Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/DKblEvAGr4GPxbTlvmY0O1Iq2xY.roa
File: DKblEvAGr4GPxbTlvmY0O1Iq2xY.roa (raw, json)
Hash identifier: 4UUsrzza49TKn6ffunbX30tBeKoN488zQ66t60tB930=
Subject key identifier: 0C:A6:E5:12:F0:06:AF:81:8F:C5:B4:E5:BE:66:34:3B:52:2A:DB:16
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A93946341CBE67DB8344C048AF483286A
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/DKblEvAGr4GPxbTlvmY0O1Iq2xY.roa
Signing time: Thu 14 Sep 2023 12:04:50 +0000
ROA not before: Thu 14 Sep 2023 12:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:9394:3064/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:94:63:41:cb:e6:7d:b8:34:4c:04:8a:f4:83:28:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 14 12:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ca6e512f006af818fc5b4e5be66343b522adb16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:02:ac:86:61:04:9a:4b:6c:60:b2:9c:cc:7b:
8c:e0:c8:c6:f9:87:f1:89:77:0c:65:4d:3a:b0:f0:
6a:d8:6d:7e:28:12:5b:6d:96:81:e1:b8:13:39:5d:
e6:d7:68:9b:ad:96:ca:7d:74:d7:d5:6a:25:6e:4a:
a5:96:bd:94:0e:74:5d:5d:1a:c2:91:f5:85:d2:f2:
43:29:27:f0:0f:30:4c:01:79:62:44:7f:6d:ef:ad:
92:89:56:6a:58:3a:96:d8:ad:cc:0b:a0:e2:4b:06:
f7:83:a4:29:b1:ca:dc:e1:2d:28:3b:90:5d:d8:93:
21:47:d2:51:34:ab:c6:c2:61:9f:aa:2e:03:c3:bb:
c5:d6:d2:6f:1c:81:c8:f8:34:d9:6e:19:fb:4d:51:
fe:f9:29:3b:55:d9:7a:e8:0e:86:c3:a8:0f:ee:76:
01:2c:b3:2b:58:6a:f9:b7:dd:e2:95:ef:fb:67:f5:
4b:04:66:2c:c0:c4:e2:28:18:4f:6e:03:28:ff:41:
4c:dd:7b:2d:7c:ff:cd:af:9a:b0:db:1c:d3:67:d1:
eb:23:f4:da:65:f9:2b:5b:a2:d7:ed:fb:92:ab:6f:
99:51:57:18:1c:1c:38:2d:72:f3:17:7f:95:10:8d:
a1:7b:25:1a:bf:9e:89:66:66:77:4e:78:42:42:02:
af:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A6:E5:12:F0:06:AF:81:8F:C5:B4:E5:BE:66:34:3B:52:2A:DB:16
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/DKblEvAGr4GPxbTlvmY0O1Iq2xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:af:25:ac:8a:a4:3a:73:0b:51:63:98:eb:56:a0:19:7a:da:
60:d7:bc:ac:b8:a4:32:da:40:78:70:81:aa:23:91:3e:a6:e7:
47:33:f7:a7:b0:12:8e:06:96:50:bb:32:20:d3:63:e9:dd:8a:
95:1d:a6:66:a0:22:f1:ba:3d:fc:14:d2:e6:5c:ee:64:d1:2d:
2e:84:26:8d:08:63:3b:55:dd:0e:24:90:02:d0:b1:12:49:5d:
0c:60:d0:90:ca:8f:cd:a0:2c:7a:54:8c:81:0b:b5:b9:02:23:
82:48:33:d8:60:d6:20:0d:30:45:d9:2d:a9:95:26:28:98:6c:
6c:95:74:98:31:8a:de:4a:d9:49:3d:8e:93:0e:4b:fb:e5:95:
33:c9:eb:f2:54:f1:55:37:ee:50:3a:54:e4:a1:73:52:89:8d:
ce:3e:85:c3:6c:7d:2c:ab:37:12:5e:13:ac:3b:86:94:5b:40:
41:05:9f:ec:21:64:57:b6:67:c1:dc:9d:fc:28:8a:1e:06:25:
68:1b:eb:e8:b2:2c:31:f4:39:e2:43:0c:6d:0d:ef:0e:26:1a:
bc:f3:6f:41:9d:4e:e2:2b:6a:7b:70:f1:7e:52:1d:3c:60:8a:
1b:17:bc:43:e4:40:4c:21:21:ad:12:99:3e:83:e9:aa:94:ae:
b2:e5:de:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqTlGNBy+Z9uDRMBIr0gyhqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE0MTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2E2ZTUxMmYwMDZhZjgxOGZjNWI0ZTViZTY2MzQzYjUyMmFkYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQKshmEEmktsYLKczHuM4MjG+Yfx
iXcMZU06sPBq2G1+KBJbbZaB4bgTOV3m12ibrZbKfXTX1Wolbkqllr2UDnRdXRrC
kfWF0vJDKSfwDzBMAXliRH9t762SiVZqWDqW2K3MC6DiSwb3g6Qpscrc4S0oO5Bd
2JMhR9JRNKvGwmGfqi4Dw7vF1tJvHIHI+DTZbhn7TVH++Sk7Vdl66A6Gw6gP7nYB
LLMrWGr5t93ile/7Z/VLBGYswMTiKBhPbgMo/0FM3XstfP/Nr5qw2xzTZ9HrI/Ta
ZfkrW6LX7fuSq2+ZUVcYHBw4LXLzF3+VEI2heyUav56JZmZ3TnhCQgKvBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAym5RLwBq+Bj8W05b5mNDtSKtsWMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvREtibEV2QUdyNEdQeGJUbHZtWTBPMUlxMnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACKvJayKpDpzC1FjmOtW
oBl62mDXvKy4pDLaQHhwgaojkT6m50cz96ewEo4GllC7MiDTY+ndipUdpmagIvG6
PfwU0uZc7mTRLS6EJo0IYztV3Q4kkALQsRJJXQxg0JDKj82gLHpUjIELtbkCI4JI
M9hg1iANMEXZLamVJiiYbGyVdJgxit5K2Uk9jpMOS/vllTPJ6/JU8VU37lA6VOSh
c1KJjc4+hcNsfSyrNxJeE6w7hpRbQEEFn+whZFe2Z8Hcnfwoih4GJWgb6+iyLDH0
OeJDDG0N7w4mGrzzb0GdTuIrantw8X5SHTxgihsXvEPkQEwhIa0SmT6D6aqUrrLl
3hY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org