Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/3vvwKnzmq9f2CYvmWgn6Vto1jlc.roa
File: 3vvwKnzmq9f2CYvmWgn6Vto1jlc.roa (raw, json)
Hash identifier: 1t7qrJPJK3JPOb9rAyRP+ZjrXloZh6sixu82wrar1r8=
Subject key identifier: DE:FB:F0:2A:7C:E6:AB:D7:F6:09:8B:E6:5A:09:FA:56:DA:35:8E:57
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A52D6D0BF64D887227AEFDF2943D13B0C
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/3vvwKnzmq9f2CYvmWgn6Vto1jlc.roa
Signing time: Fri 01 Sep 2023 22:22:04 +0000
ROA not before: Fri 01 Sep 2023 22:22:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:52:d6:d0:bf:64:d8:87:22:7a:ef:df:29:43:d1:3b:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 22:22:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=defbf02a7ce6abd7f6098be65a09fa56da358e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b5:dc:99:86:83:71:09:8b:f2:c5:78:c2:9a:
6b:3f:5f:65:dc:2d:24:7d:df:00:09:6a:b4:6b:4e:
ae:28:71:6a:87:b7:be:1b:bb:fe:2f:95:49:2c:7e:
ad:51:72:ed:4c:f3:60:a2:65:f1:b2:95:fb:6b:c7:
ad:9e:73:57:6c:b5:95:f4:20:8c:33:76:63:06:7d:
b8:12:f1:a0:c1:de:76:98:c7:21:fe:53:40:13:4d:
ae:76:3a:6c:2d:f1:bd:f0:9a:f2:a9:44:a8:11:fc:
5f:a0:d5:e4:b6:35:93:8a:3e:7a:91:06:23:76:9d:
90:77:84:82:de:60:b2:6c:95:72:c7:2e:84:a3:68:
39:f1:1f:7e:72:b8:3f:77:31:fe:7a:99:05:53:c4:
a1:8b:07:1d:41:71:2f:36:1c:0a:2d:fc:90:17:29:
df:67:6f:0c:89:85:fa:09:a4:83:05:fe:11:69:0d:
e1:a3:f1:0f:02:22:0e:c0:e9:53:5b:ab:de:7a:6d:
55:0b:94:a4:ad:fd:5f:1c:c2:0f:ac:b5:0c:a8:59:
16:40:0d:f2:77:98:48:51:39:53:ab:c8:54:a5:d3:
df:fc:a1:74:12:9f:9b:e3:c5:36:b2:91:18:0e:79:
a8:79:e4:18:67:38:46:e9:9a:e3:65:e3:ab:8d:10:
47:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:FB:F0:2A:7C:E6:AB:D7:F6:09:8B:E6:5A:09:FA:56:DA:35:8E:57
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/3vvwKnzmq9f2CYvmWgn6Vto1jlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:f6:c7:85:48:9b:50:46:a8:ed:d5:78:46:96:cb:6b:30:79:
59:05:26:d5:ff:25:0c:84:f0:fa:0a:54:56:c5:a5:6c:f4:72:
c6:fc:47:05:37:05:2e:ea:25:cc:f4:cd:55:86:0e:08:61:59:
c3:2a:4d:80:16:8c:2b:61:fe:ce:3a:e7:82:a2:5e:c4:5e:f7:
bc:16:4d:aa:52:ed:a9:6e:18:5d:74:b7:62:72:19:10:1e:b6:
70:c6:28:5d:cd:4e:96:f7:b4:64:7f:5e:f6:2c:23:a7:7b:5c:
56:90:e4:ed:01:40:dd:b3:4e:a2:3a:5f:9c:07:d5:a6:a5:31:
2d:45:9b:5c:b5:d2:81:84:17:b5:27:1e:8e:5d:78:f1:2b:08:
42:b7:bf:f9:5e:d0:8d:1a:70:d0:0d:f8:ea:2b:a0:0f:c4:16:
69:79:c7:8e:07:ec:b5:5e:71:26:c5:48:ba:ac:50:35:e8:4d:
4e:41:81:d5:01:aa:59:33:08:18:87:ed:8f:cf:49:46:a5:7a:
25:0d:1f:70:ef:21:f1:ca:22:69:1a:7f:c5:bb:dc:53:f7:9a:
57:9f:ce:5d:d3:86:b5:11:98:f4:1e:2d:98:e8:a4:47:49:ba:
d5:77:94:b4:e3:05:75:cb:78:3c:b3:1d:70:a2:9b:84:55:ce:
2e:dc:ec:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpS1tC/ZNiHInrv3ylD0TsMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMjIyMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWZiZjAyYTdjZTZhYmQ3ZjYwOThiZTY1YTA5ZmE1NmRhMzU4ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLXcmYaDcQmL8sV4wpprP19l3C0k
fd8ACWq0a06uKHFqh7e+G7v+L5VJLH6tUXLtTPNgomXxspX7a8etnnNXbLWV9CCM
M3ZjBn24EvGgwd52mMch/lNAE02udjpsLfG98JryqUSoEfxfoNXktjWTij56kQYj
dp2Qd4SC3mCybJVyxy6Eo2g58R9+crg/dzH+epkFU8ShiwcdQXEvNhwKLfyQFynf
Z28MiYX6CaSDBf4RaQ3ho/EPAiIOwOlTW6veem1VC5Skrf1fHMIPrLUMqFkWQA3y
d5hIUTlTq8hUpdPf/KF0Ep+b48U2spEYDnmoeeQYZzhG6ZrjZeOrjRBHdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN778Cp85qvX9gmL5loJ+lbaNY5XMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvM3Z2d0tuem1xOWYyQ1l2bVdnbjZWdG8xamxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAz2x4VIm1BGqO3VeEaW
y2sweVkFJtX/JQyE8PoKVFbFpWz0csb8RwU3BS7qJcz0zVWGDghhWcMqTYAWjCth
/s4654KiXsRe97wWTapS7aluGF10t2JyGRAetnDGKF3NTpb3tGR/XvYsI6d7XFaQ
5O0BQN2zTqI6X5wH1aalMS1Fm1y10oGEF7UnHo5dePErCEK3v/le0I0acNAN+Oor
oA/EFml5x44H7LVecSbFSLqsUDXoTU5BgdUBqlkzCBiH7Y/PSUaleiUNH3DvIfHK
Imkaf8W73FP3mlefzl3ThrURmPQeLZjopEdJutV3lLTjBXXLeDyzHXCim4RVzi7c
7L8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:55 2024 by rpki-client on console-fra.rpki-client.org