Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/87-zfXAjNyQGK0-aMqkICjTGWWM.roa
File: 87-zfXAjNyQGK0-aMqkICjTGWWM.roa (raw, json)
Hash identifier: Vj5/yUb9mzDpZ4tYdFW/jx4UjVJCNLvK+GbJuikGg1o=
Subject key identifier: F3:BF:B3:7D:70:23:37:24:06:2B:4F:9A:32:A9:08:0A:34:C6:59:63
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A55D25DE841B6D3AC963FFD55D569E755
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/87-zfXAjNyQGK0-aMqkICjTGWWM.roa
Signing time: Sat 02 Sep 2023 12:16:04 +0000
ROA not before: Sat 02 Sep 2023 12:16:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:55:d2:5d:e8:41:b6:d3:ac:96:3f:fd:55:d5:69:e7:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 12:16:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3bfb37d70233724062b4f9a32a9080a34c65963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9e:8d:a5:71:91:1a:39:dd:5b:17:ff:8b:ac:
e6:13:51:f6:26:9e:54:0f:2e:94:b4:f8:cc:28:73:
cc:eb:8e:fc:d0:3e:dd:df:c4:6b:a4:0a:7d:31:aa:
5b:98:36:cf:8c:77:d6:3a:a2:27:7b:20:80:c1:90:
4c:a8:c5:c1:9a:a0:2a:45:9b:b1:64:42:08:2b:78:
22:6b:ab:c0:ea:4d:9c:10:d6:ec:58:b4:f9:ae:8f:
55:ba:f4:b4:34:2c:9a:17:ab:d2:c3:8e:62:2f:83:
c2:38:34:b5:5d:57:f8:9d:20:c4:e1:cb:cc:25:31:
5e:3b:de:b9:f9:9a:85:f8:26:1b:f5:02:09:af:63:
71:b5:a2:ea:4e:6d:3c:39:76:20:d8:bc:c3:1c:f4:
1c:34:1b:a4:a9:b7:c8:a7:76:29:e1:6a:7c:cf:1a:
9b:34:6c:ff:ad:3a:ad:62:68:0e:c0:ba:bd:af:f6:
f4:7b:da:ad:6d:75:ea:32:bf:09:b6:a9:de:8e:ab:
6a:59:61:bb:ce:61:c4:d7:0b:18:5d:90:c0:e9:77:
3f:ac:28:86:fc:38:38:69:a4:ed:a8:59:77:72:83:
ad:2a:6a:12:86:03:ae:96:a0:46:de:1b:0d:3a:85:
3a:b8:66:c2:e6:7d:95:32:b8:5b:cb:42:2c:55:b1:
63:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:BF:B3:7D:70:23:37:24:06:2B:4F:9A:32:A9:08:0A:34:C6:59:63
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/87-zfXAjNyQGK0-aMqkICjTGWWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:c5:ff:1d:f5:28:ea:6c:3c:a9:e2:e7:1e:47:67:ca:ec:9d:
df:2b:12:97:65:c5:35:28:c4:3a:1c:f6:c4:ff:91:f7:f1:83:
80:99:f1:ab:2c:14:c6:8f:8a:5b:44:dd:57:54:05:37:b4:a8:
73:83:99:48:b9:09:f8:78:ee:2b:ea:b2:a5:5b:73:6b:c8:f2:
8d:ba:d0:eb:1b:18:63:6f:d2:ce:53:a2:52:f2:bb:c0:80:92:
44:92:62:08:26:29:ce:c8:03:62:c3:79:c5:65:e9:0b:5b:b3:
84:10:2e:d1:c1:f3:37:fb:19:30:ff:c2:e1:d2:4d:f6:5d:8b:
a4:0d:fb:57:4a:be:e3:c1:00:7e:91:49:45:59:3b:b6:f8:c1:
10:a2:d9:39:a3:8a:4a:49:8d:60:5d:3e:87:6d:12:65:00:6c:
00:99:b7:b1:72:15:09:ff:d0:af:5d:83:e8:8c:50:b0:62:25:
0b:3c:75:03:fa:a4:44:61:08:a4:3e:65:4f:54:4c:72:8e:00:
1b:76:8e:98:d0:7c:25:51:9e:ba:fc:1e:e9:92:19:1a:0b:56:
61:4b:e4:37:4f:f5:dc:4d:df:af:24:e3:16:63:71:1f:6a:45:
3e:e5:1d:db:fd:b6:d5:a3:cb:89:04:cd:40:7d:f2:f6:d6:66:
d3:86:b2:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpV0l3oQbbTrJY//VXVaedVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMTIxNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2JmYjM3ZDcwMjMzNzI0MDYyYjRmOWEzMmE5MDgwYTM0YzY1OTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA056NpXGRGjndWxf/i6zmE1H2Jp5U
Dy6UtPjMKHPM64780D7d38RrpAp9MapbmDbPjHfWOqIneyCAwZBMqMXBmqAqRZux
ZEIIK3gia6vA6k2cENbsWLT5ro9VuvS0NCyaF6vSw45iL4PCODS1XVf4nSDE4cvM
JTFeO965+ZqF+CYb9QIJr2NxtaLqTm08OXYg2LzDHPQcNBukqbfIp3Yp4Wp8zxqb
NGz/rTqtYmgOwLq9r/b0e9qtbXXqMr8JtqnejqtqWWG7zmHE1wsYXZDA6Xc/rCiG
/Dg4aaTtqFl3coOtKmoShgOulqBG3hsNOoU6uGbC5n2VMrhby0IsVbFjowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPO/s31wIzckBitPmjKpCAo0xlljMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvODctemZYQWpOeVFHSzAtYU1xa0lDalRHV1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJfF/x31KOpsPKni5x5H
Z8rsnd8rEpdlxTUoxDoc9sT/kffxg4CZ8assFMaPiltE3VdUBTe0qHODmUi5Cfh4
7ivqsqVbc2vI8o260OsbGGNv0s5TolLyu8CAkkSSYggmKc7IA2LDecVl6Qtbs4QQ
LtHB8zf7GTD/wuHSTfZdi6QN+1dKvuPBAH6RSUVZO7b4wRCi2TmjikpJjWBdPodt
EmUAbACZt7FyFQn/0K9dg+iMULBiJQs8dQP6pERhCKQ+ZU9UTHKOABt2jpjQfCVR
nrr8HumSGRoLVmFL5DdP9dxN368k4xZjcR9qRT7lHdv9ttWjy4kEzUB98vbWZtOG
snM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:55 2024 by rpki-client on console-fra.rpki-client.org