Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zaC4bO3Ah5oUr83z5XZBo4SEP2g.roa
File: zaC4bO3Ah5oUr83z5XZBo4SEP2g.roa (raw, json)
Hash identifier: 2AVG/aK+nGxGaN4gX1aeROfj52DH0X5DJLhSimCtaJM=
Subject key identifier: CD:A0:B8:6C:ED:C0:87:9A:14:AF:CD:F3:E5:76:41:A3:84:84:3F:68
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6B065FACEE79BD56498B3A526A7AAD52
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zaC4bO3Ah5oUr83z5XZBo4SEP2g.roa
Signing time: Wed 06 Sep 2023 15:04:54 +0000
ROA not before: Wed 06 Sep 2023 15:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:6b05:ce2e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6b:06:5f:ac:ee:79:bd:56:49:8b:3a:52:6a:7a:ad:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 15:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cda0b86cedc0879a14afcdf3e57641a384843f68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:aa:cb:50:84:a3:8e:7f:d8:13:7f:40:27:eb:
9a:b3:94:6c:44:35:42:0f:82:48:d6:84:19:e0:c5:
d7:af:84:02:2f:60:66:19:74:ee:44:8f:b5:73:79:
d5:b0:9d:ac:ab:ca:ba:41:54:31:c2:15:26:82:5e:
37:1a:55:40:b0:bc:76:fe:26:fd:83:55:ea:bc:ef:
b7:c2:b3:90:5c:92:e9:6f:55:16:d4:92:9e:0d:4f:
54:49:c2:67:43:c9:9e:21:e6:3d:93:e6:25:57:47:
0e:1c:c1:48:c6:04:d8:22:6f:3f:81:77:53:ba:ed:
4d:df:1c:03:12:e9:19:91:2f:1d:51:ad:ed:31:5e:
1b:6d:18:c5:01:23:7e:2c:6a:3e:4f:0b:92:7c:38:
65:7d:e9:b4:5d:7a:1c:61:29:bb:98:45:14:5f:2a:
b0:a5:38:e1:75:b6:e2:7c:ec:90:fe:06:5f:0e:50:
de:d3:13:9f:8e:2d:92:c8:0a:ca:ef:8a:f2:93:46:
24:85:c9:88:51:f8:d9:89:a2:4d:c1:40:e6:50:55:
ee:8c:ef:0f:2f:96:d5:4a:02:a8:35:f1:40:53:5f:
f6:c0:d7:b4:cf:4c:7a:d3:a6:92:44:ab:2f:36:eb:
84:e8:38:08:6e:4f:39:82:a1:0b:d9:65:57:c9:e5:
bc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A0:B8:6C:ED:C0:87:9A:14:AF:CD:F3:E5:76:41:A3:84:84:3F:68
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zaC4bO3Ah5oUr83z5XZBo4SEP2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:40:3a:cb:4b:68:d1:aa:fd:7e:77:29:28:26:2b:70:19:57:
d2:cf:b5:82:41:58:a0:02:95:82:85:b5:5b:64:42:51:7d:fe:
c6:46:39:fb:8c:aa:35:e1:0f:5a:0e:c7:97:23:49:ef:df:c1:
bb:1a:ff:f3:a5:96:5b:bd:fc:48:0f:cf:a9:f8:b6:2a:7c:80:
01:84:bf:0a:fd:d7:9c:75:f4:a6:3c:3e:e2:8a:c2:ba:55:3a:
cf:b6:2a:06:9a:6b:28:13:b6:8f:0d:de:4b:38:ba:4f:62:54:
6f:eb:b0:61:35:23:bc:89:ee:92:1b:b9:83:36:30:37:c1:ef:
5d:65:c5:93:74:d0:e5:8b:57:e5:cd:d0:f7:85:cb:30:34:5d:
e0:2b:b9:46:4d:12:8b:c5:a2:c9:39:e9:d8:6d:e1:5d:0c:5c:
05:87:f1:f8:aa:33:e1:0a:fd:25:8f:05:7f:07:cc:2d:58:0f:
c7:0c:3d:49:05:66:e0:62:80:75:a5:30:3d:79:d0:69:3a:db:
f5:99:37:21:96:09:06:3f:cb:c2:d1:28:f7:60:65:96:71:f7:
26:ec:4e:4b:b2:30:ab:f6:68:60:6a:38:92:c4:3d:5c:d8:ba:
ab:b0:34:79:7a:ea:5b:c5:11:cf:86:e6:02:18:84:36:14:9c:
82:c1:da:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYprBl+s7nm9VkmLOlJqeq1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MTUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGEwYjg2Y2VkYzA4NzlhMTRhZmNkZjNlNTc2NDFhMzg0ODQzZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKrLUISjjn/YE39AJ+uas5RsRDVC
D4JI1oQZ4MXXr4QCL2BmGXTuRI+1c3nVsJ2sq8q6QVQxwhUmgl43GlVAsLx2/ib9
g1XqvO+3wrOQXJLpb1UW1JKeDU9UScJnQ8meIeY9k+YlV0cOHMFIxgTYIm8/gXdT
uu1N3xwDEukZkS8dUa3tMV4bbRjFASN+LGo+TwuSfDhlfem0XXocYSm7mEUUXyqw
pTjhdbbifOyQ/gZfDlDe0xOfji2SyArK74ryk0YkhcmIUfjZiaJNwUDmUFXujO8P
L5bVSgKoNfFAU1/2wNe0z0x606aSRKsvNuuE6DgIbk85gqEL2WVXyeW8fQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM2guGztwIeaFK/N8+V2QaOEhD9oMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvemFDNGJPM0FoNW9VcjgzejVYWkJvNFNFUDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAItAOstLaNGq/X53KSgm
K3AZV9LPtYJBWKAClYKFtVtkQlF9/sZGOfuMqjXhD1oOx5cjSe/fwbsa//Olllu9
/EgPz6n4tip8gAGEvwr915x19KY8PuKKwrpVOs+2KgaaaygTto8N3ks4uk9iVG/r
sGE1I7yJ7pIbuYM2MDfB711lxZN00OWLV+XN0PeFyzA0XeAruUZNEovFosk56dht
4V0MXAWH8fiqM+EK/SWPBX8HzC1YD8cMPUkFZuBigHWlMD150Gk62/WZNyGWCQY/
y8LRKPdgZZZx9ybsTkuyMKv2aGBqOJLEPVzYuquwNHl66lvFEc+G5gIYhDYUnILB
2r4=
-----END CERTIFICATE-----
Generated at Wed Jun 18 10:08:10 2025 by rpki-client