Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2PFYMweQLK0UWXSy0iQDp6jQ_I8.roa
File: 2PFYMweQLK0UWXSy0iQDp6jQ_I8.roa (raw, json)
Hash identifier: JgzSzYpBHAAH0lUidwaK4+bHHKTEBdV2F7yuX9gW2mA=
Subject key identifier: D8:F1:58:33:07:90:2C:AD:14:59:74:B2:D2:24:03:A7:A8:D0:FC:8F
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A560A063E0C9806B7DA5EF3C0C46CD2EE
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2PFYMweQLK0UWXSy0iQDp6jQ_I8.roa
Signing time: Sat 02 Sep 2023 13:16:52 +0000
ROA not before: Sat 02 Sep 2023 13:16:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:56:0a:06:3e:0c:98:06:b7:da:5e:f3:c0:c4:6c:d2:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 13:16:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8f1583307902cad145974b2d22403a7a8d0fc8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a0:78:67:88:97:62:00:dc:27:51:f8:9c:ff:
e8:41:8e:bf:05:e9:bf:16:5c:74:9f:ab:09:60:a7:
c5:06:5a:5c:5f:f1:9d:cf:15:00:cb:a5:fc:ff:0c:
3e:e2:62:4f:11:06:f4:51:9d:27:26:0d:fb:22:4c:
86:4f:28:eb:fe:4b:00:a0:7d:3a:e5:36:ad:6e:55:
74:b6:e4:d9:b6:c5:3b:63:9e:23:99:29:9e:7a:fb:
ba:44:d9:e5:3e:76:19:0e:0a:f4:b5:5d:f5:0f:2e:
4f:db:08:01:01:ce:13:e0:40:e3:5f:a3:0e:3d:bd:
32:0c:0b:10:e1:57:ec:54:bb:9d:e7:d2:66:1e:b1:
ea:d1:a7:d3:dd:90:83:38:1c:43:6e:21:8e:8c:bf:
01:0f:fe:be:18:15:42:1c:f6:76:4a:3d:93:66:d6:
4b:7e:cd:39:6e:c3:32:41:70:c9:0d:6c:0d:d9:4b:
b5:2e:d1:85:34:a1:e3:f6:16:22:7f:67:e6:25:5e:
be:f4:05:2e:5b:dc:15:bc:16:21:0f:b9:b8:74:10:
86:c5:97:b9:be:c8:5b:ed:b3:67:44:4b:75:81:85:
9b:2d:b5:20:78:ab:e9:65:f8:17:fd:3e:d2:fd:b1:
9b:bd:10:a0:82:f9:00:bb:bc:d5:da:af:83:53:c8:
7b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F1:58:33:07:90:2C:AD:14:59:74:B2:D2:24:03:A7:A8:D0:FC:8F
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2PFYMweQLK0UWXSy0iQDp6jQ_I8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
48:95:d3:ca:63:86:82:5e:1c:94:14:f7:6b:12:a1:31:ef:80:
aa:38:bc:db:90:a7:74:48:62:29:26:0b:22:06:ff:b0:d9:6a:
e9:d2:ab:bb:1d:66:03:94:59:ac:67:01:43:61:1a:07:c4:e3:
8a:e0:6a:0f:e2:e2:0b:5f:5f:84:33:1e:1a:6a:86:70:94:bc:
9a:e0:09:b6:73:47:8e:18:37:21:c6:59:f9:4c:37:a0:ec:3c:
61:13:fa:36:3f:13:40:9e:24:59:47:40:e1:9b:3c:72:bc:ad:
58:01:66:d4:fa:a3:42:68:71:ca:30:ef:a6:45:2a:d5:a3:70:
2f:0c:63:41:16:51:be:24:c5:7e:50:e3:49:d9:04:29:d8:6a:
d9:37:84:bb:58:db:9c:f8:d7:76:f7:9a:ec:b3:e7:a5:37:7b:
9f:91:26:e0:81:ca:64:73:d0:51:f0:bf:f8:e6:4e:5c:74:7d:
1b:0f:23:93:46:10:b7:e2:c1:59:30:7d:33:d9:82:1e:bf:75:
6b:38:ec:9f:6f:f3:90:a6:c5:fe:eb:8b:91:3b:a4:8a:c2:54:
34:72:5c:7e:c6:86:51:38:f0:50:a6:31:d8:d0:ff:8c:ae:7a:
8b:08:84:3a:54:35:ee:af:af:b5:d9:f3:45:40:7b:15:74:ed:
bc:77:f5:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpWCgY+DJgGt9pe88DEbNLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMTMxNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGYxNTgzMzA3OTAyY2FkMTQ1OTc0YjJkMjI0MDNhN2E4ZDBmYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKB4Z4iXYgDcJ1H4nP/oQY6/Bem/
Flx0n6sJYKfFBlpcX/GdzxUAy6X8/ww+4mJPEQb0UZ0nJg37IkyGTyjr/ksAoH06
5TatblV0tuTZtsU7Y54jmSmeevu6RNnlPnYZDgr0tV31Dy5P2wgBAc4T4EDjX6MO
Pb0yDAsQ4VfsVLud59JmHrHq0afT3ZCDOBxDbiGOjL8BD/6+GBVCHPZ2Sj2TZtZL
fs05bsMyQXDJDWwN2Uu1LtGFNKHj9hYif2fmJV6+9AUuW9wVvBYhD7m4dBCGxZe5
vshb7bNnREt1gYWbLbUgeKvpZfgX/T7S/bGbvRCggvkAu7zV2q+DU8h7lQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNjxWDMHkCytFFl0stIkA6eo0PyPMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMlBGWU13ZVFMSzBVV1hTeTBpUURwNmpRX0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEiV08pjhoJeHJQU92sS
oTHvgKo4vNuQp3RIYikmCyIG/7DZaunSq7sdZgOUWaxnAUNhGgfE44rgag/i4gtf
X4QzHhpqhnCUvJrgCbZzR44YNyHGWflMN6DsPGET+jY/E0CeJFlHQOGbPHK8rVgB
ZtT6o0Joccow76ZFKtWjcC8MY0EWUb4kxX5Q40nZBCnYatk3hLtY25z413b3muyz
56U3e5+RJuCBymRz0FHwv/jmTlx0fRsPI5NGELfiwVkwfTPZgh6/dWs47J9v85Cm
xf7ri5E7pIrCVDRyXH7GhlE48FCmMdjQ/4yueosIhDpUNe6vr7XZ80VAexV07bx3
9SA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org