Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/OInK0jt4zRQfpI6kHhpGA7qb6zI.roa
File: OInK0jt4zRQfpI6kHhpGA7qb6zI.roa (raw, json)
Hash identifier: jw4fvEGGTP3wg3n0mhf0EFTgb9OsaQ8tkTkhttp2rb8=
Subject key identifier: 38:89:CA:D2:3B:78:CD:14:1F:A4:8E:A4:1E:1A:46:03:BA:9B:EB:32
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A65B4C8E392A7359DE38BD2491C894589
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/OInK0jt4zRQfpI6kHhpGA7qb6zI.roa
Signing time: Tue 05 Sep 2023 14:17:41 +0000
ROA not before: Tue 05 Sep 2023 14:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:b4:c8:e3:92:a7:35:9d:e3:8b:d2:49:1c:89:45:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 14:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3889cad23b78cd141fa48ea41e1a4603ba9beb32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:70:01:12:2d:89:48:b1:a2:3b:dc:ab:e3:6f:
38:c0:16:72:09:7c:ef:a5:52:b5:a4:5f:76:64:c5:
55:e6:3d:2b:d5:e9:c6:04:92:f5:fd:1b:32:c3:c3:
81:3b:56:73:87:79:c8:31:c6:ff:30:b3:bc:41:bb:
47:3e:5e:e5:0a:04:95:60:31:36:f6:77:0f:4b:db:
6c:8a:d6:d8:bf:53:0f:2b:1c:d7:c3:38:f7:93:4b:
95:4d:54:58:56:02:63:0d:cc:5f:1f:96:0d:fe:94:
80:d1:74:d5:65:e3:17:e2:53:09:7d:b2:04:2c:61:
f4:9a:c1:75:57:82:be:db:67:c1:df:59:37:09:2f:
70:02:05:56:a9:35:10:74:83:b1:e2:2d:3f:6a:22:
71:d8:34:85:dc:c9:a7:61:d2:e8:c1:96:9c:01:27:
5c:6e:23:a6:90:40:fd:23:b8:db:6e:e5:ba:45:3f:
5d:70:7b:22:1e:f1:19:e1:d9:c0:67:b9:ee:75:ae:
a5:c8:85:e2:2c:44:db:a2:d8:af:31:12:14:97:14:
67:40:27:ad:5b:8c:1c:05:05:1c:f4:5b:51:af:94:
c1:cb:f5:42:0c:f8:21:f4:55:0c:1c:ff:91:ec:de:
28:de:de:1e:48:e3:86:e2:e6:82:6c:cd:6e:38:23:
82:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:89:CA:D2:3B:78:CD:14:1F:A4:8E:A4:1E:1A:46:03:BA:9B:EB:32
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/OInK0jt4zRQfpI6kHhpGA7qb6zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:71:2a:98:80:06:f5:33:c9:9e:67:56:4f:15:ae:8d:a5:b6:
ba:00:07:b3:c1:f2:aa:e1:c7:b3:a1:f7:b8:53:77:13:fc:94:
6e:48:a6:8c:72:82:38:2d:84:13:48:86:c9:e8:e5:8c:e3:4f:
12:af:49:6b:17:5c:92:ec:b3:8b:63:66:3e:37:f2:b6:36:89:
40:85:ea:6f:8e:f0:fa:2c:79:1a:44:92:15:0c:61:52:cb:b6:
9b:7d:a5:57:c8:bc:d5:bb:55:46:4f:35:87:6b:09:ec:64:cf:
9a:0a:1a:ff:d0:2d:06:a7:92:1a:78:8f:29:ff:7c:36:3b:54:
a9:41:c4:4d:f1:4b:40:70:00:28:fb:df:a6:a5:1a:ed:a9:0d:
62:2a:97:bd:66:7b:19:58:82:d8:ce:9b:40:7b:b7:42:05:40:
f4:8e:64:ae:52:c8:bb:1f:bf:fe:ce:03:65:c2:4b:bb:5f:fc:
72:39:dd:20:76:0a:2f:99:bb:04:4e:57:ef:bf:3b:60:91:fc:
1b:e4:ca:3f:c4:18:a9:d4:af:81:6a:0c:c4:ca:4d:73:01:82:
c6:e2:0a:be:bd:77:d6:56:4a:fb:de:04:93:03:2c:55:1e:72:
4c:99:a7:37:29:82:74:96:af:ef:09:a7:ff:89:09:b4:3a:d0:
ef:a9:9f:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpltMjjkqc1neOL0kkciUWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MTQxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODg5Y2FkMjNiNzhjZDE0MWZhNDhlYTQxZTFhNDYwM2JhOWJlYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXABEi2JSLGiO9yr4284wBZyCXzv
pVK1pF92ZMVV5j0r1enGBJL1/Rsyw8OBO1Zzh3nIMcb/MLO8QbtHPl7lCgSVYDE2
9ncPS9tsitbYv1MPKxzXwzj3k0uVTVRYVgJjDcxfH5YN/pSA0XTVZeMX4lMJfbIE
LGH0msF1V4K+22fB31k3CS9wAgVWqTUQdIOx4i0/aiJx2DSF3MmnYdLowZacASdc
biOmkED9I7jbbuW6RT9dcHsiHvEZ4dnAZ7nuda6lyIXiLETbotivMRIUlxRnQCet
W4wcBQUc9FtRr5TBy/VCDPgh9FUMHP+R7N4o3t4eSOOG4uaCbM1uOCOCtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDiJytI7eM0UH6SOpB4aRgO6m+syMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvT0luSzBqdDR6UlFmcEk2a0hocEdBN3FiNnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAANxKpiABvUzyZ5nVk8V
ro2ltroAB7PB8qrhx7Oh97hTdxP8lG5IpoxygjgthBNIhsno5YzjTxKvSWsXXJLs
s4tjZj438rY2iUCF6m+O8PoseRpEkhUMYVLLtpt9pVfIvNW7VUZPNYdrCexkz5oK
Gv/QLQankhp4jyn/fDY7VKlBxE3xS0BwACj736alGu2pDWIql71mexlYgtjOm0B7
t0IFQPSOZK5SyLsfv/7OA2XCS7tf/HI53SB2Ci+ZuwROV++/O2CR/Bvkyj/EGKnU
r4FqDMTKTXMBgsbiCr69d9ZWSvveBJMDLFUeckyZpzcpgnSWr+8Jp/+JCbQ60O+p
n9U=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:36 2025 by rpki-client