Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Cl0TVkX6zoqdwYupcYj4ik-dnB0.roa
File: Cl0TVkX6zoqdwYupcYj4ik-dnB0.roa (raw, json)
Hash identifier: Bd+cyHj9oRxNtRgduIJhxwQ1/RKH9hE2ewAUlu2c9Kw=
Subject key identifier: 0A:5D:13:56:45:FA:CE:8A:9D:C1:8B:A9:71:88:F8:8A:4F:9D:9C:1D
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4E1D681C29388FC9473230797449D1B3
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Cl0TVkX6zoqdwYupcYj4ik-dnB0.roa
Signing time: Fri 01 Sep 2023 00:21:04 +0000
ROA not before: Fri 01 Sep 2023 00:21:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4e:1d:68:1c:29:38:8f:c9:47:32:30:79:74:49:d1:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 00:21:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a5d135645face8a9dc18ba97188f88a4f9d9c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:13:82:b8:88:18:e4:85:38:58:e2:e7:62:3c:
57:5b:6e:53:b1:25:57:f8:21:55:b6:da:0d:f6:38:
86:63:71:2c:3d:7d:8d:26:48:bb:a0:82:dc:10:22:
df:03:ce:02:cb:0c:58:9f:b6:af:5d:1e:88:66:dc:
26:c5:44:6a:f5:5b:61:1f:0c:cc:6e:9b:d7:af:26:
6a:88:f2:29:93:44:7f:c8:6b:d3:07:39:e8:57:e6:
a1:ca:fe:c5:2a:f3:fe:0a:0e:6c:ec:49:28:6f:a6:
2d:93:25:b4:8f:92:b6:f1:26:84:fc:a4:c3:06:42:
0c:ca:4d:8c:6d:10:5b:75:76:39:16:d0:90:e9:cf:
93:7a:95:24:e6:5d:83:86:1f:28:6b:96:21:d8:3f:
d9:b0:1b:36:e6:74:6b:9b:a0:27:5f:d9:a6:f4:1c:
87:2e:72:21:10:14:50:2b:d9:b9:f6:59:13:59:86:
7a:df:ec:03:d7:0c:80:18:34:1d:58:42:e2:6d:64:
01:56:44:ad:05:1f:d2:30:43:47:e7:4a:de:e9:db:
ec:32:01:0e:02:29:a7:d9:a3:5e:6e:31:f3:14:a7:
48:5d:b8:88:7c:ac:b9:fa:df:6c:ea:f4:75:a4:42:
27:3b:e0:ff:23:db:98:5f:7b:17:0b:39:c9:2a:53:
62:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:5D:13:56:45:FA:CE:8A:9D:C1:8B:A9:71:88:F8:8A:4F:9D:9C:1D
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Cl0TVkX6zoqdwYupcYj4ik-dnB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:2f:e0:34:7e:7c:c2:62:60:03:ff:88:1d:be:d4:e9:d4:db:
37:04:04:d2:e1:9d:5b:58:6c:3d:db:b9:14:b3:ec:f0:c0:98:
82:92:74:0b:9a:b4:e7:fb:83:95:bc:02:69:33:6c:5e:43:55:
cc:9e:a0:45:93:16:a1:0b:d5:33:6a:17:18:88:12:24:32:ce:
a4:2c:09:7b:10:63:60:b3:63:78:f8:8e:b4:17:59:19:c9:22:
74:4b:dd:0f:ce:1f:9b:83:5a:17:2e:86:20:a6:a2:8d:ac:98:
d4:95:08:56:91:d9:9d:00:26:e0:c9:f9:0b:75:1a:6f:7b:f5:
59:1f:09:89:45:ca:f7:7b:96:a7:43:20:7d:cc:98:20:8c:e2:
55:34:44:9d:05:97:33:d7:e9:f2:f8:ec:c5:3b:1a:61:35:75:
51:1d:ed:4b:a9:03:dd:c6:9f:d6:8d:2a:b3:07:66:3e:50:ac:
d4:26:ac:31:2f:fd:09:69:9c:1a:bc:c6:db:34:4b:fe:0c:a1:
94:d2:ab:ac:3f:47:c6:c6:af:c4:00:0b:a2:e4:79:96:cf:77:
26:65:87:18:a0:ca:0d:e0:df:68:ca:53:af:15:c5:7f:9a:f1:
c6:4d:b7:bf:01:0e:dd:bd:18:8f:38:20:ab:8c:72:62:19:d8:
54:36:6a:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpOHWgcKTiPyUcyMHl0SdGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMDAyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTVkMTM1NjQ1ZmFjZThhOWRjMThiYTk3MTg4Zjg4YTRmOWQ5YzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxROCuIgY5IU4WOLnYjxXW25TsSVX
+CFVttoN9jiGY3EsPX2NJki7oILcECLfA84CywxYn7avXR6IZtwmxURq9VthHwzM
bpvXryZqiPIpk0R/yGvTBznoV+ahyv7FKvP+Cg5s7Ekob6YtkyW0j5K28SaE/KTD
BkIMyk2MbRBbdXY5FtCQ6c+TepUk5l2Dhh8oa5Yh2D/ZsBs25nRrm6AnX9mm9ByH
LnIhEBRQK9m59lkTWYZ63+wD1wyAGDQdWELibWQBVkStBR/SMENH50re6dvsMgEO
Aimn2aNebjHzFKdIXbiIfKy5+t9s6vR1pEInO+D/I9uYX3sXCznJKlNiAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFApdE1ZF+s6KncGLqXGI+IpPnZwdMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQ2wwVFZrWDZ6b3Fkd1l1cGNZajRpay1kbkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA0v4DR+fMJiYAP/iB2+
1OnU2zcEBNLhnVtYbD3buRSz7PDAmIKSdAuatOf7g5W8AmkzbF5DVcyeoEWTFqEL
1TNqFxiIEiQyzqQsCXsQY2CzY3j4jrQXWRnJInRL3Q/OH5uDWhcuhiCmoo2smNSV
CFaR2Z0AJuDJ+Qt1Gm979VkfCYlFyvd7lqdDIH3MmCCM4lU0RJ0FlzPX6fL47MU7
GmE1dVEd7UupA93Gn9aNKrMHZj5QrNQmrDEv/QlpnBq8xts0S/4MoZTSq6w/R8bG
r8QAC6LkeZbPdyZlhxigyg3g32jKU68VxX+a8cZNt78BDt29GI84IKuMcmIZ2FQ2
apA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:55 2024 by rpki-client on console-fra.rpki-client.org