Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KfqJdwLMjw8qI-zs6K4khXIp7mU.roa
File: KfqJdwLMjw8qI-zs6K4khXIp7mU.roa (raw, json)
Hash identifier: LnceZinwwi8/8z4i6oIsp0L89/ReVJBmO6Xi1wMI6rE=
Subject key identifier: 29:FA:89:77:02:CC:8F:0F:2A:23:EC:EC:E8:AE:24:85:72:29:EE:65
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4BCB3B4444A36D7B75866AF48717BB63
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KfqJdwLMjw8qI-zs6K4khXIp7mU.roa
Signing time: Thu 31 Aug 2023 13:32:04 +0000
ROA not before: Thu 31 Aug 2023 13:32:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:cb:3b:44:44:a3:6d:7b:75:86:6a:f4:87:17:bb:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 13:32:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29fa897702cc8f0f2a23ecece8ae24857229ee65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:df:40:30:a3:61:0f:42:7c:49:c2:6b:a7:a3:
db:6f:e4:13:76:d4:60:4f:87:53:63:d9:36:0f:da:
e9:62:a6:b8:f2:72:1c:d1:5f:0c:38:09:72:43:7c:
dc:38:f6:3d:ec:cb:f0:90:d0:85:9f:e7:56:7f:8e:
d3:5d:2a:7c:1e:73:ae:cb:ea:48:e9:70:35:16:ad:
8b:b8:6e:f7:47:4f:e5:5f:20:84:6e:ff:42:d5:31:
25:89:15:e0:c0:78:3c:93:35:b5:47:6b:62:af:f1:
0a:83:d4:55:70:15:5b:cc:7e:19:6a:96:91:e6:0c:
df:1d:76:db:0a:bf:77:fa:92:58:40:a2:97:93:d5:
de:36:db:85:99:3c:e7:a5:4f:7f:f9:60:1c:42:67:
8c:12:bc:4a:a5:23:5b:8f:96:e3:b5:5d:eb:d3:2b:
a1:0e:92:12:0f:5d:02:eb:04:cb:c5:d5:15:53:bd:
f5:de:02:98:9f:2d:82:25:9b:8e:e9:bb:ab:f2:36:
39:0b:97:30:3e:d0:40:5a:94:bd:87:b2:42:8d:c3:
87:51:ec:22:92:ca:d1:c8:12:56:b1:91:95:43:74:
90:b6:1c:44:2b:04:3b:32:b1:49:f1:e5:9a:53:bf:
23:f0:f3:66:c2:2f:25:b7:60:b8:73:51:92:30:9d:
51:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:FA:89:77:02:CC:8F:0F:2A:23:EC:EC:E8:AE:24:85:72:29:EE:65
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KfqJdwLMjw8qI-zs6K4khXIp7mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:d7:f1:be:69:4c:8e:97:b4:d4:ae:12:cc:9d:a2:03:91:25:
98:83:bc:62:a6:30:ae:ab:0c:9e:91:d0:b7:a9:70:da:9f:df:
7b:06:cb:47:2e:d2:cd:8d:92:4d:10:20:5d:db:64:4b:68:80:
34:2f:2c:62:5e:83:56:81:45:92:d0:a5:70:ea:8c:d9:29:71:
74:e8:a0:38:c0:99:69:bf:1b:14:2a:f3:03:a4:83:a1:19:39:
a9:a6:c3:3b:3c:02:24:6d:ea:ed:40:0c:ca:ff:15:2c:1a:0d:
f2:77:1a:47:1e:f1:d3:63:93:a4:27:f2:6f:b4:f6:68:35:33:
5d:ff:a2:62:ac:43:36:73:fc:d0:c9:9b:e0:5e:b3:80:58:b5:
f4:e8:f6:f3:4c:ec:c2:71:f1:b4:81:f7:98:0b:1c:92:a1:37:
d5:32:c0:e6:a4:37:13:b9:c0:e0:a6:05:fa:ae:90:fc:1b:d2:
a2:41:8e:33:6b:5a:c1:3f:fe:07:f0:4b:28:80:39:43:0a:12:
f8:14:b9:41:cd:e0:6b:df:3d:cd:ab:f0:64:80:e4:f2:2a:a7:
98:b7:a7:cd:5c:21:89:e5:12:b4:89:fa:4d:87:08:dc:4a:11:
63:d6:62:18:bb:a4:10:74:17:e2:f9:38:74:88:13:82:d5:70:
9f:ed:cc:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpLyztERKNte3WGavSHF7tjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMTMzMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWZhODk3NzAyY2M4ZjBmMmEyM2VjZWNlOGFlMjQ4NTcyMjllZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsN9AMKNhD0J8ScJrp6Pbb+QTdtRg
T4dTY9k2D9rpYqa48nIc0V8MOAlyQ3zcOPY97MvwkNCFn+dWf47TXSp8HnOuy+pI
6XA1Fq2LuG73R0/lXyCEbv9C1TEliRXgwHg8kzW1R2tir/EKg9RVcBVbzH4ZapaR
5gzfHXbbCr93+pJYQKKXk9XeNtuFmTznpU9/+WAcQmeMErxKpSNbj5bjtV3r0yuh
DpISD10C6wTLxdUVU7313gKYny2CJZuO6bur8jY5C5cwPtBAWpS9h7JCjcOHUewi
ksrRyBJWsZGVQ3SQthxEKwQ7MrFJ8eWaU78j8PNmwi8lt2C4c1GSMJ1RSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCn6iXcCzI8PKiPs7OiuJIVyKe5lMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvS2ZxSmR3TE1qdzhxSS16czZLNGtoWElwN21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHnX8b5pTI6XtNSuEsyd
ogORJZiDvGKmMK6rDJ6R0LepcNqf33sGy0cu0s2Nkk0QIF3bZEtogDQvLGJeg1aB
RZLQpXDqjNkpcXTooDjAmWm/GxQq8wOkg6EZOammwzs8AiRt6u1ADMr/FSwaDfJ3
Gkce8dNjk6Qn8m+09mg1M13/omKsQzZz/NDJm+Bes4BYtfTo9vNM7MJx8bSB95gL
HJKhN9UywOakNxO5wOCmBfqukPwb0qJBjjNrWsE//gfwSyiAOUMKEvgUuUHN4Gvf
Pc2r8GSA5PIqp5i3p81cIYnlErSJ+k2HCNxKEWPWYhi7pBB0F+L5OHSIE4LVcJ/t
zG0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:56 2024 by rpki-client on console-fra.rpki-client.org