Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/D0yXVHlyAVXxy3jYZftOaZgZq9s.roa
File: D0yXVHlyAVXxy3jYZftOaZgZq9s.roa (raw, json)
Hash identifier: HApIbGYN5hGODAhAdah+Vg3i0PGfwq+p9bXPGJ1RgWM=
Subject key identifier: 0F:4C:97:54:79:72:01:55:F1:CB:78:D8:65:FB:4E:69:98:19:AB:DB
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A51519F9A0B5C56018AE9968A585FA9E1
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/D0yXVHlyAVXxy3jYZftOaZgZq9s.roa
Signing time: Fri 01 Sep 2023 15:16:58 +0000
ROA not before: Fri 01 Sep 2023 15:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:51:51:9f:9a:0b:5c:56:01:8a:e9:96:8a:58:5f:a9:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 15:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f4c975479720155f1cb78d865fb4e699819abdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:12:1b:4d:84:04:cc:50:f4:44:0e:4e:3d:87:
91:bc:8f:e6:eb:cd:a5:e1:d9:84:d6:c2:7b:22:10:
96:ec:67:a2:f5:60:57:9a:40:1f:65:3a:8f:f3:e4:
0c:a2:52:e5:eb:dd:1f:79:8a:40:fe:38:d6:2c:02:
e1:7b:f9:19:7f:b1:3c:e8:12:71:e3:6f:57:09:8a:
fc:cd:18:61:18:9c:ff:83:8c:b7:ee:4b:06:85:56:
8b:b3:65:46:31:6f:95:f9:35:0d:ea:f2:9b:12:88:
7c:14:28:36:31:dc:f4:eb:8d:20:71:55:c3:cc:c8:
1a:bb:ba:4e:03:93:db:10:23:23:32:40:9d:a2:c8:
ab:b7:18:bf:72:b9:aa:18:40:73:d2:b6:4c:90:3a:
10:aa:ca:27:63:23:7e:ed:ba:6b:09:a7:29:db:68:
e6:dd:60:ac:cc:a9:78:36:90:80:4b:b9:4e:32:e6:
23:a3:87:64:23:13:b9:24:48:db:d1:a2:04:94:da:
31:4f:9e:7b:d8:67:07:e7:2d:a4:96:2c:66:1d:29:
c8:dd:66:9d:f0:77:5f:1e:bc:1d:c1:f4:83:92:a9:
e3:3e:77:7f:91:e2:a9:02:fd:5d:31:82:70:ad:5f:
24:61:e2:13:bd:e3:4b:de:05:83:cb:eb:66:ea:a0:
2a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:4C:97:54:79:72:01:55:F1:CB:78:D8:65:FB:4E:69:98:19:AB:DB
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/D0yXVHlyAVXxy3jYZftOaZgZq9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:a0:9c:c5:af:52:ba:0c:d9:48:2c:09:25:f1:3a:15:39:1e:
8d:a5:fe:00:88:7d:f8:ce:8b:5e:48:21:2a:9f:44:3b:16:30:
0e:c8:da:8c:23:eb:c8:61:13:37:67:52:bb:ae:9b:62:1d:02:
8d:be:17:45:fd:37:43:69:80:77:9d:67:d6:4f:8f:92:28:93:
8a:83:21:e1:22:88:64:1a:a6:6c:de:6b:cc:2c:8f:05:db:65:
32:f6:98:d9:43:8f:b2:6c:09:dd:d0:55:fe:f4:ec:35:d3:f2:
93:81:41:eb:e6:c8:0d:85:5e:71:50:f6:1e:6b:6f:45:38:96:
28:48:f9:b6:92:d7:7c:72:62:90:32:73:eb:ca:d5:65:3f:80:
9b:06:58:c7:2c:2e:cb:49:dd:bb:e4:42:04:c5:a3:75:9d:5f:
81:66:17:db:0f:06:72:c7:1c:a6:79:2a:c1:5e:75:af:1a:c4:
b6:53:95:55:99:a7:66:67:e5:06:f5:9d:8d:55:06:86:5b:12:
79:c5:a5:2c:97:1e:98:bf:9c:34:b5:4e:1b:71:c1:3b:1f:9a:
e1:82:93:c0:33:64:68:20:5a:b0:97:1c:1e:8c:54:6b:33:82:
c0:0c:35:8c:50:42:fc:82:84:3e:53:18:20:e4:45:56:68:18:
79:14:76:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpRUZ+aC1xWAYrplopYX6nhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMTUxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjRjOTc1NDc5NzIwMTU1ZjFjYjc4ZDg2NWZiNGU2OTk4MTlhYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBIbTYQEzFD0RA5OPYeRvI/m682l
4dmE1sJ7IhCW7Gei9WBXmkAfZTqP8+QMolLl690feYpA/jjWLALhe/kZf7E86BJx
429XCYr8zRhhGJz/g4y37ksGhVaLs2VGMW+V+TUN6vKbEoh8FCg2Mdz0640gcVXD
zMgau7pOA5PbECMjMkCdosirtxi/crmqGEBz0rZMkDoQqsonYyN+7bprCacp22jm
3WCszKl4NpCAS7lOMuYjo4dkIxO5JEjb0aIElNoxT5572GcH5y2klixmHSnI3Wad
8HdfHrwdwfSDkqnjPnd/keKpAv1dMYJwrV8kYeITveNL3gWDy+tm6qAqOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA9Ml1R5cgFV8ct42GX7TmmYGavbMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvRDB5WFZIbHlBVlh4eTNqWVpmdE9hWmdacTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADGgnMWvUroM2UgsCSXx
OhU5Ho2l/gCIffjOi15IISqfRDsWMA7I2owj68hhEzdnUruum2IdAo2+F0X9N0Np
gHedZ9ZPj5Iok4qDIeEiiGQapmzea8wsjwXbZTL2mNlDj7JsCd3QVf707DXT8pOB
QevmyA2FXnFQ9h5rb0U4lihI+baS13xyYpAyc+vK1WU/gJsGWMcsLstJ3bvkQgTF
o3WdX4FmF9sPBnLHHKZ5KsFeda8axLZTlVWZp2Zn5Qb1nY1VBoZbEnnFpSyXHpi/
nDS1ThtxwTsfmuGCk8AzZGggWrCXHB6MVGszgsAMNYxQQvyChD5TGCDkRVZoGHkU
dl0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:56 2024 by rpki-client on console-fra.rpki-client.org