Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/MQCAGX-ghdblL8SoQvU4BWGBjrc.roa
File: MQCAGX-ghdblL8SoQvU4BWGBjrc.roa (raw, json)
Hash identifier: YIfR3RRP+DoNNrWcnhG3tdB6FNYcU79ED8hgajA5qjA=
Subject key identifier: 31:00:80:19:7F:A0:85:D6:E5:2F:C4:A8:42:F5:38:05:61:81:8E:B7
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5C0C01461EFC877E0530A59C12DEDFDD
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/MQCAGX-ghdblL8SoQvU4BWGBjrc.roa
Signing time: Sun 03 Sep 2023 17:16:45 +0000
ROA not before: Sun 03 Sep 2023 17:16:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5c:0c:01:46:1e:fc:87:7e:05:30:a5:9c:12:de:df:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 17:16:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=310080197fa085d6e52fc4a842f5380561818eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1e:85:7f:29:3e:eb:81:4f:24:71:7d:e2:0c:
7a:69:84:23:19:a7:02:5d:89:c3:00:ef:15:c8:e8:
b4:8e:e4:2a:30:54:11:31:19:1c:cf:06:5d:db:68:
8b:88:bb:46:3f:d6:6d:4b:3c:83:de:52:a4:e7:63:
9c:f2:0c:9e:f8:81:ac:74:0e:6e:6b:5c:2e:8a:1b:
42:88:11:3b:be:7d:b3:dd:b0:68:96:16:a6:5e:d7:
b8:9d:24:91:8d:b6:80:68:07:d4:be:9c:56:92:ee:
85:df:56:78:be:66:75:bd:5d:8d:83:e7:a4:e9:1a:
46:30:fd:c8:79:4e:d7:62:ac:ef:ae:7f:e6:d5:43:
e4:7d:5f:f1:11:73:b7:82:28:bf:8e:19:52:b3:9a:
d1:97:ac:7d:83:15:bb:90:00:9a:22:bc:1d:ed:68:
91:92:59:4f:65:f6:71:49:f1:96:ae:c2:c5:fd:97:
70:82:37:85:a7:bd:b1:a0:fd:ef:f5:c0:a5:6e:47:
a4:9c:04:f3:47:5a:9b:fa:7e:c3:88:15:ba:02:77:
d2:36:81:ed:21:64:e9:50:77:fc:1c:12:17:5b:34:
c3:81:ac:c7:08:ea:1a:03:bb:98:ca:58:6a:06:e6:
2c:76:24:76:af:ef:ea:a4:9c:15:f8:98:54:ad:71:
dd:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:00:80:19:7F:A0:85:D6:E5:2F:C4:A8:42:F5:38:05:61:81:8E:B7
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/MQCAGX-ghdblL8SoQvU4BWGBjrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:a6:fd:48:7c:d7:92:0c:d6:d3:99:77:d6:3f:cc:a5:10:a7:
04:3f:fa:07:f8:62:db:62:2c:66:d1:56:7b:c1:8c:3f:3e:09:
d5:91:d5:bc:86:9b:a2:8b:5a:f7:4e:ba:ab:7b:9a:26:3b:19:
a1:aa:0f:fd:25:c1:7c:65:9e:a4:cb:4e:aa:3b:c3:7d:b8:b8:
18:6c:35:8f:a0:1e:aa:2c:b7:e5:5d:a1:10:a7:08:3f:99:c3:
4a:14:07:21:f5:b3:83:15:f5:0c:f9:3f:2e:22:b4:12:70:8d:
10:ae:0c:4e:b8:97:c4:b0:d5:81:a4:f9:4c:c7:09:14:b8:e5:
64:de:67:0e:62:e2:90:74:0d:4f:48:8d:47:29:75:c5:7b:29:
37:87:4d:45:b3:d6:2b:43:af:0e:23:64:4d:b5:58:46:ab:67:
a4:2a:8f:bf:e4:08:80:29:c8:83:bd:9e:c6:69:dd:5b:67:39:
14:68:6b:81:c5:b5:3c:c2:a6:15:47:8c:a6:41:cc:68:94:da:
c0:7d:3c:a9:2d:da:f2:20:72:c3:4f:76:41:51:23:85:b0:a0:
a5:2a:eb:b2:06:73:b1:b6:40:0b:bc:44:be:59:a9:58:ec:98:
fc:4b:71:48:75:88:1a:a9:96:2c:e4:79:b8:0b:9f:b7:f0:3d:
83:75:1b:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpcDAFGHvyHfgUwpZwS3t/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMTcxNjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTAwODAxOTdmYTA4NWQ2ZTUyZmM0YTg0MmY1MzgwNTYxODE4ZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx6Ffyk+64FPJHF94gx6aYQjGacC
XYnDAO8VyOi0juQqMFQRMRkczwZd22iLiLtGP9ZtSzyD3lKk52Oc8gye+IGsdA5u
a1wuihtCiBE7vn2z3bBolhamXte4nSSRjbaAaAfUvpxWku6F31Z4vmZ1vV2Ng+ek
6RpGMP3IeU7XYqzvrn/m1UPkfV/xEXO3gii/jhlSs5rRl6x9gxW7kACaIrwd7WiR
kllPZfZxSfGWrsLF/ZdwgjeFp72xoP3v9cClbkeknATzR1qb+n7DiBW6AnfSNoHt
IWTpUHf8HBIXWzTDgazHCOoaA7uYylhqBuYsdiR2r+/qpJwV+JhUrXHd1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDEAgBl/oIXW5S/EqEL1OAVhgY63MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTVFDQUdYLWdoZGJsTDhTb1F2VTRCV0dCanJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAGm/Uh815IM1tOZd9Y/
zKUQpwQ/+gf4YttiLGbRVnvBjD8+CdWR1byGm6KLWvdOuqt7miY7GaGqD/0lwXxl
nqTLTqo7w324uBhsNY+gHqost+VdoRCnCD+Zw0oUByH1s4MV9Qz5Py4itBJwjRCu
DE64l8Sw1YGk+UzHCRS45WTeZw5i4pB0DU9IjUcpdcV7KTeHTUWz1itDrw4jZE21
WEarZ6Qqj7/kCIApyIO9nsZp3VtnORRoa4HFtTzCphVHjKZBzGiU2sB9PKkt2vIg
csNPdkFRI4WwoKUq67IGc7G2QAu8RL5ZqVjsmPxLcUh1iBqplizkebgLn7fwPYN1
G/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org