Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/PG5Cr3O331VOTjGNmic-L851k4E.roa
File: PG5Cr3O331VOTjGNmic-L851k4E.roa (raw, json)
Hash identifier: HAF+3wJLSioHKJJ8raDnUwvvVHHvKoEEv1tMkVtCF34=
Subject key identifier: 3C:6E:42:AF:73:B7:DF:55:4E:4E:31:8D:9A:27:3E:2F:CE:75:93:81
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A61650470543E4D0811CB2824D319BBF1
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/PG5Cr3O331VOTjGNmic-L851k4E.roa
Signing time: Mon 04 Sep 2023 18:12:04 +0000
ROA not before: Mon 04 Sep 2023 18:12:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:61:65:04:70:54:3e:4d:08:11:cb:28:24:d3:19:bb:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 18:12:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c6e42af73b7df554e4e318d9a273e2fce759381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5a:96:68:e0:1b:0c:1e:e3:9d:f7:d0:8c:56:
06:d8:d0:8a:9e:66:e3:a5:1d:5e:89:16:f1:cb:32:
4e:88:5b:82:c0:fc:04:91:9c:3d:40:29:12:25:cb:
63:5f:03:08:b2:30:7c:0a:cb:a3:e0:14:95:69:6d:
88:9d:7b:7e:a8:cf:31:69:03:90:f1:df:0a:21:cc:
bc:0d:3c:98:0e:ff:af:ba:48:eb:1c:ab:93:63:62:
f4:2e:79:20:ed:1f:c2:09:de:38:4c:d9:89:43:13:
b1:66:78:9a:20:7a:16:75:41:fe:67:f0:22:ae:bf:
64:e0:e5:f8:77:1f:ec:f3:88:1c:45:41:dd:00:be:
65:1e:0f:d6:40:14:13:af:e1:98:76:22:c7:1d:63:
8a:55:4e:aa:14:77:56:d8:9c:a4:2a:ba:9d:16:31:
d0:01:59:b7:4a:be:1d:f2:59:39:63:d9:6f:68:eb:
73:3b:18:73:73:72:b1:bd:e8:e9:23:ae:f2:45:bc:
3f:b4:fa:9d:2c:30:9f:73:c6:ee:d4:52:fc:70:2a:
2f:98:d7:33:75:88:26:94:ee:ed:37:56:38:0e:30:
00:fb:3d:00:2a:86:64:ab:ab:40:af:51:f3:58:ef:
d6:d8:bb:a0:2d:8c:89:92:e4:ce:2b:00:5e:e8:63:
b6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:6E:42:AF:73:B7:DF:55:4E:4E:31:8D:9A:27:3E:2F:CE:75:93:81
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/PG5Cr3O331VOTjGNmic-L851k4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:bc:c0:f1:c7:f9:16:93:00:85:92:a5:86:b4:fb:40:e8:10:
e1:da:5c:0a:e4:0f:cf:b8:b9:8e:c6:48:5e:a1:11:7b:cd:af:
e5:33:60:9e:cb:b7:2e:1f:24:e3:23:8d:29:8a:41:ce:93:ac:
b2:8b:1f:2c:4c:f2:e2:d3:1a:28:d5:fc:a1:26:c9:00:87:c3:
9a:b3:9a:18:7e:66:1d:af:99:7e:b1:d8:66:96:73:2d:34:b7:
f6:b5:4d:0d:e2:f2:36:d0:ab:e1:9c:46:ad:ea:26:2f:30:68:
be:d1:db:0c:d4:d0:17:e6:78:b5:83:c8:cb:87:68:92:57:a4:
c7:35:32:d4:c4:6a:90:d5:af:2d:78:be:4e:fd:30:59:cf:bd:
98:62:05:ae:6f:58:aa:01:5a:10:0c:b1:e9:c5:0c:76:82:33:
3c:6f:d0:51:c5:bc:6e:82:cc:b5:03:b7:b5:e5:1a:8d:2f:85:
b2:76:70:a2:9c:42:f8:fc:db:b2:5a:44:15:36:66:d4:cb:24:
e7:e4:85:11:0a:c4:e8:de:20:66:c0:55:1e:d4:d9:54:6e:e2:
b6:6d:51:a4:13:25:ec:97:3c:38:44:48:4d:8a:f6:28:bd:84:
fb:5c:c3:b4:e8:02:e9:23:b7:a6:91:04:6c:01:a5:7b:37:e6:
84:16:09:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYphZQRwVD5NCBHLKCTTGbvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MTgxMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzZlNDJhZjczYjdkZjU1NGU0ZTMxOGQ5YTI3M2UyZmNlNzU5MzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFqWaOAbDB7jnffQjFYG2NCKnmbj
pR1eiRbxyzJOiFuCwPwEkZw9QCkSJctjXwMIsjB8Csuj4BSVaW2InXt+qM8xaQOQ
8d8KIcy8DTyYDv+vukjrHKuTY2L0Lnkg7R/CCd44TNmJQxOxZniaIHoWdUH+Z/Ai
rr9k4OX4dx/s84gcRUHdAL5lHg/WQBQTr+GYdiLHHWOKVU6qFHdW2JykKrqdFjHQ
AVm3Sr4d8lk5Y9lvaOtzOxhzc3KxvejpI67yRbw/tPqdLDCfc8bu1FL8cCovmNcz
dYgmlO7tN1Y4DjAA+z0AKoZkq6tAr1HzWO/W2LugLYyJkuTOKwBe6GO2WwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDxuQq9zt99VTk4xjZonPi/OdZOBMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvUEc1Q3IzTzMzMVZPVGpHTm1pYy1MODUxazRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB68wPHH+RaTAIWSpYa0
+0DoEOHaXArkD8+4uY7GSF6hEXvNr+UzYJ7Lty4fJOMjjSmKQc6TrLKLHyxM8uLT
GijV/KEmyQCHw5qzmhh+Zh2vmX6x2GaWcy00t/a1TQ3i8jbQq+GcRq3qJi8waL7R
2wzU0BfmeLWDyMuHaJJXpMc1MtTEapDVry14vk79MFnPvZhiBa5vWKoBWhAMsenF
DHaCMzxv0FHFvG6CzLUDt7XlGo0vhbJ2cKKcQvj827JaRBU2ZtTLJOfkhREKxOje
IGbAVR7U2VRu4rZtUaQTJeyXPDhESE2K9ii9hPtcw7ToAukjt6aRBGwBpXs35oQW
Cek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org