Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/5yhynwskJcp-nu8CHkENYFOTes4.roa
File: 5yhynwskJcp-nu8CHkENYFOTes4.roa (raw, json)
Hash identifier: 2R6ahDg6kCSAWuRW+LA/Gxvs7PTwD9C3pkXA5pEyo3s=
Subject key identifier: E7:28:72:9F:0B:24:25:CA:7E:9E:EF:02:1E:41:0D:60:53:93:7A:CE
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7D12E1B3BC244513654E45D70C94CBB8
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/5yhynwskJcp-nu8CHkENYFOTes4.roa
Signing time: Sun 10 Sep 2023 03:11:44 +0000
ROA not before: Sun 10 Sep 2023 03:11:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:7d0c:b4eb/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7d:12:e1:b3:bc:24:45:13:65:4e:45:d7:0c:94:cb:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 10 03:11:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e728729f0b2425ca7e9eef021e410d6053937ace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d1:c9:4d:b6:66:79:ff:e8:c0:71:c0:27:17:
d8:7d:ac:06:ad:c6:a8:57:b7:f2:bd:9b:b7:86:f1:
42:ee:ac:1a:3d:73:a6:e9:6c:32:21:7f:88:d8:f1:
c6:3b:c7:83:23:a5:30:69:34:8f:7a:7a:4e:f9:21:
13:f4:d7:81:09:c5:90:7f:80:10:03:c4:50:02:5b:
88:0a:41:9c:5a:88:7a:af:01:6b:96:c8:fb:40:28:
45:55:4b:1f:1c:d5:d0:c6:01:a0:33:ed:ce:dd:03:
9a:95:09:a3:91:0a:e9:a7:07:f9:c7:05:23:b5:88:
7b:40:a5:3c:b6:9b:e1:13:16:41:a5:52:72:50:c4:
e8:3a:24:d4:05:61:fc:b7:9e:f5:5d:d0:77:0e:0b:
5c:62:e0:be:cd:f7:8b:8a:92:61:92:2c:bf:f7:6b:
ea:28:dd:de:26:7e:ed:90:b0:0d:a3:27:9d:8a:2a:
79:bb:36:3c:07:a9:2f:ea:b4:6f:1c:f0:36:90:b9:
14:d6:e5:fc:81:26:61:96:96:b1:ba:2c:6d:bc:a3:
6b:8d:ed:65:ec:68:20:a5:c8:af:d5:ae:aa:42:d0:
14:2d:08:36:e6:7b:1d:64:e0:fd:4e:55:ed:0e:66:
38:ae:37:64:a8:be:65:ef:82:83:89:2e:a8:b8:bc:
3f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:28:72:9F:0B:24:25:CA:7E:9E:EF:02:1E:41:0D:60:53:93:7A:CE
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/5yhynwskJcp-nu8CHkENYFOTes4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a9:17:0f:45:8d:36:dd:0a:31:e1:01:49:db:5c:fc:37:82:ca:
ef:a3:eb:5c:ea:04:fb:b7:ca:ee:80:e4:37:b7:c4:82:3f:a2:
6a:5f:e5:2e:cb:4c:d8:5e:1e:61:a1:fd:82:4d:d6:ff:22:6a:
78:90:52:21:6e:8b:8e:a4:73:d4:79:b0:81:30:84:29:ea:5d:
27:ae:1b:26:cd:e2:d0:ba:bd:f2:1f:37:bd:70:e6:85:ce:4a:
af:5a:85:7a:61:e2:a7:0e:a0:c1:f3:c0:1d:d0:bc:17:30:96:
71:c4:49:c8:24:c7:d0:d3:3a:ce:38:52:bd:d1:57:43:f3:f8:
0f:15:26:44:f9:97:b5:8f:80:b1:ee:8e:33:9c:ce:3e:e7:26:
33:21:d9:65:86:75:75:45:a5:68:18:5c:66:c5:ce:80:02:88:
5f:2d:6e:f9:f7:d4:fd:48:89:4e:3a:cd:26:b3:cf:28:72:77:
c7:47:ea:8c:24:db:25:82:07:c8:9e:07:66:80:55:74:d3:3e:
0c:b1:f4:a5:6c:11:5d:24:09:44:c1:32:68:1c:80:2b:b6:bc:
2d:14:86:d8:88:15:aa:b2:21:f6:3b:c7:d3:00:36:80:af:ef:
9c:68:54:c4:a1:ae:2f:11:f2:7d:32:49:87:c6:ab:65:37:58:
ee:f3:64:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp9EuGzvCRFE2VORdcMlMu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEwMDMxMTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzI4NzI5ZjBiMjQyNWNhN2U5ZWVmMDIxZTQxMGQ2MDUzOTM3YWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNHJTbZmef/owHHAJxfYfawGrcao
V7fyvZu3hvFC7qwaPXOm6WwyIX+I2PHGO8eDI6UwaTSPenpO+SET9NeBCcWQf4AQ
A8RQAluICkGcWoh6rwFrlsj7QChFVUsfHNXQxgGgM+3O3QOalQmjkQrppwf5xwUj
tYh7QKU8tpvhExZBpVJyUMToOiTUBWH8t571XdB3DgtcYuC+zfeLipJhkiy/92vq
KN3eJn7tkLANoyediip5uzY8B6kv6rRvHPA2kLkU1uX8gSZhlpaxuixtvKNrje1l
7Gggpciv1a6qQtAULQg25nsdZOD9TlXtDmY4rjdkqL5l74KDiS6ouLw/AQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOcocp8LJCXKfp7vAh5BDWBTk3rOMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvNXloeW53c2tKY3AtbnU4Q0hrRU5ZRk9UZXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKkXD0WNNt0KMeEBSdtc
/DeCyu+j61zqBPu3yu6A5De3xII/ompf5S7LTNheHmGh/YJN1v8ianiQUiFui46k
c9R5sIEwhCnqXSeuGybN4tC6vfIfN71w5oXOSq9ahXph4qcOoMHzwB3QvBcwlnHE
Scgkx9DTOs44Ur3RV0Pz+A8VJkT5l7WPgLHujjOczj7nJjMh2WWGdXVFpWgYXGbF
zoACiF8tbvn31P1IiU46zSazzyhyd8dH6owk2yWCB8ieB2aAVXTTPgyx9KVsEV0k
CUTBMmgcgCu2vC0UhtiIFaqyIfY7x9MANoCv75xoVMShri8R8n0ySYfGq2U3WO7z
ZJ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org