Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/z_05pYoqz05C-NPtn16EFGnif-Q.roa
File: z_05pYoqz05C-NPtn16EFGnif-Q.roa (raw, json)
Hash identifier: 3swe0Yvoc5Q/QVnRLd7RKx68J563LFgjuA0qGMhGPng=
Subject key identifier: CF:FD:39:A5:8A:2A:CF:4E:42:F8:D3:ED:9F:5E:84:14:69:E2:7F:E4
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5B259697C0029FD9B96438730586C158
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/z_05pYoqz05C-NPtn16EFGnif-Q.roa
Signing time: Sun 03 Sep 2023 13:05:04 +0000
ROA not before: Sun 03 Sep 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:5b25:196c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5b:25:96:97:c0:02:9f:d9:b9:64:38:73:05:86:c1:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cffd39a58a2acf4e42f8d3ed9f5e841469e27fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6e:e9:90:18:4b:63:0a:bf:bb:be:56:71:20:
db:1b:c5:d4:bb:69:33:94:c7:66:77:a1:31:ae:f8:
d2:3d:47:53:62:ca:2f:f3:4c:85:37:bf:72:4c:55:
7a:a2:21:c6:82:43:fe:b2:84:0a:20:6c:58:0f:87:
fc:31:35:43:50:32:c5:e9:a2:ae:e4:c7:7b:58:08:
5c:f5:44:e1:fc:27:44:15:82:05:44:79:65:24:e3:
be:db:5a:ef:05:91:8a:16:c7:08:0c:39:71:f1:72:
f4:66:cc:7e:27:c7:79:c4:ca:a1:2e:ff:07:e6:de:
d2:f7:c9:59:a5:b9:50:d6:11:b8:6e:53:31:57:ce:
51:2a:e1:71:58:b9:60:27:ff:75:ff:1e:93:d9:7f:
a7:ee:f8:a9:27:14:6a:48:fe:4b:cb:ab:df:61:04:
08:8f:d5:6d:8c:55:75:c4:41:a3:a9:97:99:d1:0d:
80:46:9b:0c:40:1e:d1:92:3e:fe:c4:ad:55:57:c1:
e7:3e:c0:69:d2:15:f0:1f:18:ba:2c:04:5f:f4:96:
6f:49:17:11:d2:1e:9b:b2:d3:d6:c7:d8:58:80:41:
70:4a:6d:06:25:33:0f:19:04:f1:6b:33:16:f0:f8:
2f:4f:50:31:4c:dd:5f:94:e1:a3:ee:ab:b6:58:3f:
ea:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FD:39:A5:8A:2A:CF:4E:42:F8:D3:ED:9F:5E:84:14:69:E2:7F:E4
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/z_05pYoqz05C-NPtn16EFGnif-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:0a:e1:ba:5a:f9:6d:5a:01:4c:01:77:f7:31:57:51:31:09:
17:78:c0:cf:86:3f:8e:b1:0b:df:89:72:5c:23:2a:73:52:94:
54:6d:c5:32:c1:38:d7:ca:ef:63:9a:15:93:8d:e3:a2:a4:22:
7a:d7:f0:35:f2:a7:da:de:47:09:7b:4b:fb:be:ea:c1:f4:64:
70:be:b3:4f:1d:2b:c8:51:b1:f5:08:44:bf:c1:85:1a:01:b2:
48:ba:d9:ee:ac:56:c6:b6:a8:cb:03:ba:fc:28:1d:04:d2:20:
06:65:a0:7f:19:97:05:ab:e3:9b:c5:1b:b5:e3:7d:6e:b7:60:
91:a7:1f:3d:1b:f3:d6:2b:26:f3:d3:48:9a:b3:0a:f0:6f:87:
27:2c:4b:c6:e1:16:4c:fa:02:14:9f:08:88:cc:8e:48:9c:0f:
55:96:5e:aa:5b:bf:20:43:56:94:53:c0:cf:c4:b0:78:bf:b4:
22:45:99:d5:65:e5:1f:75:0c:43:44:6d:69:e0:a7:18:84:02:
f3:ea:87:a7:8d:21:ba:9d:42:78:0f:a4:a5:35:24:b8:8a:ec:
58:76:96:3c:ce:67:36:de:2e:fb:74:2c:95:2a:ca:93:79:0d:
21:2b:89:42:a4:ba:05:26:1c:bd:45:1d:4f:87:04:f2:2a:a6:
60:d7:fd:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpbJZaXwAKf2blkOHMFhsFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmZkMzlhNThhMmFjZjRlNDJmOGQzZWQ5ZjVlODQxNDY5ZTI3ZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiG7pkBhLYwq/u75WcSDbG8XUu2kz
lMdmd6ExrvjSPUdTYsov80yFN79yTFV6oiHGgkP+soQKIGxYD4f8MTVDUDLF6aKu
5Md7WAhc9UTh/CdEFYIFRHllJOO+21rvBZGKFscIDDlx8XL0Zsx+J8d5xMqhLv8H
5t7S98lZpblQ1hG4blMxV85RKuFxWLlgJ/91/x6T2X+n7vipJxRqSP5Ly6vfYQQI
j9VtjFV1xEGjqZeZ0Q2ARpsMQB7Rkj7+xK1VV8HnPsBp0hXwHxi6LARf9JZvSRcR
0h6bstPWx9hYgEFwSm0GJTMPGQTxazMW8PgvT1AxTN1flOGj7qu2WD/qKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM/9OaWKKs9OQvjT7Z9ehBRp4n/kMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvel8wNXBZb3F6MDVDLU5QdG4xNkVGR25pZi1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABgK4bpa+W1aAUwBd/cx
V1ExCRd4wM+GP46xC9+JclwjKnNSlFRtxTLBONfK72OaFZON46KkInrX8DXyp9re
Rwl7S/u+6sH0ZHC+s08dK8hRsfUIRL/BhRoBski62e6sVsa2qMsDuvwoHQTSIAZl
oH8ZlwWr45vFG7XjfW63YJGnHz0b89YrJvPTSJqzCvBvhycsS8bhFkz6AhSfCIjM
jkicD1WWXqpbvyBDVpRTwM/EsHi/tCJFmdVl5R91DENEbWngpxiEAvPqh6eNIbqd
QngPpKU1JLiK7Fh2ljzOZzbeLvt0LJUqypN5DSEriUKkugUmHL1FHU+HBPIqpmDX
/WY=
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:15:13 2025 by rpki-client