Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KjpGXCK1iHGQXXW6qoAefTPY5uA.roa
File: KjpGXCK1iHGQXXW6qoAefTPY5uA.roa (raw, json)
Hash identifier: WzlWiStF7vMhLi+C95x5hHhj2IQeW2DURrd57jUMV44=
Subject key identifier: 2A:3A:46:5C:22:B5:88:71:90:5D:75:BA:AA:80:1E:7D:33:D8:E6:E0
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8FF5E033BC2AC08F4259FC77193EF6BC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KjpGXCK1iHGQXXW6qoAefTPY5uA.roa
Signing time: Wed 13 Sep 2023 19:12:50 +0000
ROA not before: Wed 13 Sep 2023 19:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8f:f5:e0:33:bc:2a:c0:8f:42:59:fc:77:19:3e:f6:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 19:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a3a465c22b58871905d75baaa801e7d33d8e6e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:33:48:2c:0d:31:04:b3:8a:bd:3a:70:83:ca:
4c:64:dd:86:b6:66:9f:33:47:16:66:91:70:62:86:
d7:3e:71:fc:4b:19:83:86:9a:d6:03:66:d6:43:6e:
53:8e:7c:f8:05:07:83:6d:30:9c:35:ed:47:16:45:
49:59:18:1e:c8:25:03:0d:5d:2c:8c:8b:bf:7d:f2:
8e:86:3d:d3:9f:c7:0a:8f:5d:ad:73:06:50:95:d9:
43:09:a4:5a:a3:3e:34:5c:6b:09:8b:e4:77:ce:ca:
be:61:30:7f:91:dc:c1:d3:16:2d:4a:42:96:58:a7:
1e:e8:a0:eb:07:cb:72:80:4a:e6:98:5e:46:1f:a0:
07:7b:cd:f2:1c:e1:f1:bd:43:cd:83:bc:ae:90:fa:
d5:bd:5d:47:2c:57:7a:f2:47:52:27:69:3a:68:75:
d1:e7:d4:b0:0c:b8:11:8b:9a:99:9a:43:a1:10:63:
91:36:dd:8e:ff:74:51:c3:80:fe:42:7b:11:d1:78:
a9:4f:fd:35:3d:52:c2:65:33:6f:57:de:e4:45:87:
54:86:34:a1:d7:5f:33:ec:23:6a:8d:dd:02:ff:d0:
2d:ea:97:12:e3:2d:7d:94:0e:66:63:57:d0:25:bd:
f3:c0:94:ce:c3:0c:53:bd:2b:73:42:a0:fc:c4:07:
6a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:3A:46:5C:22:B5:88:71:90:5D:75:BA:AA:80:1E:7D:33:D8:E6:E0
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KjpGXCK1iHGQXXW6qoAefTPY5uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:1f:aa:4c:81:93:e2:12:cc:25:83:98:e4:bb:a4:20:3a:ee:
a2:08:44:57:94:f9:11:1c:a6:18:c3:32:cb:4d:7a:2e:6b:19:
74:1e:c3:aa:cd:6f:70:f1:09:f2:06:28:4d:fb:0b:50:a5:3b:
5f:7a:d1:79:e9:7f:55:51:b4:73:d3:69:4c:49:ee:2f:1a:8f:
8f:04:19:bb:ea:5e:d1:0c:53:84:16:6b:10:19:c7:02:b0:48:
1b:5f:cc:8f:2d:0d:38:df:9e:c9:88:cc:de:87:60:fd:45:a3:
bd:b8:01:23:12:19:e8:e8:30:0d:13:10:3f:f3:51:98:6e:07:
74:17:2a:e5:d4:da:34:87:23:61:fe:d8:fc:dd:2c:9a:20:5e:
29:dc:d6:b7:f0:01:54:57:b3:40:96:6d:82:fa:fe:e6:74:6c:
d0:7c:a4:62:a2:c1:ba:1a:ee:00:90:77:23:09:15:d8:4a:24:
f6:39:7b:b4:8b:27:95:2b:6d:55:db:31:6c:8a:99:59:ba:3e:
fb:ff:13:6d:df:bd:5f:92:15:4a:f1:7e:14:4f:50:66:6f:48:
de:0a:3f:dc:27:7b:9a:39:21:a0:62:b0:a7:d7:7a:5a:c7:cf:
45:21:39:ff:82:dc:76:54:47:0b:bc:af:1e:3e:2a:da:9a:56:
58:b0:a3:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqP9eAzvCrAj0JZ/HcZPva8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMTkxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTNhNDY1YzIyYjU4ODcxOTA1ZDc1YmFhYTgwMWU3ZDMzZDhlNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDNILA0xBLOKvTpwg8pMZN2Gtmaf
M0cWZpFwYobXPnH8SxmDhprWA2bWQ25Tjnz4BQeDbTCcNe1HFkVJWRgeyCUDDV0s
jIu/ffKOhj3Tn8cKj12tcwZQldlDCaRaoz40XGsJi+R3zsq+YTB/kdzB0xYtSkKW
WKce6KDrB8tygErmmF5GH6AHe83yHOHxvUPNg7yukPrVvV1HLFd68kdSJ2k6aHXR
59SwDLgRi5qZmkOhEGORNt2O/3RRw4D+QnsR0XipT/01PVLCZTNvV97kRYdUhjSh
118z7CNqjd0C/9At6pcS4y19lA5mY1fQJb3zwJTOwwxTvStzQqD8xAdq7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCo6RlwitYhxkF11uqqAHn0z2ObgMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvS2pwR1hDSzFpSEdRWFhXNnFvQWVmVFBZNXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADsfqkyBk+ISzCWDmOS7
pCA67qIIRFeU+REcphjDMstNei5rGXQew6rNb3DxCfIGKE37C1ClO1960Xnpf1VR
tHPTaUxJ7i8aj48EGbvqXtEMU4QWaxAZxwKwSBtfzI8tDTjfnsmIzN6HYP1Fo724
ASMSGejoMA0TED/zUZhuB3QXKuXU2jSHI2H+2PzdLJogXinc1rfwAVRXs0CWbYL6
/uZ0bNB8pGKiwboa7gCQdyMJFdhKJPY5e7SLJ5UrbVXbMWyKmVm6Pvv/E23fvV+S
FUrxfhRPUGZvSN4KP9wne5o5IaBisKfXelrHz0UhOf+C3HZURwu8rx4+KtqaVliw
o5s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org