Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CO-ORWIbv9HPj-_gTKd6oeYj_JM.roa
File: CO-ORWIbv9HPj-_gTKd6oeYj_JM.roa (raw, json)
Hash identifier: xe/rwEcrdQ1yn/xDVarHcn4Gbx3akpB/ipXuSlgtBDI=
Subject key identifier: 08:EF:8E:45:62:1B:BF:D1:CF:8F:EF:E0:4C:A7:7A:A1:E6:23:FC:93
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A54529E854D37A2125F8348F2FACF534A
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CO-ORWIbv9HPj-_gTKd6oeYj_JM.roa
Signing time: Sat 02 Sep 2023 05:16:55 +0000
ROA not before: Sat 02 Sep 2023 05:16:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:54:52:9e:85:4d:37:a2:12:5f:83:48:f2:fa:cf:53:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 05:16:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08ef8e45621bbfd1cf8fefe04ca77aa1e623fc93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cd:51:1d:29:10:25:c6:c5:67:0f:a4:6e:ec:
5b:2f:59:ef:44:53:55:23:89:6e:44:28:39:e4:84:
c5:80:4b:27:69:bf:3d:6b:15:e3:0c:be:c6:16:88:
df:3f:6e:ff:4d:c3:02:2a:89:c0:32:d2:29:de:a7:
8b:81:5b:6c:58:76:44:30:7b:52:1f:0d:70:08:b1:
16:ab:c7:ac:fc:08:a8:30:21:d0:52:8f:ce:8f:db:
9e:87:4f:af:b0:1e:e6:57:6c:4c:8b:8f:65:63:51:
18:56:d1:93:7f:32:3c:dd:9d:73:37:da:64:e7:7b:
41:37:db:06:ab:49:10:d1:36:fe:a1:07:af:89:06:
7a:9a:07:28:c4:f9:cc:2b:87:be:17:3e:53:f5:4a:
a9:a3:fb:28:f2:eb:d0:bf:f0:78:8a:73:e0:51:a0:
c9:2e:56:69:b6:13:10:61:d5:b0:b9:88:fc:80:34:
ed:78:4d:ea:df:41:62:7d:8b:ec:5c:e2:38:f5:c1:
4c:16:ec:f6:fd:9d:be:fe:cb:69:34:88:d8:4a:b2:
79:8e:04:bc:6b:5b:bd:03:2d:5d:c1:22:63:22:eb:
3c:27:86:3c:fd:d6:30:ed:df:70:0c:d0:d8:17:65:
92:59:39:c3:bb:0a:17:45:a6:c3:74:5d:f7:5f:63:
9d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:EF:8E:45:62:1B:BF:D1:CF:8F:EF:E0:4C:A7:7A:A1:E6:23:FC:93
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CO-ORWIbv9HPj-_gTKd6oeYj_JM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:76:bf:bf:2a:48:77:33:a4:23:c0:9e:8e:2c:87:71:65:ea:
d6:35:51:13:83:4a:97:8c:4d:1d:48:f1:e7:97:ae:8e:06:a7:
4f:47:06:ee:c4:95:db:ce:f9:0f:7f:71:53:20:b8:02:e7:52:
ae:eb:26:ad:3e:ad:e1:cb:e1:bf:13:23:dc:ae:c9:9d:12:ed:
1c:5b:3c:a3:7f:36:d2:04:03:23:4b:18:b5:46:56:3b:85:b8:
bf:8b:0b:5c:90:7f:e5:00:a3:92:c1:69:63:ed:ff:d5:ec:59:
a0:2b:b9:cc:e6:1a:f5:97:55:d3:49:e7:0d:d8:37:cd:86:bd:
54:d4:85:3e:95:76:b7:b7:3a:be:2d:d5:cc:d4:38:d1:c7:c1:
bb:5a:fe:a3:12:aa:6c:d3:e0:49:33:c2:3d:04:32:2e:5c:1c:
5f:d5:52:a4:b4:b0:c8:ec:ab:ad:8d:2a:ea:f8:cd:46:03:09:
99:28:d3:c9:b3:cb:c9:f1:49:c6:cb:70:a1:71:19:34:05:62:
81:a6:a6:3e:67:28:eb:30:c4:94:f3:04:ff:ec:e4:1a:5c:4c:
4a:54:6d:ec:49:cb:9a:81:8b:8c:3c:fb:04:69:42:5d:ea:00:
cf:d9:72:9f:a5:46:dc:5d:39:cb:3d:90:a7:6f:2f:c8:d0:f0:
60:52:60:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpUUp6FTTeiEl+DSPL6z1NKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMDUxNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGVmOGU0NTYyMWJiZmQxY2Y4ZmVmZTA0Y2E3N2FhMWU2MjNmYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkM1RHSkQJcbFZw+kbuxbL1nvRFNV
I4luRCg55ITFgEsnab89axXjDL7GFojfP27/TcMCKonAMtIp3qeLgVtsWHZEMHtS
Hw1wCLEWq8es/AioMCHQUo/Oj9ueh0+vsB7mV2xMi49lY1EYVtGTfzI83Z1zN9pk
53tBN9sGq0kQ0Tb+oQeviQZ6mgcoxPnMK4e+Fz5T9Uqpo/so8uvQv/B4inPgUaDJ
LlZpthMQYdWwuYj8gDTteE3q30FifYvsXOI49cFMFuz2/Z2+/stpNIjYSrJ5jgS8
a1u9Ay1dwSJjIus8J4Y8/dYw7d9wDNDYF2WSWTnDuwoXRabDdF33X2OdrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAjvjkViG7/Rz4/v4EyneqHmI/yTMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQ08tT1JXSWJ2OUhQai1fZ1RLZDZvZVlqX0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGR2v78qSHczpCPAno4s
h3Fl6tY1URODSpeMTR1I8eeXro4Gp09HBu7EldvO+Q9/cVMguALnUq7rJq0+reHL
4b8TI9yuyZ0S7RxbPKN/NtIEAyNLGLVGVjuFuL+LC1yQf+UAo5LBaWPt/9XsWaAr
uczmGvWXVdNJ5w3YN82GvVTUhT6Vdre3Or4t1czUONHHwbta/qMSqmzT4Ekzwj0E
Mi5cHF/VUqS0sMjsq62NKur4zUYDCZko08mzy8nxScbLcKFxGTQFYoGmpj5nKOsw
xJTzBP/s5BpcTEpUbexJy5qBi4w8+wRpQl3qAM/Zcp+lRtxdOcs9kKdvL8jQ8GBS
YGI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org