Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/O4bL1djvs_sfiLJOVM_feFxwL0s.roa
File: O4bL1djvs_sfiLJOVM_feFxwL0s.roa (raw, json)
Hash identifier: DmUtArrdrF2k3HMXxztPCLz6/QJG8EwdNLh5Uepr4Ac=
Subject key identifier: 3B:86:CB:D5:D8:EF:B3:FB:1F:88:B2:4E:54:CF:DF:78:5C:70:2F:4B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A529EF7F25986DB29CEFAA5E98F792EBB
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/O4bL1djvs_sfiLJOVM_feFxwL0s.roa
Signing time: Fri 01 Sep 2023 21:21:04 +0000
ROA not before: Fri 01 Sep 2023 21:21:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:52:9e:f7:f2:59:86:db:29:ce:fa:a5:e9:8f:79:2e:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 21:21:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b86cbd5d8efb3fb1f88b24e54cfdf785c702f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:79:72:7a:eb:01:91:c6:ce:4e:75:60:4d:9d:
41:d7:64:b8:92:62:c9:e0:55:88:cf:ad:3c:dd:d4:
d0:52:b7:b0:ca:85:b6:9e:14:55:79:b9:f7:b3:39:
b2:bb:47:e5:4f:12:74:1c:cf:67:19:17:c9:11:36:
a6:b6:0d:4b:ef:ff:0f:d5:fe:46:8f:f3:cc:44:b6:
70:99:6a:cb:24:2a:69:eb:c1:87:4e:4a:f1:98:1b:
81:5e:b6:f6:01:9d:4d:13:5c:17:db:99:6e:b2:9c:
bc:9a:fd:73:f3:6b:6c:82:9a:08:55:53:8b:63:e8:
8c:a4:e5:e7:1c:5f:87:36:29:c2:7b:38:d1:0c:a4:
3a:9f:fa:69:d2:f9:96:0f:94:42:28:6b:03:39:32:
35:05:ee:3a:cd:2c:28:58:79:e3:d1:32:37:db:2d:
cf:52:dc:07:b9:d5:39:36:7e:cf:a4:28:42:8f:af:
63:3c:bb:49:8c:1a:40:04:4e:78:8c:c4:af:fc:7a:
04:8f:a7:39:b9:c8:22:72:f0:80:83:12:6b:9e:8f:
23:d3:49:e4:01:7e:db:9d:ed:cc:f7:be:49:63:26:
bc:e8:d8:25:6c:ec:be:e0:58:83:2c:af:31:71:df:
62:50:4f:9f:c8:6e:02:b8:d3:8e:f7:fa:9c:03:10:
09:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:86:CB:D5:D8:EF:B3:FB:1F:88:B2:4E:54:CF:DF:78:5C:70:2F:4B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/O4bL1djvs_sfiLJOVM_feFxwL0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:26:08:ed:38:72:63:49:39:86:ee:c4:89:73:49:c1:60:33:
fb:87:4f:9c:42:82:39:c8:44:8f:95:1e:98:07:94:20:26:89:
5b:cb:d4:5c:2e:d2:db:b4:9b:8a:12:f6:1b:24:7f:eb:65:91:
d7:cc:35:85:00:48:c3:cb:0b:b8:8e:4b:08:5e:45:da:02:94:
35:9e:96:2a:54:10:0c:29:6d:29:1d:d6:66:3c:d0:18:17:51:
ca:88:a3:ed:a1:a6:fd:20:f5:d0:a9:7c:49:7f:40:69:24:9d:
84:14:2d:36:0d:b1:be:70:23:21:ba:3c:65:98:aa:8c:60:f2:
b9:04:5a:f2:47:b5:2e:b2:47:8f:31:1d:05:c6:1e:a3:e9:71:
f3:18:1f:2b:ea:0f:df:e1:66:90:49:f4:9c:98:8b:ed:8a:ac:
4e:a0:37:e0:a5:46:7b:6a:51:bf:57:c3:2f:2b:5b:ad:8e:ec:
50:47:59:4e:dc:30:f8:e4:68:79:32:3c:4d:32:a3:d8:8e:35:
26:ab:29:a8:ed:af:e1:8f:2b:75:e6:bf:5d:b5:eb:1c:34:72:
3b:89:de:a9:8e:e7:2f:9b:2a:76:0d:84:68:08:31:64:7e:ee:
1f:8a:06:89:e6:9e:a4:de:db:24:11:88:c8:9e:58:34:85:92:
85:e8:5d:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpSnvfyWYbbKc76pemPeS67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMjEyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjg2Y2JkNWQ4ZWZiM2ZiMWY4OGIyNGU1NGNmZGY3ODVjNzAyZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnlyeusBkcbOTnVgTZ1B12S4kmLJ
4FWIz6083dTQUrewyoW2nhRVebn3szmyu0flTxJ0HM9nGRfJETamtg1L7/8P1f5G
j/PMRLZwmWrLJCpp68GHTkrxmBuBXrb2AZ1NE1wX25luspy8mv1z82tsgpoIVVOL
Y+iMpOXnHF+HNinCezjRDKQ6n/pp0vmWD5RCKGsDOTI1Be46zSwoWHnj0TI32y3P
UtwHudU5Nn7PpChCj69jPLtJjBpABE54jMSv/HoEj6c5ucgicvCAgxJrno8j00nk
AX7bne3M975JYya86NglbOy+4FiDLK8xcd9iUE+fyG4CuNOO9/qcAxAJLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDuGy9XY77P7H4iyTlTP33hccC9LMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTzRiTDFkanZzX3NmaUxKT1ZNX2ZlRnh3TDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEYmCO04cmNJOYbuxIlz
ScFgM/uHT5xCgjnIRI+VHpgHlCAmiVvL1Fwu0tu0m4oS9hskf+tlkdfMNYUASMPL
C7iOSwheRdoClDWelipUEAwpbSkd1mY80BgXUcqIo+2hpv0g9dCpfEl/QGkknYQU
LTYNsb5wIyG6PGWYqoxg8rkEWvJHtS6yR48xHQXGHqPpcfMYHyvqD9/hZpBJ9JyY
i+2KrE6gN+ClRntqUb9Xwy8rW62O7FBHWU7cMPjkaHkyPE0yo9iONSarKajtr+GP
K3Xmv1216xw0cjuJ3qmO5y+bKnYNhGgIMWR+7h+KBonmnqTe2yQRiMieWDSFkoXo
XRg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:12 2025 by rpki-client