Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/319miazY9W3DaFdDxFUcpUMLhjI.roa
File: 319miazY9W3DaFdDxFUcpUMLhjI.roa (raw, json)
Hash identifier: DRxctu3mi6EknCQiZq4DKcQU6yyduw/s/+12NbogktE=
Subject key identifier: DF:5F:66:89:AC:D8:F5:6D:C3:68:57:43:C4:55:1C:A5:43:0B:86:32
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6A6ABB3D03C3BF6363760BD5C38F31B6
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/319miazY9W3DaFdDxFUcpUMLhjI.roa
Signing time: Wed 06 Sep 2023 12:14:54 +0000
ROA not before: Wed 06 Sep 2023 12:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:6a:bb:3d:03:c3:bf:63:63:76:0b:d5:c3:8f:31:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 12:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df5f6689acd8f56dc3685743c4551ca5430b8632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4b:91:a8:50:6d:44:fa:1e:25:ed:b8:89:f6:
74:ff:c3:ef:04:f4:72:ca:a5:06:8c:ce:1a:3a:aa:
f7:01:f8:20:d3:db:08:12:c8:3f:4a:d2:49:06:33:
7a:23:f8:1b:7d:fb:77:99:56:86:89:35:33:be:98:
0e:c5:b6:46:26:f8:ab:ef:80:61:3d:ce:a7:1b:12:
e1:9a:ee:3e:af:0f:f6:fc:da:54:54:8b:d2:b7:bc:
a3:d2:dc:9b:eb:65:87:ba:6d:8b:e8:44:2c:97:75:
73:e8:82:26:b9:17:b1:f4:d9:00:88:f6:50:04:b7:
2b:52:5b:a6:2a:75:ea:5f:95:2d:6b:73:04:fd:32:
a6:f9:41:e3:14:8c:6a:16:8c:25:b3:18:77:79:41:
c3:0d:8f:ee:92:ea:76:cf:1f:2a:28:cf:19:7f:de:
e8:a2:32:3a:3d:3f:d8:b7:e3:6b:e1:c7:0d:36:38:
3d:26:08:db:85:07:61:bd:68:41:89:40:96:ca:3c:
66:94:f0:5d:31:95:29:31:24:b3:e4:a3:a4:00:21:
d7:ef:6a:b4:e5:d4:57:45:e2:93:10:d6:7d:00:8d:
5b:fb:f4:9d:ff:db:e8:81:93:5a:00:81:cd:2b:b2:
df:d6:1b:4f:f9:3a:99:b4:72:af:02:91:a6:5f:79:
0e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:5F:66:89:AC:D8:F5:6D:C3:68:57:43:C4:55:1C:A5:43:0B:86:32
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/319miazY9W3DaFdDxFUcpUMLhjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:93:40:d3:2c:5c:f5:f4:20:2d:21:5f:a4:ed:b0:01:f5:3f:
e9:0c:5c:01:22:00:07:08:ae:48:9e:50:95:12:5b:14:d3:74:
5d:19:d5:0f:05:f9:2e:7a:a9:78:88:f5:5c:52:03:a7:8d:35:
43:54:33:80:e4:6a:02:8c:88:bc:09:1d:73:32:99:b0:93:ca:
ad:cc:0a:23:ee:ba:1e:bb:78:a2:cd:9a:49:01:07:10:93:0f:
5f:8e:d5:c6:0a:41:fe:4e:1f:b7:67:7e:fd:0c:55:7f:fd:05:
13:2a:aa:24:79:9f:f3:dc:ca:d5:2e:84:89:c5:72:87:b5:6d:
8d:cb:75:fb:a3:76:78:e3:d0:3d:2f:8f:8d:03:d0:55:2e:57:
09:23:e5:f7:8a:d8:06:8d:58:93:5a:05:c7:e2:f5:3c:3f:5c:
f7:76:98:e1:df:27:64:43:15:96:de:6d:87:03:72:f3:43:dc:
ca:d8:cd:bc:f6:c3:df:96:48:26:0d:6a:45:76:d8:c3:a4:84:
af:47:73:6b:e7:cd:89:5b:0b:62:73:6c:d9:cd:3f:ae:8a:36:
9c:27:a6:c2:b9:5e:5e:87:be:6a:3d:52:44:c5:bd:f8:84:58:
b3:0e:97:97:5d:d5:cf:17:f4:54:38:52:20:68:df:c7:81:91:
98:3e:bc:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpqars9A8O/Y2N2C9XDjzG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MTIxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjVmNjY4OWFjZDhmNTZkYzM2ODU3NDNjNDU1MWNhNTQzMGI4NjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0uRqFBtRPoeJe24ifZ0/8PvBPRy
yqUGjM4aOqr3Afgg09sIEsg/StJJBjN6I/gbfft3mVaGiTUzvpgOxbZGJvir74Bh
Pc6nGxLhmu4+rw/2/NpUVIvSt7yj0tyb62WHum2L6EQsl3Vz6IImuRex9NkAiPZQ
BLcrUlumKnXqX5Uta3ME/TKm+UHjFIxqFowlsxh3eUHDDY/ukup2zx8qKM8Zf97o
ojI6PT/Yt+Nr4ccNNjg9JgjbhQdhvWhBiUCWyjxmlPBdMZUpMSSz5KOkACHX72q0
5dRXReKTENZ9AI1b+/Sd/9vogZNaAIHNK7Lf1htP+TqZtHKvApGmX3kO3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN9fZoms2PVtw2hXQ8RVHKVDC4YyMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMzE5bWlhelk5VzNEYUZkRHhGVWNwVU1MaGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFiTQNMsXPX0IC0hX6Tt
sAH1P+kMXAEiAAcIrkieUJUSWxTTdF0Z1Q8F+S56qXiI9VxSA6eNNUNUM4DkagKM
iLwJHXMymbCTyq3MCiPuuh67eKLNmkkBBxCTD1+O1cYKQf5OH7dnfv0MVX/9BRMq
qiR5n/PcytUuhInFcoe1bY3Ldfujdnjj0D0vj40D0FUuVwkj5feK2AaNWJNaBcfi
9Tw/XPd2mOHfJ2RDFZbebYcDcvND3MrYzbz2w9+WSCYNakV22MOkhK9Hc2vnzYlb
C2JzbNnNP66KNpwnpsK5Xl6Hvmo9UkTFvfiEWLMOl5dd1c8X9FQ4UiBo38eBkZg+
vK0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:55 2024 by rpki-client on console-fra.rpki-client.org