Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1dMKEQ0QoKePq8Ba6NYOjroys8o.roa
File: 1dMKEQ0QoKePq8Ba6NYOjroys8o.roa (raw, json)
Hash identifier: y4z7W3amxOGYHmYCjK4/DaO2LJmpl/rapa4QDRi6amg=
Subject key identifier: D5:D3:0A:11:0D:10:A0:A7:8F:AB:C0:5A:E8:D6:0E:8E:BA:32:B3:CA
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8193A81BD977C8D7ED5868422EC173A2
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1dMKEQ0QoKePq8Ba6NYOjroys8o.roa
Signing time: Mon 11 Sep 2023 00:10:52 +0000
ROA not before: Mon 11 Sep 2023 00:10:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:81:93:a8:1b:d9:77:c8:d7:ed:58:68:42:2e:c1:73:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 00:10:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5d30a110d10a0a78fabc05ae8d60e8eba32b3ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:53:9a:96:2a:59:19:5d:19:24:c3:26:d8:3d:
4c:14:d8:f7:d7:61:05:c6:ed:7a:5a:9a:da:54:72:
e4:ad:89:ce:e1:e6:e5:8a:c5:cc:f2:cc:95:17:cd:
c1:65:ee:6e:7e:2d:81:75:97:08:cc:9a:47:2e:b7:
e3:32:69:a7:2f:cb:26:5c:b1:8a:f0:96:ec:29:bb:
e4:6a:b9:32:fe:b9:5c:20:cf:19:f9:06:13:4a:5b:
70:b8:43:50:03:25:c0:91:34:ce:7e:0d:56:a9:cd:
cf:5f:1d:58:cf:99:71:a2:27:0c:a6:05:b0:a1:fc:
d5:e3:a8:a2:70:dd:17:25:33:01:c4:31:09:36:9c:
5c:49:9b:60:57:cf:3a:57:bb:14:6b:9f:f3:58:e9:
b5:15:f7:78:ff:7c:8a:c9:a6:ea:23:7d:fe:13:59:
b1:04:da:34:1e:62:2f:b8:20:b5:72:2c:4b:59:5f:
35:27:c2:30:5d:d7:cf:a5:77:0c:63:19:b2:6d:2e:
31:f0:d5:a2:fe:bf:85:2f:f9:ec:ff:71:c9:87:da:
3c:96:ca:88:f7:90:02:e5:9e:ec:3b:f6:1f:d4:2c:
b8:9d:4d:fd:a0:ff:ad:7d:6f:a9:96:26:b3:f4:c3:
4d:8b:64:bd:74:4f:6e:eb:4b:c2:3d:11:65:fb:bd:
0e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D3:0A:11:0D:10:A0:A7:8F:AB:C0:5A:E8:D6:0E:8E:BA:32:B3:CA
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/1dMKEQ0QoKePq8Ba6NYOjroys8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:aa:a3:92:a2:5f:db:ac:33:10:e7:04:d6:11:32:2a:f1:db:
ac:45:a3:06:68:f8:53:fa:09:5a:b4:45:28:28:75:d6:3a:65:
9f:ad:62:b2:58:d3:a3:b4:b5:21:79:e2:ca:92:d1:69:93:d3:
f4:8e:6f:56:2b:dd:c3:ab:d2:f7:07:8f:bf:55:c8:b5:48:5e:
d1:51:05:2b:9c:51:8f:b5:03:39:2c:8c:06:d8:b1:74:fb:1d:
be:d1:eb:b7:fa:25:fa:19:85:90:3f:4d:59:a0:e9:a7:db:55:
cd:7b:1d:c4:52:3f:66:22:24:bf:c7:6f:49:b1:c5:35:a8:53:
7b:b9:36:bd:c1:0f:c9:63:a3:37:8d:8a:cb:a8:89:6d:00:81:
1e:a8:4d:9b:f5:d8:de:ff:c1:10:03:90:08:d0:74:99:9c:0f:
17:23:5c:6f:ee:8f:d6:81:39:9c:af:30:9d:5c:39:2f:77:10:
58:dd:4d:e4:39:89:22:fa:60:14:60:7b:f3:41:72:01:8e:b3:
f9:18:2a:4c:aa:a9:9f:3c:de:e6:04:91:1d:34:b0:c6:19:b1:
aa:b0:ff:89:b5:d0:31:20:51:c5:cf:ce:32:ef:9d:6c:3c:15:
6d:79:aa:c4:2d:3e:b8:d1:f9:67:f9:06:19:c1:e6:0b:11:2f:
f5:99:9b:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqBk6gb2XfI1+1YaEIuwXOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMDAxMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQzMGExMTBkMTBhMGE3OGZhYmMwNWFlOGQ2MGU4ZWJhMzJiM2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1OalipZGV0ZJMMm2D1MFNj312EF
xu16WpraVHLkrYnO4eblisXM8syVF83BZe5ufi2BdZcIzJpHLrfjMmmnL8smXLGK
8JbsKbvkarky/rlcIM8Z+QYTSltwuENQAyXAkTTOfg1Wqc3PXx1Yz5lxoicMpgWw
ofzV46iicN0XJTMBxDEJNpxcSZtgV886V7sUa5/zWOm1Ffd4/3yKyabqI33+E1mx
BNo0HmIvuCC1cixLWV81J8IwXdfPpXcMYxmybS4x8NWi/r+FL/ns/3HJh9o8lsqI
95AC5Z7sO/Yf1Cy4nU39oP+tfW+pliaz9MNNi2S9dE9u60vCPRFl+70ObwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNXTChENEKCnj6vAWujWDo66MrPKMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMWRNS0VRMFFvS2VQcThCYTZOWU9qcm95czhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEeqo5KiX9usMxDnBNYR
Mirx26xFowZo+FP6CVq0RSgoddY6ZZ+tYrJY06O0tSF54sqS0WmT0/SOb1Yr3cOr
0vcHj79VyLVIXtFRBSucUY+1AzksjAbYsXT7Hb7R67f6JfoZhZA/TVmg6afbVc17
HcRSP2YiJL/Hb0mxxTWoU3u5Nr3BD8ljozeNisuoiW0AgR6oTZv12N7/wRADkAjQ
dJmcDxcjXG/uj9aBOZyvMJ1cOS93EFjdTeQ5iSL6YBRge/NBcgGOs/kYKkyqqZ88
3uYEkR00sMYZsaqw/4m10DEgUcXPzjLvnWw8FW15qsQtPrjR+Wf5BhnB5gsRL/WZ
m5k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org