Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0ths6cYFjKNUXNpT5si-3BunwcY.roa
File: 0ths6cYFjKNUXNpT5si-3BunwcY.roa (raw, json)
Hash identifier: AxLbUTXBSzVIpsIEHqDpZwJsoEHEIc1GF5SLtQWYvPk=
Subject key identifier: D2:D8:6C:E9:C6:05:8C:A3:54:5C:DA:53:E6:C8:BE:DC:1B:A7:C1:C6
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A484E6A3145AFD9E5DD4DA9DF9ED90F27
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0ths6cYFjKNUXNpT5si-3BunwcY.roa
Signing time: Wed 30 Aug 2023 21:16:53 +0000
ROA not before: Wed 30 Aug 2023 21:16:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:48:4e:6a:31:45:af:d9:e5:dd:4d:a9:df:9e:d9:0f:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 21:16:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2d86ce9c6058ca3545cda53e6c8bedc1ba7c1c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:37:b5:bd:47:61:4e:1e:55:65:dc:1b:f3:9a:
06:e3:44:ba:48:99:48:df:b2:75:2c:c4:74:77:32:
82:b1:d0:ab:07:eb:28:5c:75:5a:20:9d:37:ee:8d:
72:fb:3c:37:7b:1b:58:4a:9f:e1:96:9e:0c:95:b7:
41:96:8b:8f:83:da:65:38:a5:11:3e:af:2f:f7:85:
35:8b:f6:86:13:f9:e1:3e:f6:34:49:30:72:75:e8:
f5:5d:9a:a3:10:4d:2c:4c:f6:75:eb:a3:d4:a5:14:
7f:49:fb:b1:7e:85:9e:35:d0:2f:7e:a9:86:4c:e6:
c1:26:a7:03:69:4a:b6:1c:80:7d:12:0f:3d:62:3e:
3e:1d:2f:a2:03:d7:75:80:25:35:6c:b7:52:e7:87:
3a:31:f6:af:9c:2f:f1:f2:f6:b2:91:50:04:a1:e8:
99:77:a6:b0:51:a5:b1:f0:77:b6:40:db:2d:60:62:
df:7e:70:d0:44:76:39:39:8f:c0:23:6c:1c:78:ca:
3b:a9:59:79:53:e5:0b:2e:dd:63:2e:49:40:2b:b7:
e0:06:31:ea:08:69:35:69:aa:7c:c1:e2:c2:aa:14:
64:3c:c9:2c:5c:00:4f:89:ad:22:dc:ff:0a:4b:79:
43:2b:08:e8:8c:e1:ca:f6:c2:d1:8c:3f:d2:34:bd:
25:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D8:6C:E9:C6:05:8C:A3:54:5C:DA:53:E6:C8:BE:DC:1B:A7:C1:C6
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0ths6cYFjKNUXNpT5si-3BunwcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:25:67:ee:49:c7:0e:57:e5:d4:ee:68:9c:92:39:8a:a0:ce:
53:d3:7b:4f:08:e4:30:e1:02:93:1f:a9:e0:27:d6:e0:04:d9:
74:7f:45:e6:fa:a3:69:e8:b6:48:13:9d:c7:bc:5c:56:5e:85:
53:b0:74:90:ba:4c:c0:f8:e7:00:c4:7b:15:36:1a:d5:fd:a5:
62:99:89:47:92:02:0e:ab:eb:83:cc:3e:bd:0b:51:d0:71:08:
44:69:8a:90:a2:fa:26:5f:40:36:cc:90:4e:c2:1c:d2:65:8d:
9f:a5:7b:fa:8b:b4:43:ff:48:2a:d3:45:da:c5:dc:46:34:8e:
37:a3:ba:f6:43:af:c3:af:29:66:fc:5b:ac:9f:57:00:f3:92:
a5:8b:84:74:1e:ae:f1:7f:eb:3b:85:f9:f1:37:e5:90:84:b6:
4d:51:03:9a:ee:41:bc:3b:7f:04:3d:21:dd:d3:f3:b8:34:3e:
39:04:f8:ca:d7:e9:8f:d4:00:83:4c:a3:87:d3:77:dd:ce:ad:
0a:99:5d:d2:04:d6:1c:12:e6:94:d8:a1:3d:b7:d9:97:11:3a:
00:4b:e1:38:9d:49:7b:4e:2b:9c:72:71:80:27:b9:61:a3:7f:
2f:80:30:99:55:b3:f7:89:43:b9:38:a6:f1:bc:05:49:45:a8:
02:b6:b0:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpITmoxRa/Z5d1Nqd+e2Q8nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMjExNjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmQ4NmNlOWM2MDU4Y2EzNTQ1Y2RhNTNlNmM4YmVkYzFiYTdjMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDe1vUdhTh5VZdwb85oG40S6SJlI
37J1LMR0dzKCsdCrB+soXHVaIJ037o1y+zw3extYSp/hlp4MlbdBlouPg9plOKUR
Pq8v94U1i/aGE/nhPvY0STBydej1XZqjEE0sTPZ166PUpRR/SfuxfoWeNdAvfqmG
TObBJqcDaUq2HIB9Eg89Yj4+HS+iA9d1gCU1bLdS54c6MfavnC/x8vaykVAEoeiZ
d6awUaWx8He2QNstYGLffnDQRHY5OY/AI2wceMo7qVl5U+ULLt1jLklAK7fgBjHq
CGk1aap8weLCqhRkPMksXABPia0i3P8KS3lDKwjojOHK9sLRjD/SNL0liQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNLYbOnGBYyjVFzaU+bIvtwbp8HGMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMHRoczZjWUZqS05VWE5wVDVzaS0zQnVud2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACElZ+5Jxw5X5dTuaJyS
OYqgzlPTe08I5DDhApMfqeAn1uAE2XR/Reb6o2notkgTnce8XFZehVOwdJC6TMD4
5wDEexU2GtX9pWKZiUeSAg6r64PMPr0LUdBxCERpipCi+iZfQDbMkE7CHNJljZ+l
e/qLtEP/SCrTRdrF3EY0jjejuvZDr8OvKWb8W6yfVwDzkqWLhHQervF/6zuF+fE3
5ZCEtk1RA5ruQbw7fwQ9Id3T87g0PjkE+MrX6Y/UAINMo4fTd93OrQqZXdIE1hwS
5pTYoT232ZcROgBL4TidSXtOK5xycYAnuWGjfy+AMJlVs/eJQ7k4pvG8BUlFqAK2
sLg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:55 2024 by rpki-client on console-fra.rpki-client.org