Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2rhQOCmnnez1meacwMQPLWgTDuI.roa
File: 2rhQOCmnnez1meacwMQPLWgTDuI.roa (raw, json)
Hash identifier: OrmRO/kB9v79A+I1xa8pTK8uwdx2rZNsUeZui9NMz74=
Subject key identifier: DA:B8:50:38:29:A7:9D:EC:F5:99:E6:9C:C0:C4:0F:2D:68:13:0E:E2
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9AB333D92BD1749F6198501D4B6E66DC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2rhQOCmnnez1meacwMQPLWgTDuI.roa
Signing time: Fri 15 Sep 2023 21:15:50 +0000
ROA not before: Fri 15 Sep 2023 21:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9a:b3:33:d9:2b:d1:74:9f:61:98:50:1d:4b:6e:66:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 15 21:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dab8503829a79decf599e69cc0c40f2d68130ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6a:a6:ee:df:bf:fb:11:8d:21:ba:99:fd:3a:
6f:12:a7:74:91:bd:df:06:db:df:25:c4:dd:71:b8:
8f:62:7a:7c:8e:ac:31:26:32:17:92:6e:2d:35:d7:
5d:54:67:44:e8:e3:9b:75:65:81:4b:bd:0d:ec:36:
e2:77:53:a1:cd:3c:ab:10:51:3b:4f:bf:5e:cd:38:
91:e1:52:c6:d0:4a:b0:ba:be:8f:ea:23:ee:18:62:
9d:14:31:5f:1f:18:3a:32:4c:4b:48:54:69:ab:bf:
b5:e8:ec:96:d6:4b:01:54:7f:62:5e:a6:40:cc:9a:
76:3b:54:ba:d7:87:b3:85:27:99:d0:5b:20:04:d8:
1a:82:84:25:8f:bb:fe:fe:80:7b:2d:8f:96:b6:52:
f5:78:dd:fe:7c:bb:4e:85:33:df:bd:e9:08:fa:3b:
0b:d2:6d:3d:03:77:e8:8b:e7:51:59:2a:f2:ba:98:
84:5b:c9:84:3c:ed:b5:55:ac:fa:0c:51:8e:99:a7:
38:ba:e9:34:94:bc:f5:10:3a:38:86:3a:b4:6c:3f:
f6:e0:60:b4:e9:0a:49:c6:25:1f:c5:ad:cb:e0:bc:
12:20:a4:c3:f7:95:d7:ff:90:40:67:bd:5c:81:04:
1c:72:ae:af:30:98:ab:54:7f:16:5c:3c:30:7a:30:
d5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B8:50:38:29:A7:9D:EC:F5:99:E6:9C:C0:C4:0F:2D:68:13:0E:E2
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/2rhQOCmnnez1meacwMQPLWgTDuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:fd:de:44:a1:94:3f:1b:5a:d5:a9:c9:f0:37:b1:4c:94:6c:
83:84:cd:f7:36:ef:78:53:d8:b1:54:23:cf:12:55:77:a8:57:
26:46:20:b5:26:2d:e8:54:ab:8f:41:34:1e:0a:c8:22:d4:77:
17:fe:e5:27:ac:3d:1e:8b:35:4c:fe:32:0b:f5:18:b4:8b:04:
f3:bf:72:6c:c5:d8:24:8b:25:c6:1e:f4:ac:7a:69:cb:7a:96:
9f:ac:ef:92:fb:44:d5:65:5d:7d:48:72:5d:b3:d9:08:a1:ec:
7f:56:9c:54:34:09:8c:55:8c:10:f1:3b:42:a6:42:7a:aa:5f:
f7:61:08:0f:9e:e2:ac:e9:b3:53:34:12:cf:e3:4c:a7:59:93:
24:36:13:ac:05:7e:bb:b1:c8:35:ff:bb:08:4d:07:82:ee:e1:
b4:fb:8b:2c:50:28:58:52:3e:d1:8e:7a:36:f7:f1:98:5c:ae:
60:05:55:c3:4c:d4:ac:ed:9a:10:58:61:ab:51:55:a4:24:e5:
06:6f:ad:5b:3a:d1:cf:4b:05:ed:94:95:7d:bb:96:e8:bf:69:
dc:bc:b4:95:ee:da:4a:f6:86:9a:ca:c5:3a:04:e3:22:d2:fc:
8d:f9:06:43:64:75:f2:2a:1b:44:59:45:54:0d:1c:8f:d5:41:
aa:f4:9a:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqaszPZK9F0n2GYUB1LbmbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE1MjExNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWI4NTAzODI5YTc5ZGVjZjU5OWU2OWNjMGM0MGYyZDY4MTMwZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2qm7t+/+xGNIbqZ/TpvEqd0kb3f
BtvfJcTdcbiPYnp8jqwxJjIXkm4tNdddVGdE6OObdWWBS70N7Dbid1OhzTyrEFE7
T79ezTiR4VLG0Eqwur6P6iPuGGKdFDFfHxg6MkxLSFRpq7+16OyW1ksBVH9iXqZA
zJp2O1S614ezhSeZ0FsgBNgagoQlj7v+/oB7LY+WtlL1eN3+fLtOhTPfvekI+jsL
0m09A3foi+dRWSryupiEW8mEPO21Vaz6DFGOmac4uuk0lLz1EDo4hjq0bD/24GC0
6QpJxiUfxa3L4LwSIKTD95XX/5BAZ71cgQQccq6vMJirVH8WXDwwejDVYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNq4UDgpp53s9ZnmnMDEDy1oEw7iMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMnJoUU9DbW5uZXoxbWVhY3dNUVBMV2dURHVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABf93kShlD8bWtWpyfA3
sUyUbIOEzfc273hT2LFUI88SVXeoVyZGILUmLehUq49BNB4KyCLUdxf+5SesPR6L
NUz+Mgv1GLSLBPO/cmzF2CSLJcYe9Kx6act6lp+s75L7RNVlXX1Icl2z2Qih7H9W
nFQ0CYxVjBDxO0KmQnqqX/dhCA+e4qzps1M0Es/jTKdZkyQ2E6wFfruxyDX/uwhN
B4Lu4bT7iyxQKFhSPtGOejb38ZhcrmAFVcNM1KztmhBYYatRVaQk5QZvrVs60c9L
Be2UlX27lui/ady8tJXu2kr2hprKxToE4yLS/I35BkNkdfIqG0RZRVQNHI/VQar0
mp0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org