Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CoKNSjdgik0meBw9r1fQgl4B23I.roa
File: CoKNSjdgik0meBw9r1fQgl4B23I.roa (raw, json)
Hash identifier: wdGYmx9BRHjeE8xIJLxgbLSeXoNIwkAvc1wjkgKctCo=
Subject key identifier: 0A:82:8D:4A:37:60:8A:4D:26:78:1C:3D:AF:57:D0:82:5E:01:DB:72
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6BE7977832333DBBC416C459ACF662D6
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CoKNSjdgik0meBw9r1fQgl4B23I.roa
Signing time: Wed 06 Sep 2023 19:10:54 +0000
ROA not before: Wed 06 Sep 2023 19:10:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6b:e7:97:78:32:33:3d:bb:c4:16:c4:59:ac:f6:62:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 19:10:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a828d4a37608a4d26781c3daf57d0825e01db72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a9:dc:57:bf:1b:80:7d:50:00:c0:6c:af:fd:
30:0f:3d:11:80:0a:de:a9:cc:ce:0b:f9:a4:47:46:
89:40:12:3f:7d:be:0f:85:de:e7:9a:03:34:ea:17:
45:4b:b8:3b:4e:c7:70:ab:8a:57:16:5f:10:0c:22:
cf:95:01:9b:a8:43:9a:7e:60:7e:be:f9:d4:9f:6c:
e1:8f:47:56:87:56:c4:85:24:0a:9b:1d:bb:27:26:
5f:1c:ff:c9:c9:ea:ef:04:9f:31:0c:cb:50:f2:39:
7d:5a:ac:a7:30:fa:8f:04:df:16:66:5f:65:a5:79:
3b:60:0f:73:5f:e2:7c:b2:5e:88:ff:d2:5d:ca:10:
0f:fb:dc:f8:5e:42:14:8d:47:16:cb:fc:e4:cd:13:
6e:ac:c0:e7:09:b7:d2:7a:88:dd:e1:79:e4:0c:62:
59:d7:b4:de:3d:25:d7:0a:a9:84:d7:8f:13:b2:17:
fa:78:87:63:a8:85:ea:82:74:4a:31:70:bc:4e:dc:
af:c4:66:7e:35:46:48:2b:99:71:ff:60:a2:2c:2e:
0c:7f:fa:ad:cc:c2:dd:83:1e:d2:72:2c:2b:6a:d9:
1b:c3:f4:7d:1d:f9:d0:b1:e0:d2:b3:5c:60:69:e3:
6b:29:8b:5a:3f:9c:d1:51:04:54:90:48:16:18:98:
28:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:82:8D:4A:37:60:8A:4D:26:78:1C:3D:AF:57:D0:82:5E:01:DB:72
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/CoKNSjdgik0meBw9r1fQgl4B23I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:02:64:3d:ca:59:a9:12:54:81:e5:b6:dc:48:ec:32:ac:64:
a6:6d:a6:4b:af:af:11:6d:03:03:f5:8c:ff:f9:1e:68:c7:07:
46:15:7c:b2:41:83:74:20:fb:a4:8d:a9:d7:d9:16:7e:9d:16:
8b:d1:3f:6b:21:eb:e7:f1:3b:60:34:4a:d5:75:7b:a7:1b:a3:
b9:97:c8:b5:bc:fe:d7:82:b3:6e:f7:0d:b2:e8:b9:7a:1d:56:
51:20:5b:3b:89:ea:9e:9e:51:ff:85:04:6c:b4:a2:96:ca:13:
54:72:9b:c2:74:3d:37:70:cc:70:3f:78:dd:96:08:0a:f5:ea:
0f:e6:86:c9:89:92:80:f4:81:4c:06:c7:69:68:56:fb:76:22:
de:c0:39:15:a2:bb:a1:b9:38:b3:f6:69:92:3d:ef:01:ff:d6:
5e:65:4e:fa:16:d2:24:16:64:8d:81:1b:26:dc:c6:ad:79:30:
05:9e:4a:1f:c1:f5:d5:36:97:3c:90:83:97:e2:d3:44:da:e8:
89:4b:22:b2:ce:7a:0b:29:f8:58:1b:b1:66:5a:73:39:4c:e2:
25:1e:e6:5d:f7:85:6e:3f:bb:8b:90:87:55:77:27:29:4c:f0:
3d:65:cd:40:63:d6:d7:af:c4:f2:c5:f9:a8:63:23:9b:9d:67:
22:a2:42:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpr55d4MjM9u8QWxFms9mLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MTkxMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTgyOGQ0YTM3NjA4YTRkMjY3ODFjM2RhZjU3ZDA4MjVlMDFkYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6ncV78bgH1QAMBsr/0wDz0RgAre
qczOC/mkR0aJQBI/fb4Phd7nmgM06hdFS7g7Tsdwq4pXFl8QDCLPlQGbqEOafmB+
vvnUn2zhj0dWh1bEhSQKmx27JyZfHP/JyervBJ8xDMtQ8jl9WqynMPqPBN8WZl9l
pXk7YA9zX+J8sl6I/9JdyhAP+9z4XkIUjUcWy/zkzRNurMDnCbfSeojd4XnkDGJZ
17TePSXXCqmE148Tshf6eIdjqIXqgnRKMXC8TtyvxGZ+NUZIK5lx/2CiLC4Mf/qt
zMLdgx7Sciwratkbw/R9HfnQseDSs1xgaeNrKYtaP5zRUQRUkEgWGJgoLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAqCjUo3YIpNJngcPa9X0IJeAdtyMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQ29LTlNqZGdpazBtZUJ3OXIxZlFnbDRCMjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABQCZD3KWakSVIHlttxI
7DKsZKZtpkuvrxFtAwP1jP/5HmjHB0YVfLJBg3Qg+6SNqdfZFn6dFovRP2sh6+fx
O2A0StV1e6cbo7mXyLW8/teCs273DbLouXodVlEgWzuJ6p6eUf+FBGy0opbKE1Ry
m8J0PTdwzHA/eN2WCAr16g/mhsmJkoD0gUwGx2loVvt2It7AORWiu6G5OLP2aZI9
7wH/1l5lTvoW0iQWZI2BGybcxq15MAWeSh/B9dU2lzyQg5fi00Ta6IlLIrLOegsp
+FgbsWZaczlM4iUe5l33hW4/u4uQh1V3JylM8D1lzUBj1tevxPLF+ahjI5udZyKi
QuY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:55 2024 by rpki-client on console-fra.rpki-client.org