Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/AA5nNWYy-1Ey_uhBfiDG6uvjlFc.roa
File: AA5nNWYy-1Ey_uhBfiDG6uvjlFc.roa (raw, json)
Hash identifier: FTq+WB7SkmDeHbkAE+INC1HVwZaW/eYC/B5KTXu0TFM=
Subject key identifier: 00:0E:67:35:66:32:FB:51:32:FE:E8:41:7E:20:C6:EA:EB:E3:94:57
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8918FA0A23F58738C61D20B9D130FF01
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/AA5nNWYy-1Ey_uhBfiDG6uvjlFc.roa
Signing time: Tue 12 Sep 2023 11:13:50 +0000
ROA not before: Tue 12 Sep 2023 11:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:18:fa:0a:23:f5:87:38:c6:1d:20:b9:d1:30:ff:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 12 11:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=000e67356632fb5132fee8417e20c6eaebe39457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f9:9f:f3:e0:78:c7:2a:d0:96:8d:6c:09:9b:
ed:57:b6:9b:ef:a4:5b:98:9b:cc:a4:c3:ed:7f:b2:
d3:c3:8a:d0:99:cd:fd:9c:be:c8:f1:a8:66:e5:8b:
1a:9b:00:78:b8:49:e5:eb:ac:33:bb:97:dd:60:d3:
44:ec:e6:8b:38:b5:1e:e2:32:d0:3a:81:43:aa:ea:
d0:ed:59:af:e4:b7:ba:12:1b:69:f6:24:b6:7b:ac:
1e:79:62:b5:dd:ad:2c:80:53:01:65:2b:59:2a:7d:
83:1c:d8:54:c9:6c:b9:09:a8:2d:85:ec:b2:61:3b:
7c:6c:70:96:31:d5:8f:c9:73:7f:d3:5a:96:4a:da:
b1:70:15:e2:4b:b2:c7:36:ab:9c:96:40:16:58:07:
d0:13:cb:93:0f:3d:66:d6:e7:aa:91:fd:23:cd:db:
90:81:9a:29:b1:4d:d7:f6:7c:22:2e:1b:7d:f9:a2:
d5:37:da:26:e2:2b:03:57:54:7b:fd:ac:fc:51:ea:
81:e9:24:54:c2:62:0a:67:3c:b0:59:6c:4c:6c:02:
5a:64:cb:ef:a0:89:82:86:99:6e:fb:53:27:91:d8:
3e:6d:eb:70:be:02:b1:97:84:1c:06:9e:66:d2:c2:
41:ee:60:b2:c3:5a:e6:c5:cb:56:7f:77:2f:37:74:
bb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:0E:67:35:66:32:FB:51:32:FE:E8:41:7E:20:C6:EA:EB:E3:94:57
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/AA5nNWYy-1Ey_uhBfiDG6uvjlFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:ca:88:33:2c:96:70:79:ee:33:b9:15:8a:2f:71:86:ee:93:
9b:20:1d:0f:7d:f5:93:e0:d6:95:71:e0:25:11:e2:be:13:ba:
c8:bc:4d:90:24:40:00:ec:30:6e:f5:6e:eb:c8:b3:e9:cb:c2:
3a:f9:b3:cc:71:79:0f:3c:a6:84:4e:03:98:19:11:4d:d1:52:
01:c8:ac:88:78:d0:ee:a1:28:16:47:1b:a7:3e:10:a9:33:52:
1d:19:80:1c:72:e0:c7:91:98:79:f5:4c:66:d7:bb:b6:2a:42:
f0:05:d8:00:61:08:18:bf:98:ed:72:22:72:61:b5:63:c8:52:
2e:07:1c:06:02:5d:a1:01:96:92:e2:0d:d1:c1:9b:29:e4:dc:
e5:ad:14:de:fe:06:fd:29:9f:53:00:ce:a3:1a:c8:93:8e:44:
c8:4c:c2:cf:96:cd:33:b6:34:7a:99:47:e1:f3:4a:46:1a:f7:
3c:04:66:54:4c:8f:95:b1:40:af:6a:93:b9:6a:b2:5d:7a:e6:
c5:4f:8b:ee:f7:97:c6:de:f4:23:30:d9:24:ee:af:ad:30:c6:
18:8b:87:90:3c:fa:79:2c:2d:c8:0d:28:6c:f2:fb:14:a7:0b:
97:ce:3b:b8:d7:b9:85:b6:fe:8c:61:ff:0d:ba:3d:0e:0d:aa:
72:53:13:21
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqJGPoKI/WHOMYdILnRMP8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEyMTExMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDBlNjczNTY2MzJmYjUxMzJmZWU4NDE3ZTIwYzZlYWViZTM5NDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/mf8+B4xyrQlo1sCZvtV7ab76Rb
mJvMpMPtf7LTw4rQmc39nL7I8ahm5YsamwB4uEnl66wzu5fdYNNE7OaLOLUe4jLQ
OoFDqurQ7Vmv5Le6Ehtp9iS2e6weeWK13a0sgFMBZStZKn2DHNhUyWy5Cagtheyy
YTt8bHCWMdWPyXN/01qWStqxcBXiS7LHNquclkAWWAfQE8uTDz1m1ueqkf0jzduQ
gZopsU3X9nwiLht9+aLVN9om4isDV1R7/az8UeqB6SRUwmIKZzywWWxMbAJaZMvv
oImChplu+1Mnkdg+betwvgKxl4QcBp5m0sJB7mCyw1rmxctWf3cvN3S7dwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAAOZzVmMvtRMv7oQX4gxurr45RXMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQUE1bk5XWXktMUV5X3VoQmZpREc2dXZqbEZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADHKiDMslnB57jO5FYov
cYbuk5sgHQ999ZPg1pVx4CUR4r4Tusi8TZAkQADsMG71buvIs+nLwjr5s8xxeQ88
poROA5gZEU3RUgHIrIh40O6hKBZHG6c+EKkzUh0ZgBxy4MeRmHn1TGbXu7YqQvAF
2ABhCBi/mO1yInJhtWPIUi4HHAYCXaEBlpLiDdHBmynk3OWtFN7+Bv0pn1MAzqMa
yJOORMhMws+WzTO2NHqZR+HzSkYa9zwEZlRMj5WxQK9qk7lqsl165sVPi+73l8be
9CMw2STur60wxhiLh5A8+nksLcgNKGzy+xSnC5fOO7jXuYW2/oxh/w26PQ4NqnJT
EyE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:55 2024 by rpki-client on console-fra.rpki-client.org