Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/OV42bXytEBuLFcLXqlycgp8M_rI.roa
File: OV42bXytEBuLFcLXqlycgp8M_rI.roa (raw, json)
Hash identifier: mwgxGTSL/tIIFicGGDTa5YDMpTHwQqS191yXNpc8YLQ=
Subject key identifier: 39:5E:36:6D:7C:AD:10:1B:8B:15:C2:D7:AA:5C:9C:82:9F:0C:FE:B2
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A61A0453682CD5F6A9451026599B745BC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/OV42bXytEBuLFcLXqlycgp8M_rI.roa
Signing time: Mon 04 Sep 2023 19:16:47 +0000
ROA not before: Mon 04 Sep 2023 19:16:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:61:a0:45:36:82:cd:5f:6a:94:51:02:65:99:b7:45:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 19:16:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=395e366d7cad101b8b15c2d7aa5c9c829f0cfeb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:06:0b:8f:9c:6d:ad:4c:47:f4:62:90:fd:8d:
0a:48:00:d0:19:c5:62:2b:c2:9f:03:07:1b:d9:f6:
b6:74:00:31:df:2d:e4:3a:51:3b:a1:4c:ac:ca:43:
21:23:1e:5f:71:ff:ee:72:52:85:45:3c:f7:c7:d2:
09:d6:58:71:83:dc:e3:bc:b5:0d:95:c7:bc:c2:39:
58:a0:c0:52:e6:fd:81:c8:1a:9c:b8:82:51:71:5d:
23:5a:fe:86:09:41:cf:78:4c:7e:d2:12:ec:25:35:
8b:00:3b:29:29:c6:18:00:0b:25:45:4d:05:6d:11:
98:90:86:3b:2d:da:ca:66:39:d2:1c:cd:a4:84:9f:
f4:76:bc:f1:6d:f9:bf:14:61:2c:25:c7:d4:55:03:
b3:bc:3e:0e:88:00:1f:49:13:d5:d5:ad:bf:dc:d5:
6c:bf:ae:79:b2:4a:cb:21:94:84:ba:3a:70:8c:af:
2c:d1:1a:b6:7e:4b:f6:c9:ec:d9:47:67:5f:07:97:
24:99:10:db:e0:4a:4b:e4:46:89:31:5f:fd:88:4f:
88:33:99:ba:49:63:d5:4e:1d:4e:59:bc:52:4b:28:
5a:d3:f5:ed:2b:5b:ac:be:c0:e0:4e:80:63:94:99:
d4:d2:20:d0:66:e4:29:dc:2c:48:f8:77:d3:a9:37:
eb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:5E:36:6D:7C:AD:10:1B:8B:15:C2:D7:AA:5C:9C:82:9F:0C:FE:B2
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/OV42bXytEBuLFcLXqlycgp8M_rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:90:5e:bf:fd:d9:a1:ef:dc:64:ca:23:b2:f8:37:05:89:2a:
c0:33:43:0c:a2:65:4a:2d:69:db:d0:21:32:c1:bd:d5:06:c6:
b9:a1:b6:f6:c0:39:b5:85:61:28:ba:22:f7:db:1e:89:c3:f0:
08:80:ee:03:49:6f:ef:74:2f:69:b2:9e:45:96:ed:d6:02:25:
9d:90:ee:3e:92:fb:82:19:b9:98:32:2c:eb:2d:60:8e:9e:f8:
54:84:a9:03:29:fa:9c:b3:ba:38:ce:dd:ad:f0:80:b3:b6:54:
4f:76:20:41:b4:1f:b6:b3:5c:de:86:5b:a0:51:ae:f9:a4:dc:
7c:b2:fa:11:df:d7:8a:53:45:e8:ca:a0:69:be:74:4b:b8:7b:
77:2f:6f:50:3f:6b:c3:c2:27:a6:cb:f2:c3:97:4c:a0:b6:88:
84:f1:c8:7a:44:77:3a:02:ee:47:96:2b:3e:94:d6:13:9a:d5:
68:8e:f3:19:8b:0f:ad:5e:e2:c7:fe:91:b0:4d:34:05:31:39:
eb:e6:8e:ab:cc:b5:d3:49:33:b6:07:e8:21:05:60:43:12:97:
d1:cd:01:34:ac:99:79:fe:07:ca:aa:c0:fd:16:10:75:f9:2c:
f8:d5:4b:8c:c1:8c:7d:32:08:c9:2a:0e:fb:7d:2c:a4:13:49:
cf:b3:b3:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYphoEU2gs1fapRRAmWZt0W8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MTkxNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTVlMzY2ZDdjYWQxMDFiOGIxNWMyZDdhYTVjOWM4MjlmMGNmZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAYLj5xtrUxH9GKQ/Y0KSADQGcVi
K8KfAwcb2fa2dAAx3y3kOlE7oUysykMhIx5fcf/uclKFRTz3x9IJ1lhxg9zjvLUN
lce8wjlYoMBS5v2ByBqcuIJRcV0jWv6GCUHPeEx+0hLsJTWLADspKcYYAAslRU0F
bRGYkIY7LdrKZjnSHM2khJ/0drzxbfm/FGEsJcfUVQOzvD4OiAAfSRPV1a2/3NVs
v655skrLIZSEujpwjK8s0Rq2fkv2yezZR2dfB5ckmRDb4EpL5EaJMV/9iE+IM5m6
SWPVTh1OWbxSSyha0/XtK1usvsDgToBjlJnU0iDQZuQp3CxI+HfTqTfrrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDleNm18rRAbixXC16pcnIKfDP6yMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvT1Y0MmJYeXRFQnVMRmNMWHFseWNncDhNX3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKGQXr/92aHv3GTKI7L4
NwWJKsAzQwyiZUotadvQITLBvdUGxrmhtvbAObWFYSi6IvfbHonD8AiA7gNJb+90
L2mynkWW7dYCJZ2Q7j6S+4IZuZgyLOstYI6e+FSEqQMp+pyzujjO3a3wgLO2VE92
IEG0H7azXN6GW6BRrvmk3Hyy+hHf14pTRejKoGm+dEu4e3cvb1A/a8PCJ6bL8sOX
TKC2iITxyHpEdzoC7keWKz6U1hOa1WiO8xmLD61e4sf+kbBNNAUxOevmjqvMtdNJ
M7YH6CEFYEMSl9HNATSsmXn+B8qqwP0WEHX5LPjVS4zBjH0yCMkqDvt9LKQTSc+z
s2w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org