Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2hnoFLjjSzI0o4BDaz5IP-E4K5Q.roa
File: 2hnoFLjjSzI0o4BDaz5IP-E4K5Q.roa (raw, json)
Hash identifier: jOxf+039OP87v964WLsPDBULCdDfVFSityrEAcg2LqE=
Subject key identifier: DA:19:E8:14:B8:E3:4B:32:34:A3:80:43:6B:3E:48:3F:E1:38:2B:94
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A59E7E6DC60B7E1D3E6E9EC4BC1FD5308
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2hnoFLjjSzI0o4BDaz5IP-E4K5Q.roa
Signing time: Sun 03 Sep 2023 07:18:04 +0000
ROA not before: Sun 03 Sep 2023 07:18:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:59:e7:e6:dc:60:b7:e1:d3:e6:e9:ec:4b:c1:fd:53:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 07:18:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da19e814b8e34b3234a380436b3e483fe1382b94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:09:50:29:6d:b3:fc:55:90:44:62:3a:fd:19:
fe:1f:ab:be:01:c9:44:a7:ec:34:61:bc:1d:35:41:
f1:e2:89:31:d8:5f:5e:10:d5:87:95:d0:7d:41:ff:
74:e7:6c:d3:54:fc:69:ff:27:eb:7b:6f:36:66:3c:
e3:fe:b4:3c:43:fd:e1:60:62:1d:04:51:de:df:a6:
cd:98:93:08:cc:16:c3:3d:20:04:2c:eb:13:3b:34:
31:d3:29:1e:c1:db:de:f4:97:4d:ab:fc:5c:96:da:
7a:83:a2:d9:fe:ff:78:00:07:3e:96:78:25:57:37:
fd:ec:14:d6:aa:3a:e2:a2:68:98:f2:f7:75:72:cf:
ca:10:66:07:a9:97:41:d6:3b:ab:a8:4d:f2:18:55:
15:9a:fe:3b:b0:ac:cc:bf:8a:f0:d0:e0:f5:c4:6f:
e2:b7:6d:6b:73:c0:57:be:10:52:59:e0:f9:58:1c:
ca:95:36:38:f7:9a:ce:4f:1d:7e:6c:6a:bc:40:81:
9f:b8:41:60:2b:90:4e:b1:dd:e1:1f:be:4a:54:31:
14:e4:ef:39:7a:d1:04:ae:c1:69:6c:cb:71:00:3a:
6e:48:14:32:c1:41:df:b6:7a:06:7e:6e:51:e6:d4:
a7:88:96:93:c7:d0:14:3b:f8:74:0f:a4:56:f1:10:
61:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:19:E8:14:B8:E3:4B:32:34:A3:80:43:6B:3E:48:3F:E1:38:2B:94
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2hnoFLjjSzI0o4BDaz5IP-E4K5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:dc:8b:3b:8d:b7:b9:46:69:d9:60:55:93:7e:0d:f6:b3:1a:
39:fb:85:6f:1f:ea:bc:d5:40:17:e3:5c:d1:7f:d2:90:aa:d9:
44:cf:4a:33:2e:a1:c1:68:3b:f3:6c:75:2e:96:e1:d5:af:9d:
7f:0b:63:6b:15:84:78:c7:c1:f9:4f:1f:15:95:6b:c1:a7:71:
80:ab:37:2f:1e:65:45:a1:34:9c:bc:3c:fe:51:02:a0:59:8e:
1c:ae:72:82:a9:26:99:cd:e9:75:a3:e4:28:94:2e:6c:e4:10:
5b:d5:36:30:04:b9:ef:0a:82:b4:56:b3:f1:a9:58:c8:23:a8:
8a:14:d2:aa:59:29:2c:1c:23:41:9f:4a:4a:03:98:75:a5:9b:
7e:2d:c7:d1:07:e3:ea:9a:b9:34:05:72:41:c1:57:80:18:c2:
f5:02:aa:d1:21:f6:35:a7:1c:f1:1e:39:08:ce:4a:3f:aa:49:
f7:ec:27:61:64:40:1b:6c:e1:fc:10:dd:06:78:cd:2b:e2:a4:
97:98:b4:20:db:30:50:bd:c1:2d:04:a8:b8:b8:df:ed:6b:12:
4a:2a:46:1d:7a:ee:96:82:7c:0f:3d:75:d1:64:67:62:0e:ab:
0a:a4:5d:a2:f9:2c:8c:28:93:30:10:d3:a1:2c:d2:20:ec:51:
32:3a:5c:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpZ5+bcYLfh0+bp7EvB/VMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMDcxODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTE5ZTgxNGI4ZTM0YjMyMzRhMzgwNDM2YjNlNDgzZmUxMzgyYjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQlQKW2z/FWQRGI6/Rn+H6u+AclE
p+w0YbwdNUHx4okx2F9eENWHldB9Qf9052zTVPxp/yfre282Zjzj/rQ8Q/3hYGId
BFHe36bNmJMIzBbDPSAELOsTOzQx0ykewdve9JdNq/xcltp6g6LZ/v94AAc+lngl
Vzf97BTWqjriomiY8vd1cs/KEGYHqZdB1jurqE3yGFUVmv47sKzMv4rw0OD1xG/i
t21rc8BXvhBSWeD5WBzKlTY495rOTx1+bGq8QIGfuEFgK5BOsd3hH75KVDEU5O85
etEErsFpbMtxADpuSBQywUHftnoGfm5R5tSniJaTx9AUO/h0D6RW8RBhJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNoZ6BS440syNKOAQ2s+SD/hOCuUMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMmhub0ZMampTekkwbzRCRGF6NUlQLUU0SzVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAXcizuNt7lGadlgVZN+
DfazGjn7hW8f6rzVQBfjXNF/0pCq2UTPSjMuocFoO/NsdS6W4dWvnX8LY2sVhHjH
wflPHxWVa8GncYCrNy8eZUWhNJy8PP5RAqBZjhyucoKpJpnN6XWj5CiULmzkEFvV
NjAEue8KgrRWs/GpWMgjqIoU0qpZKSwcI0GfSkoDmHWlm34tx9EH4+qauTQFckHB
V4AYwvUCqtEh9jWnHPEeOQjOSj+qSffsJ2FkQBts4fwQ3QZ4zSvipJeYtCDbMFC9
wS0EqLi43+1rEkoqRh167paCfA89ddFkZ2IOqwqkXaL5LIwokzAQ06Es0iDsUTI6
XFI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:55 2024 by rpki-client on console-fra.rpki-client.org