Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/IGMGk80t6cYevP-3FmLf8YYNJ8M.roa
File: IGMGk80t6cYevP-3FmLf8YYNJ8M.roa (raw, json)
Hash identifier: +yo9KcgX4YQEWZitDC3iaq/7ibKjrtyjoyJkRu8CKhI=
Subject key identifier: 20:63:06:93:CD:2D:E9:C6:1E:BC:FF:B7:16:62:DF:F1:86:0D:27:C3
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8574F84C35B6D74B0E4231C3CD56AF34
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/IGMGk80t6cYevP-3FmLf8YYNJ8M.roa
Signing time: Mon 11 Sep 2023 18:15:50 +0000
ROA not before: Mon 11 Sep 2023 18:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:85:74:f8:4c:35:b6:d7:4b:0e:42:31:c3:cd:56:af:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 18:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20630693cd2de9c61ebcffb71662dff1860d27c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f8:27:66:05:f3:37:50:a6:e4:62:5e:7c:4e:
8f:8f:62:f6:bc:40:2a:27:a0:f6:d1:2d:1d:12:b6:
a3:81:39:24:57:02:57:e0:bc:3a:b9:64:a0:71:15:
7b:a8:09:1d:74:03:f5:ac:81:6d:bc:71:32:fc:2e:
42:42:cf:06:b6:09:6b:07:85:96:55:c0:ed:91:24:
8b:a2:15:cf:3f:b3:39:6c:ea:ba:63:d2:1b:72:27:
1d:61:17:80:c3:3f:55:d4:cf:d7:3b:bc:76:89:c2:
10:04:7c:a1:6a:dd:94:30:91:e4:9d:f1:23:a2:71:
cf:ba:a4:cb:75:81:37:0f:2e:72:6d:2a:0f:da:7f:
95:c2:a5:88:dd:75:5a:26:13:66:9a:fd:fa:71:aa:
dd:3e:e2:7b:74:78:c5:55:a9:67:ac:0d:41:36:64:
59:b1:13:9b:5f:da:5b:81:bf:c7:91:64:88:f5:82:
a2:91:1b:79:43:3e:2d:6e:b9:af:db:67:05:6f:05:
c7:93:55:55:57:d0:d5:b1:b9:74:41:8c:e2:dd:0e:
75:7a:34:ec:61:e0:83:a0:2d:c6:41:42:03:dd:c8:
b0:04:49:98:77:43:db:e9:a7:36:61:02:36:60:54:
93:08:32:64:c7:ea:b8:1a:22:22:b7:fc:b9:9c:59:
31:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:63:06:93:CD:2D:E9:C6:1E:BC:FF:B7:16:62:DF:F1:86:0D:27:C3
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/IGMGk80t6cYevP-3FmLf8YYNJ8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:c4:8a:3e:86:d4:b1:a7:bb:b6:17:d7:22:4e:3c:94:44:41:
19:7e:8f:19:7f:5a:4f:fe:da:4d:41:aa:fb:90:cd:40:c4:ad:
6f:64:7c:c1:7e:01:b2:be:4a:f4:45:b4:d0:96:f9:38:73:04:
8b:60:2a:ed:c0:cf:44:5a:58:57:fd:43:35:35:e0:89:c5:31:
91:54:7b:ec:d4:2a:90:db:d5:ec:85:5e:49:71:d5:13:b3:c5:
60:aa:c8:41:86:64:5d:2c:b0:81:ac:db:c8:78:cb:cd:bb:eb:
38:2f:d0:28:1b:07:46:9b:bd:66:aa:a7:01:4c:b6:9c:1b:d0:
73:8c:4e:c6:d2:01:da:20:43:c8:e5:19:56:a7:13:c6:6d:88:
34:d2:73:1a:c3:6f:ef:0e:a3:1e:e2:4e:58:d9:39:10:91:75:
5e:35:28:0b:e3:bc:ad:14:ff:27:14:ab:7d:39:3e:66:25:d3:
5b:23:6e:64:fe:5d:86:2d:e9:ca:4c:7e:3b:a1:12:b3:7d:c0:
59:4b:55:dc:e4:a2:8a:81:9b:ea:c1:f0:27:8c:e4:2f:3c:60:
c1:ea:53:e1:00:2a:5e:a0:5b:48:f0:ac:4c:d9:0e:3b:2a:8a:
da:a9:4a:0e:00:2c:47:f6:60:cb:55:ad:ea:90:16:a0:76:26:
23:87:e8:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqFdPhMNbbXSw5CMcPNVq80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMTgxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDYzMDY5M2NkMmRlOWM2MWViY2ZmYjcxNjYyZGZmMTg2MGQyN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/gnZgXzN1Cm5GJefE6Pj2L2vEAq
J6D20S0dErajgTkkVwJX4Lw6uWSgcRV7qAkddAP1rIFtvHEy/C5CQs8GtglrB4WW
VcDtkSSLohXPP7M5bOq6Y9IbcicdYReAwz9V1M/XO7x2icIQBHyhat2UMJHknfEj
onHPuqTLdYE3Dy5ybSoP2n+VwqWI3XVaJhNmmv36cardPuJ7dHjFValnrA1BNmRZ
sRObX9pbgb/HkWSI9YKikRt5Qz4tbrmv22cFbwXHk1VVV9DVsbl0QYzi3Q51ejTs
YeCDoC3GQUID3ciwBEmYd0Pb6ac2YQI2YFSTCDJkx+q4GiIit/y5nFkxuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCBjBpPNLenGHrz/txZi3/GGDSfDMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvSUdNR2s4MHQ2Y1lldlAtM0ZtTGY4WVlOSjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB3Eij6G1LGnu7YX1yJO
PJREQRl+jxl/Wk/+2k1BqvuQzUDErW9kfMF+AbK+SvRFtNCW+ThzBItgKu3Az0Ra
WFf9QzU14InFMZFUe+zUKpDb1eyFXklx1ROzxWCqyEGGZF0ssIGs28h4y8276zgv
0CgbB0abvWaqpwFMtpwb0HOMTsbSAdogQ8jlGVanE8ZtiDTScxrDb+8Oox7iTljZ
ORCRdV41KAvjvK0U/ycUq305PmYl01sjbmT+XYYt6cpMfjuhErN9wFlLVdzkooqB
m+rB8CeM5C88YMHqU+EAKl6gW0jwrEzZDjsqitqpSg4ALEf2YMtVreqQFqB2JiOH
6BQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:56 2024 by rpki-client on console-fra.rpki-client.org