Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/58pXbfOGCM6zd11H638NZU-0bHM.roa
File: 58pXbfOGCM6zd11H638NZU-0bHM.roa (raw, json)
Hash identifier: 6M4dUkndsfcuQ4rlbHHngEiQJUgWtMuSDdp7zaUCHY8=
Subject key identifier: E7:CA:57:6D:F3:86:08:CE:B3:77:5D:47:EB:7F:0D:65:4F:B4:6C:73
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4CC7E98A0C84DA9DE7FB45D9D81D4F6F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/58pXbfOGCM6zd11H638NZU-0bHM.roa
Signing time: Thu 31 Aug 2023 18:08:04 +0000
ROA not before: Thu 31 Aug 2023 18:08:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:4cc7:5ada/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4c:c7:e9:8a:0c:84:da:9d:e7:fb:45:d9:d8:1d:4f:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 18:08:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7ca576df38608ceb3775d47eb7f0d654fb46c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dd:35:94:8e:69:76:b4:dd:d0:4d:82:13:21:
43:cd:f4:4d:32:0f:d7:2c:29:ed:f5:f3:b5:85:f4:
be:7e:33:37:3e:82:a0:e4:de:18:75:fd:e0:10:9d:
9f:1a:43:14:d1:93:96:1b:69:65:60:8a:e5:90:77:
af:f1:ed:3e:13:72:df:95:7c:8c:31:48:1b:af:79:
1b:68:87:96:ee:e3:25:11:53:cb:70:98:a7:73:e4:
7b:b6:91:a9:9b:9d:0a:3b:04:b2:7a:2d:1d:0f:9f:
fd:6f:ff:8d:25:3c:35:af:c0:c3:8c:33:dc:8e:5a:
11:50:68:b7:3e:9d:7d:2e:70:53:8c:e8:84:50:fc:
35:0d:fc:22:2b:61:53:63:09:79:e9:1a:95:fa:c3:
5c:bf:bb:60:88:d7:42:17:e4:48:d6:41:33:b2:63:
98:38:85:63:80:cd:48:95:7b:7d:28:57:c9:b0:c3:
e3:be:17:39:26:af:24:b9:cd:db:a7:ed:86:d0:6f:
92:e9:5c:e3:b0:35:be:fe:c9:72:3d:16:7a:e2:00:
52:ed:c9:71:d4:23:e6:ce:1b:68:f2:9f:fb:39:5a:
47:13:1e:39:97:f8:b0:33:01:9e:5f:b9:2b:5c:73:
80:35:70:ca:de:f2:af:73:fa:b8:8f:0b:72:9f:af:
f8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:CA:57:6D:F3:86:08:CE:B3:77:5D:47:EB:7F:0D:65:4F:B4:6C:73
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/58pXbfOGCM6zd11H638NZU-0bHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:1a:b2:f3:70:06:0c:51:21:b6:d2:9c:42:3e:70:4f:fb:9c:
a9:e1:73:2a:2f:ee:ab:54:25:68:07:1f:3e:78:79:1b:5c:0a:
a9:2a:fb:4e:65:9f:0d:92:2c:d7:f9:57:48:a3:02:af:83:57:
60:d0:24:60:02:a2:14:81:f7:c8:c4:94:ba:d9:34:a6:9e:34:
ec:66:1d:a4:4e:50:63:85:b1:11:c5:f4:59:b9:c4:aa:81:46:
1b:c8:39:b2:e4:e8:21:a0:05:40:aa:51:a9:35:2a:1b:83:39:
60:22:f9:39:0a:31:5f:0d:dc:a1:b6:38:31:8b:3b:09:c1:87:
fe:47:df:1c:5c:4e:75:ce:07:ac:b8:d7:88:c0:e7:23:a6:5d:
53:79:41:dc:19:d8:cf:a8:c0:e3:57:a3:13:c9:80:19:b4:25:
6c:e6:2a:ed:83:9f:c0:a1:f1:5c:67:19:0c:2e:45:7a:e8:7b:
c8:4c:3e:79:9e:f0:42:6f:fd:ee:d1:2f:52:a2:11:67:3b:20:
5e:5d:50:35:f5:71:ed:0b:db:b4:5b:b9:a1:6d:8c:d9:bf:03:
26:ef:fd:72:2c:7a:ca:b3:5b:e9:b2:03:e0:58:06:d7:88:8c:
a5:55:7c:9c:82:72:6b:a9:cf:c2:18:73:ae:3e:e4:03:4d:94:
a8:a0:9f:fd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpMx+mKDITanef7RdnYHU9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMTgwODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2NhNTc2ZGYzODYwOGNlYjM3NzVkNDdlYjdmMGQ2NTRmYjQ2YzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp901lI5pdrTd0E2CEyFDzfRNMg/X
LCnt9fO1hfS+fjM3PoKg5N4Ydf3gEJ2fGkMU0ZOWG2llYIrlkHev8e0+E3LflXyM
MUgbr3kbaIeW7uMlEVPLcJinc+R7tpGpm50KOwSyei0dD5/9b/+NJTw1r8DDjDPc
jloRUGi3Pp19LnBTjOiEUPw1DfwiK2FTYwl56RqV+sNcv7tgiNdCF+RI1kEzsmOY
OIVjgM1IlXt9KFfJsMPjvhc5Jq8kuc3bp+2G0G+S6VzjsDW+/slyPRZ64gBS7clx
1CPmzhto8p/7OVpHEx45l/iwMwGeX7krXHOANXDK3vKvc/q4jwtyn6/4UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOfKV23zhgjOs3ddR+t/DWVPtGxzMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvNThwWGJmT0dDTTZ6ZDExSDYzOE5aVS0wYkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAMasvNwBgxRIbbSnEI+
cE/7nKnhcyov7qtUJWgHHz54eRtcCqkq+05lnw2SLNf5V0ijAq+DV2DQJGACohSB
98jElLrZNKaeNOxmHaROUGOFsRHF9Fm5xKqBRhvIObLk6CGgBUCqUak1KhuDOWAi
+TkKMV8N3KG2ODGLOwnBh/5H3xxcTnXOB6y414jA5yOmXVN5QdwZ2M+owONXoxPJ
gBm0JWzmKu2Dn8Ch8VxnGQwuRXroe8hMPnme8EJv/e7RL1KiEWc7IF5dUDX1ce0L
27RbuaFtjNm/Aybv/XIsesqzW+myA+BYBteIjKVVfJyCcmupz8IYc64+5ANNlKig
n/0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:55 2024 by rpki-client on console-fra.rpki-client.org