Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/5WXpxAi7bJvPIPh4wwX4DrAgrhI.roa
File: 5WXpxAi7bJvPIPh4wwX4DrAgrhI.roa (raw, json)
Hash identifier: s0C9X2GWw6aLbZWdwELefSoTmW1ckSCbTkZvo7nSQEQ=
Subject key identifier: E5:65:E9:C4:08:BB:6C:9B:CF:20:F8:78:C3:05:F8:0E:B0:20:AE:12
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A51EB86900A971F12EDD6A0CFB33B81AD
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/5WXpxAi7bJvPIPh4wwX4DrAgrhI.roa
Signing time: Fri 01 Sep 2023 18:05:04 +0000
ROA not before: Fri 01 Sep 2023 18:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:51ea:cdf0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:51:eb:86:90:0a:97:1f:12:ed:d6:a0:cf:b3:3b:81:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 18:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e565e9c408bb6c9bcf20f878c305f80eb020ae12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a1:aa:44:4a:ba:32:66:06:81:78:24:68:c4:
60:e4:78:37:99:bb:05:67:87:69:08:a6:cd:90:93:
9a:8c:3a:32:c7:b2:c6:e6:4e:17:69:14:d5:01:f5:
d5:55:a4:e3:82:4b:13:bd:48:ac:ba:e5:00:61:72:
7a:5c:f8:8e:9a:63:c4:a9:c9:0d:c7:19:f5:8a:65:
61:d9:0f:59:be:e1:76:9e:07:bd:97:c8:82:de:b7:
45:84:e5:b9:60:f3:15:70:59:06:5e:80:f9:2f:ca:
52:b4:e4:d4:21:a7:ab:1d:45:bf:e6:30:ba:f3:cc:
2d:78:bf:5d:86:f5:86:6c:e7:ea:61:8d:45:d4:33:
29:44:e9:06:ce:61:bd:58:ff:ff:84:51:b3:54:84:
88:bb:eb:45:cd:51:f9:5c:53:f7:0e:ec:1e:05:99:
4a:30:c8:e8:d1:96:c6:52:27:c3:66:a3:08:95:fb:
31:54:08:66:0d:23:34:a8:c6:25:34:87:17:8c:40:
5b:18:e8:07:4c:4a:74:6f:c7:03:df:0f:1a:45:9c:
35:37:f0:f8:08:88:a5:58:b9:8d:92:25:78:b1:98:
06:93:34:e3:c6:e6:15:a2:38:c2:cf:b8:e9:2c:c7:
16:22:a5:b1:20:e9:71:0b:c2:c0:98:c7:97:eb:82:
04:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:65:E9:C4:08:BB:6C:9B:CF:20:F8:78:C3:05:F8:0E:B0:20:AE:12
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/5WXpxAi7bJvPIPh4wwX4DrAgrhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:d2:7e:9e:d5:fc:c4:ad:82:04:ac:ca:de:3f:4e:04:a9:47:
23:b2:65:cf:1f:6a:f3:56:77:9d:a1:cb:ae:a7:7e:1a:38:76:
8e:44:9e:02:92:da:de:a8:bc:2e:07:c8:b8:35:03:6e:e0:e6:
85:f4:bd:9d:30:0a:2f:45:c7:80:f2:8a:f4:30:27:28:7e:ce:
57:6a:ac:b1:20:52:ce:ad:ea:30:88:89:19:1b:b8:ea:ef:82:
27:1a:6b:c5:c3:e9:cb:0c:0d:c0:c5:ca:1b:53:c1:99:00:9d:
0c:e6:3b:36:9d:fa:bd:00:97:0f:53:41:85:39:04:39:4b:d5:
8c:ff:04:23:0e:29:50:f2:f1:10:2e:71:bd:83:5d:e4:b9:cd:
7d:85:c2:3a:26:4c:0c:a0:b0:68:b5:76:bd:ee:46:6e:6f:d9:
82:7f:ed:75:98:83:fd:07:05:75:95:22:71:2d:f9:0c:9b:98:
20:12:12:ab:fb:4c:cc:8a:95:17:af:cd:0c:27:d3:33:80:70:
29:a1:33:37:c2:6d:3b:6c:b4:14:6e:4d:10:c6:08:30:d4:5b:
b9:19:47:93:25:59:4d:e3:77:f6:ec:fa:a8:13:db:4c:d3:e0:
bd:28:0f:39:13:52:55:53:98:a1:66:6f:83:cc:97:ca:75:d7:
eb:73:68:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpR64aQCpcfEu3WoM+zO4GtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMTgwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTY1ZTljNDA4YmI2YzliY2YyMGY4NzhjMzA1ZjgwZWIwMjBhZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqGqREq6MmYGgXgkaMRg5Hg3mbsF
Z4dpCKbNkJOajDoyx7LG5k4XaRTVAfXVVaTjgksTvUisuuUAYXJ6XPiOmmPEqckN
xxn1imVh2Q9ZvuF2nge9l8iC3rdFhOW5YPMVcFkGXoD5L8pStOTUIaerHUW/5jC6
88wteL9dhvWGbOfqYY1F1DMpROkGzmG9WP//hFGzVISIu+tFzVH5XFP3DuweBZlK
MMjo0ZbGUifDZqMIlfsxVAhmDSM0qMYlNIcXjEBbGOgHTEp0b8cD3w8aRZw1N/D4
CIilWLmNkiV4sZgGkzTjxuYVojjCz7jpLMcWIqWxIOlxC8LAmMeX64IEdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOVl6cQIu2ybzyD4eMMF+A6wIK4SMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvNVdYcHhBaTdiSnZQSVBoNHd3WDREckFncmhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAELSfp7V/MStggSsyt4/
TgSpRyOyZc8favNWd52hy66nfho4do5EngKS2t6ovC4HyLg1A27g5oX0vZ0wCi9F
x4DyivQwJyh+zldqrLEgUs6t6jCIiRkbuOrvgicaa8XD6csMDcDFyhtTwZkAnQzm
Ozad+r0Alw9TQYU5BDlL1Yz/BCMOKVDy8RAucb2DXeS5zX2FwjomTAygsGi1dr3u
Rm5v2YJ/7XWYg/0HBXWVInEt+QybmCASEqv7TMyKlRevzQwn0zOAcCmhMzfCbTts
tBRuTRDGCDDUW7kZR5MlWU3jd/bs+qgT20zT4L0oDzkTUlVTmKFmb4PMl8p11+tz
aOk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org