Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CI40z-5oTjbucUMuQwN672u72PM.roa
File: CI40z-5oTjbucUMuQwN672u72PM.roa (raw, json)
Hash identifier: pSWtaxcM+GwwHRUibQmekuiCOfHGulqgadeVXd7GyTg=
Subject key identifier: 08:8E:34:CF:EE:68:4E:36:EE:71:43:2E:43:03:7A:EF:6B:BB:D8:F3
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A48439A0ECBD31C71D6A098EDBC5F10B7
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CI40z-5oTjbucUMuQwN672u72PM.roa
Signing time: Wed 30 Aug 2023 21:05:04 +0000
ROA not before: Wed 30 Aug 2023 21:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:4842:ebb2/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:48:43:9a:0e:cb:d3:1c:71:d6:a0:98:ed:bc:5f:10:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 21:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=088e34cfee684e36ee71432e43037aef6bbbd8f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ea:22:c7:0a:ff:75:1a:b9:0e:21:8d:ac:7e:
b5:bd:24:c0:d6:dc:06:f6:8d:87:18:21:d7:b4:d0:
18:9f:5e:bc:a3:2f:72:49:9f:9b:cf:00:de:8a:fa:
db:ae:e2:e4:80:19:d5:66:37:bf:37:bc:be:db:5d:
d6:49:52:10:a8:43:fe:b2:df:9a:30:60:22:0f:c4:
13:ac:3a:a6:17:4f:67:5a:f4:dd:96:90:19:dd:53:
9e:fb:8f:8f:48:cd:73:2a:fc:a3:8c:99:fa:4d:69:
c6:ab:d8:c5:82:cb:4d:d0:31:36:35:01:24:a7:ed:
e7:6d:4d:5c:6c:9a:ef:4e:9b:ff:db:f4:cd:32:5f:
d7:8a:3b:7d:ab:1a:29:58:5e:58:8c:be:1e:06:96:
18:41:d5:9a:82:0c:e5:df:b3:7f:7e:57:4b:51:15:
98:ba:92:5a:1d:f0:bc:92:e3:61:1a:a6:28:2f:00:
8f:f4:0c:c6:35:f0:c1:89:ac:b1:97:af:3c:3c:c5:
76:68:8a:ab:ec:bd:df:e4:16:c1:10:3f:2a:f9:8c:
ed:71:c1:23:74:4b:9b:ff:d0:1b:01:fa:6b:73:e2:
59:a2:01:9f:30:71:c5:03:3e:1b:c0:c4:b1:b9:57:
fb:b5:e0:b6:be:03:15:e3:bd:5a:21:e6:b7:bb:ba:
42:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:8E:34:CF:EE:68:4E:36:EE:71:43:2E:43:03:7A:EF:6B:BB:D8:F3
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CI40z-5oTjbucUMuQwN672u72PM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:ae:8f:46:0d:8f:c3:ad:99:5f:0d:21:42:0f:ba:01:4f:f9:
47:a2:5e:5e:26:77:17:9d:55:41:75:72:fb:ae:1e:bf:93:37:
b9:49:bf:a8:18:20:f7:11:1c:2c:a0:ee:e3:d7:9b:35:3a:0b:
d7:5c:eb:ad:3a:07:23:4b:aa:ff:72:77:28:ca:5f:f5:01:91:
68:fa:47:ad:11:5a:bb:bb:e3:64:f0:bc:5b:05:5c:37:42:4c:
31:86:90:9e:f7:98:4a:1b:14:51:c2:18:54:eb:6e:6c:3f:50:
a6:6a:41:c7:74:68:8c:cb:dc:8a:23:98:e2:d3:e6:eb:49:82:
14:ff:ec:75:44:1c:96:08:e6:c8:8f:4b:41:f5:1f:80:fa:ce:
f8:9b:43:58:31:28:a8:b2:2b:50:81:27:c6:ae:4d:58:0d:30:
96:28:6b:f5:3c:0b:bf:39:ab:5b:6e:27:4c:bc:26:53:61:88:
c5:42:d0:8c:d6:69:a3:ff:cb:09:fe:b8:76:b4:9e:1f:c3:f0:
2b:cc:06:ff:b0:12:62:a3:13:79:3d:f7:0b:5d:8f:b7:46:fd:
9b:34:87:b5:37:9f:af:81:18:77:72:c5:dd:5f:96:c3:0f:7c:
84:93:42:27:7b:63:83:45:00:d9:b4:51:80:9e:15:52:80:d9:
e3:16:8c:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpIQ5oOy9MccdagmO28XxC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMjEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODhlMzRjZmVlNjg0ZTM2ZWU3MTQzMmU0MzAzN2FlZjZiYmJkOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieoixwr/dRq5DiGNrH61vSTA1twG
9o2HGCHXtNAYn168oy9ySZ+bzwDeivrbruLkgBnVZje/N7y+213WSVIQqEP+st+a
MGAiD8QTrDqmF09nWvTdlpAZ3VOe+4+PSM1zKvyjjJn6TWnGq9jFgstN0DE2NQEk
p+3nbU1cbJrvTpv/2/TNMl/Xijt9qxopWF5YjL4eBpYYQdWaggzl37N/fldLURWY
upJaHfC8kuNhGqYoLwCP9AzGNfDBiayxl688PMV2aIqr7L3f5BbBED8q+YztccEj
dEub/9AbAfprc+JZogGfMHHFAz4bwMSxuVf7teC2vgMV471aIea3u7pCfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAiONM/uaE427nFDLkMDeu9ru9jzMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQ0k0MHotNW9UamJ1Y1VNdVF3TjY3MnU3MlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKeuj0YNj8OtmV8NIUIP
ugFP+UeiXl4mdxedVUF1cvuuHr+TN7lJv6gYIPcRHCyg7uPXmzU6C9dc6606ByNL
qv9ydyjKX/UBkWj6R60RWru742TwvFsFXDdCTDGGkJ73mEobFFHCGFTrbmw/UKZq
Qcd0aIzL3IojmOLT5utJghT/7HVEHJYI5siPS0H1H4D6zvibQ1gxKKiyK1CBJ8au
TVgNMJYoa/U8C785q1tuJ0y8JlNhiMVC0IzWaaP/ywn+uHa0nh/D8CvMBv+wEmKj
E3k99wtdj7dG/Zs0h7U3n6+BGHdyxd1flsMPfISTQid7Y4NFANm0UYCeFVKA2eMW
jLs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:55 2024 by rpki-client on console-fra.rpki-client.org