Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/9aO8PRKVodKUOeZQ58S_wHqCBTQ.roa
File: 9aO8PRKVodKUOeZQ58S_wHqCBTQ.roa (raw, json)
Hash identifier: IPB5tZ1cAkb339DGj+vl/S1qrvp+e7vbmK4xnX8wL90=
Subject key identifier: F5:A3:BC:3D:12:95:A1:D2:94:39:E6:50:E7:C4:BF:C0:7A:82:05:34
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A837C8CBD7FBE4574F5E2D443A4DDB359
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/9aO8PRKVodKUOeZQ58S_wHqCBTQ.roa
Signing time: Mon 11 Sep 2023 09:04:52 +0000
ROA not before: Mon 11 Sep 2023 09:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:7c:8c:bd:7f:be:45:74:f5:e2:d4:43:a4:dd:b3:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 09:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5a3bc3d1295a1d29439e650e7c4bfc07a820534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8f:e7:e1:60:14:d7:89:c7:c4:a9:bb:6f:ee:
e6:fc:2b:9b:4b:e3:56:23:92:3d:4c:00:e7:66:66:
87:fd:55:38:b3:fd:c7:90:8f:48:c9:42:c4:47:72:
bf:6a:c8:4f:01:94:97:37:32:f6:3e:13:ef:56:68:
89:e1:09:d4:41:9f:44:39:7d:45:16:cf:9c:96:5a:
18:38:27:ad:2a:11:1b:d9:18:80:60:89:ce:c8:5f:
79:5d:8e:26:e7:a7:6f:d1:72:ee:aa:57:57:94:46:
5a:cd:3d:cd:a9:65:76:4d:14:bd:5c:84:ee:28:68:
06:a3:ad:09:df:78:6a:5f:7e:9c:b0:8d:80:3e:c3:
26:37:23:7b:02:a3:2a:62:e9:bd:7e:af:3b:98:d9:
ab:c8:fc:71:e9:c5:0d:11:b3:b9:18:b1:a8:ea:b5:
18:6a:9a:fc:3f:d4:4a:70:cb:e2:3d:bc:b0:43:f6:
1c:5b:1f:79:29:3b:7b:4b:a0:ec:24:d5:b6:2c:2a:
c1:45:30:0f:8e:a9:47:c7:e8:5b:f0:29:4a:73:6c:
d6:c8:9b:ed:35:60:d0:50:b6:73:56:c1:33:44:39:
ba:26:b3:62:63:4d:5b:f2:d3:55:98:e2:95:43:9f:
40:d4:cf:71:d2:ab:b2:f3:c2:d9:52:29:8a:05:44:
26:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A3:BC:3D:12:95:A1:D2:94:39:E6:50:E7:C4:BF:C0:7A:82:05:34
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/9aO8PRKVodKUOeZQ58S_wHqCBTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
23:18:10:7b:4d:5c:e6:77:55:65:44:70:91:f8:60:3c:fc:b9:
b3:d3:e4:71:8d:1e:21:74:c4:b9:4e:f6:31:d2:07:a8:5c:35:
85:b2:33:2c:22:46:a4:1f:87:99:68:e2:f6:8e:96:ee:7c:53:
34:a5:3d:5b:de:26:52:22:b5:65:f9:73:f2:4c:d5:65:59:1e:
51:9e:fd:69:c4:c3:8e:89:bf:83:44:10:49:81:c5:c4:54:58:
59:57:e3:4c:cd:8b:83:e2:63:a9:85:dd:ed:48:54:0e:46:53:
5f:5c:6f:69:5b:d9:cd:83:04:23:4d:d5:0d:2d:24:5a:54:48:
b5:91:d7:90:a4:f6:2e:bd:ab:bc:b3:41:a5:92:b2:03:3e:f8:
b6:58:2c:c1:60:a6:8f:d5:4b:11:0f:42:78:28:a1:57:6b:0a:
2e:64:01:7c:66:d5:73:09:ee:92:23:e9:1f:6c:bc:28:fb:85:
08:42:4b:03:75:6d:24:a8:d4:dd:4d:4c:ec:17:54:74:d1:7d:
28:70:63:be:4f:e0:60:5d:e6:a3:da:4d:ea:47:6f:f3:4b:e4:
1f:ff:dd:5e:76:21:11:ce:fc:92:18:bd:17:0a:f2:37:af:e9:
46:13:3a:d5:b9:7b:05:33:e6:a7:33:44:82:9b:b5:de:f0:3f:
66:04:53:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqDfIy9f75FdPXi1EOk3bNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMDkwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWEzYmMzZDEyOTVhMWQyOTQzOWU2NTBlN2M0YmZjMDdhODIwNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI/n4WAU14nHxKm7b+7m/CubS+NW
I5I9TADnZmaH/VU4s/3HkI9IyULER3K/ashPAZSXNzL2PhPvVmiJ4QnUQZ9EOX1F
Fs+clloYOCetKhEb2RiAYInOyF95XY4m56dv0XLuqldXlEZazT3NqWV2TRS9XITu
KGgGo60J33hqX36csI2APsMmNyN7AqMqYum9fq87mNmryPxx6cUNEbO5GLGo6rUY
apr8P9RKcMviPbywQ/YcWx95KTt7S6DsJNW2LCrBRTAPjqlHx+hb8ClKc2zWyJvt
NWDQULZzVsEzRDm6JrNiY01b8tNVmOKVQ59A1M9x0quy88LZUimKBUQm1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPWjvD0SlaHSlDnmUOfEv8B6ggU0MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvOWFPOFBSS1ZvZEtVT2VaUTU4U193SHFDQlRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACMYEHtNXOZ3VWVEcJH4
YDz8ubPT5HGNHiF0xLlO9jHSB6hcNYWyMywiRqQfh5lo4vaOlu58UzSlPVveJlIi
tWX5c/JM1WVZHlGe/WnEw46Jv4NEEEmBxcRUWFlX40zNi4PiY6mF3e1IVA5GU19c
b2lb2c2DBCNN1Q0tJFpUSLWR15Ck9i69q7yzQaWSsgM++LZYLMFgpo/VSxEPQngo
oVdrCi5kAXxm1XMJ7pIj6R9svCj7hQhCSwN1bSSo1N1NTOwXVHTRfShwY75P4GBd
5qPaTepHb/NL5B//3V52IRHO/JIYvRcK8jev6UYTOtW5ewUz5qczRIKbtd7wP2YE
U6Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:55 2024 by rpki-client on console-fra.rpki-client.org