Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Sy6oEV1UQGi1Hb2eM50rbIP_EPQ.roa
File: Sy6oEV1UQGi1Hb2eM50rbIP_EPQ.roa (raw, json)
Hash identifier: s84KguZRSDOZw6YEKNVFTdrR6xE73TXuwHks9RtAUKw=
Subject key identifier: 4B:2E:A8:11:5D:54:40:68:B5:1D:BD:9E:33:9D:2B:6C:83:FF:10:F4
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA5DD7ACD044F0459BDA5D5BAC453E873
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Sy6oEV1UQGi1Hb2eM50rbIP_EPQ.roa
Signing time: Mon 18 Sep 2023 01:17:50 +0000
ROA not before: Mon 18 Sep 2023 01:17:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a5:dd:7a:cd:04:4f:04:59:bd:a5:d5:ba:c4:53:e8:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 18 01:17:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b2ea8115d544068b51dbd9e339d2b6c83ff10f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:af:da:eb:be:76:e1:5b:dd:83:08:83:fe:9e:
1f:00:01:fa:a1:0e:83:a1:b7:17:9d:af:bc:6b:70:
8f:78:ab:68:1b:9d:86:05:3b:c1:cd:2d:0b:7f:09:
8b:f5:c6:9f:a7:50:87:a6:7f:df:32:97:9d:b8:e2:
22:cc:48:76:11:66:77:88:6e:76:9c:fd:96:09:2d:
45:01:2f:eb:38:22:ec:8a:d2:6e:9c:32:39:06:68:
25:d8:40:3a:ea:78:aa:32:4c:3d:b0:4d:df:26:ec:
03:9b:86:c8:a7:a9:e1:98:6b:7d:f4:41:34:ff:6c:
8f:65:ca:df:c9:c9:9b:39:b6:b0:2d:5c:66:d9:28:
11:c4:ee:1a:a7:2c:1b:ff:49:9d:7c:01:d9:23:03:
02:e1:1e:93:66:30:ab:4e:c9:23:5c:de:3e:c2:d0:
47:b1:9b:24:5a:90:4c:28:ed:d2:2a:c7:b2:ac:2c:
2f:4d:ef:c8:39:e0:93:3c:49:9d:62:52:55:02:8c:
0d:09:0e:b3:8e:0d:37:d4:10:73:e1:3f:ca:95:c1:
55:5e:cb:2e:1b:92:5f:50:aa:a7:13:31:55:11:36:
fc:26:90:ef:56:7e:79:d8:21:6f:5a:27:75:d7:44:
4f:11:4b:45:7f:cd:1d:24:35:85:9a:2b:52:37:28:
7e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:2E:A8:11:5D:54:40:68:B5:1D:BD:9E:33:9D:2B:6C:83:FF:10:F4
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Sy6oEV1UQGi1Hb2eM50rbIP_EPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:fa:e9:0a:11:51:3c:93:ab:db:15:1b:fb:48:0e:c7:60:9f:
ac:c4:bc:e4:9b:58:bf:08:79:87:9b:52:fa:3f:15:59:6f:77:
34:82:3e:ad:8e:0d:07:17:cb:8b:37:54:f9:61:18:09:c8:c0:
8d:ee:71:6d:0d:f7:4a:75:ac:aa:ac:96:e3:65:4b:26:aa:ef:
34:85:f1:71:e8:a3:eb:cd:40:b3:a9:e6:3d:4f:41:6c:ab:ec:
c6:41:70:11:69:c1:2c:e5:de:82:09:38:99:af:e9:b3:e6:68:
38:fe:0b:92:e7:a6:43:fc:21:7a:f4:1f:4c:f0:db:da:4f:10:
fd:6e:95:ee:db:48:c7:e9:92:41:68:3e:2e:ba:e5:77:1c:0b:
56:6f:8d:c1:d9:1f:6e:7c:34:e8:94:d7:73:70:56:4a:3b:ab:
b5:0d:22:7d:17:3f:79:31:da:0c:e0:63:7c:13:20:b3:94:2e:
b7:fd:30:54:e7:3b:e9:69:08:31:d3:34:cf:31:1f:33:e8:39:
9a:11:9e:e9:32:2e:25:88:33:6f:fa:b8:34:38:85:79:2e:09:
d1:c3:b1:5c:c9:7a:0e:69:d7:dd:96:e0:4d:8e:d2:2e:8c:31:
82:3c:17:2f:62:24:cf:76:39:6d:3c:39:77:cf:3b:f9:97:7f:
c7:03:92:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYql3XrNBE8EWb2l1brEU+hzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE4MDExNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjJlYTgxMTVkNTQ0MDY4YjUxZGJkOWUzMzlkMmI2YzgzZmYxMGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9q/a67524VvdgwiD/p4fAAH6oQ6D
obcXna+8a3CPeKtoG52GBTvBzS0LfwmL9cafp1CHpn/fMpeduOIizEh2EWZ3iG52
nP2WCS1FAS/rOCLsitJunDI5Bmgl2EA66niqMkw9sE3fJuwDm4bIp6nhmGt99EE0
/2yPZcrfycmbObawLVxm2SgRxO4apywb/0mdfAHZIwMC4R6TZjCrTskjXN4+wtBH
sZskWpBMKO3SKseyrCwvTe/IOeCTPEmdYlJVAowNCQ6zjg031BBz4T/KlcFVXssu
G5JfUKqnEzFVETb8JpDvVn552CFvWid110RPEUtFf80dJDWFmitSNyh+nwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEsuqBFdVEBotR29njOdK2yD/xD0MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvU3k2b0VWMVVRR2kxSGIyZU01MHJiSVBfRVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJT66QoRUTyTq9sVG/tI
Dsdgn6zEvOSbWL8IeYebUvo/FVlvdzSCPq2ODQcXy4s3VPlhGAnIwI3ucW0N90p1
rKqsluNlSyaq7zSF8XHoo+vNQLOp5j1PQWyr7MZBcBFpwSzl3oIJOJmv6bPmaDj+
C5LnpkP8IXr0H0zw29pPEP1ule7bSMfpkkFoPi665XccC1ZvjcHZH258NOiU13Nw
Vko7q7UNIn0XP3kx2gzgY3wTILOULrf9MFTnO+lpCDHTNM8xHzPoOZoRnukyLiWI
M2/6uDQ4hXkuCdHDsVzJeg5p192W4E2O0i6MMYI8Fy9iJM92OW08OXfPO/mXf8cD
kpc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org