv/iZ+/vuVX7lRypET+qgHKGoICmWgPql9PX8CT18gM8OlhNwq5Bcv5b
TPZvJ2mFNko1APEeQCACm5uzb8tSa8vHQyaEyoT+FgieGH8Du8VUyZGGBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMkxh3PTImklcYcj4A4HlPOMAllrMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEveVRHSGM5TWlhU1Z4aHlQZ0RnZVU4NHdDV1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD+6sAf3oZZjx/HwMYDi
6HqBspsBXGF8EgKD0KdSkxOo7dbD3O8ovs9DNZJ2WfTJ2xtmTBpHIfD+KFiNZ0kv
9TJLZDQiOCQp8LfPoU/2fVwrtSAyU5I2GIoIgEPzF0KVzMWFx68Gv9FjkXYRb1xd
8kEhBWJtEWRwrFaRVThE65fiGFlkanjpgaFtlOhDC9B+bHNj4tr9h/ajJ011z4Gk
ftKb5S+oxq4Z/0d7lhXA7hG8iuy2U49r/5KTCZOImGzn9l44PgBDKsvCuHaEPILT
hoF8BM5l3x914xE/nMEo6r+i24qutW579vUFbPzq4B20WEJLwNS4tenNYG0bAHBh
Hn0=
-----END CERTIFICATE-----
Generated at Tue Jun 17 09:19:06 2025 by rpki-client