Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/TArNIfZ0s7mpcaoAH3G4k0MdYks.roa
File: TArNIfZ0s7mpcaoAH3G4k0MdYks.roa (raw, json)
Hash identifier: 33TaT3i46M0DrXJQNqRB0BY6rB1LrM+i84+KXjtAd6E=
Subject key identifier: 4C:0A:CD:21:F6:74:B3:B9:A9:71:AA:00:1F:71:B8:93:43:1D:62:4B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6B7D63CE94B6D545BF2BC015EA127416
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/TArNIfZ0s7mpcaoAH3G4k0MdYks.roa
Signing time: Wed 06 Sep 2023 17:14:54 +0000
ROA not before: Wed 06 Sep 2023 17:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6b:7d:63:ce:94:b6:d5:45:bf:2b:c0:15:ea:12:74:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 17:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c0acd21f674b3b9a971aa001f71b893431d624b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:53:51:ec:d6:f7:64:65:f2:99:f5:a6:86:4a:
20:9c:c2:c6:b1:ff:c3:38:74:65:89:10:18:9d:61:
e1:d6:b0:79:90:df:57:0b:42:93:e4:e4:8e:b9:c7:
f4:68:d3:9f:10:8a:1e:89:dd:65:6b:6c:9f:2a:95:
10:06:1d:39:6a:ea:f8:b1:69:cf:21:9b:50:5a:f0:
51:74:16:42:26:2f:5f:bf:5a:68:2f:6c:0f:c3:dd:
7d:a3:b1:61:3e:28:80:50:18:3e:72:00:a1:f1:ea:
b6:82:da:f4:ba:7b:f7:65:8a:36:4b:fc:fd:fb:9b:
a7:ab:53:57:73:1d:85:ee:58:66:f6:0d:56:dd:2a:
67:99:1f:0c:1a:39:03:4d:79:d6:8d:50:82:7a:10:
07:2f:4d:21:f0:27:83:d9:d3:4d:fe:5e:8c:a0:77:
b5:6f:61:56:a3:7e:1c:c9:74:48:ce:67:94:d1:5a:
44:31:33:ec:a4:4f:54:4a:3d:0f:59:72:b4:92:fd:
6a:e6:96:20:30:27:a4:56:ab:c6:e2:2f:a9:19:0d:
ea:f5:8d:82:f9:54:3d:5a:cc:9b:62:e3:ce:47:b4:
34:85:2a:af:97:05:6d:54:fd:6f:5c:38:01:53:07:
ef:26:81:cf:ff:bb:bb:7b:41:2e:60:57:43:32:ab:
97:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:0A:CD:21:F6:74:B3:B9:A9:71:AA:00:1F:71:B8:93:43:1D:62:4B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/TArNIfZ0s7mpcaoAH3G4k0MdYks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:0c:cb:1e:80:f5:f7:aa:89:ab:78:9f:e6:00:b1:54:20:8c:
0a:b2:69:1d:88:50:95:a7:3c:4f:88:54:28:45:b7:f1:0e:15:
be:85:c3:c8:54:e7:97:51:20:dd:04:0f:d9:ee:96:91:2c:02:
ec:c6:c6:84:2d:eb:cd:4a:0c:c8:5d:d6:80:66:df:3d:f3:3a:
95:41:71:3d:dc:6a:16:e3:67:d9:c2:f6:70:45:fc:e9:7e:06:
a7:e1:e0:b0:19:ff:bb:20:fa:0c:65:2a:3a:17:f7:8f:40:0e:
57:a2:88:0a:3d:4e:f8:59:62:9f:f6:09:d1:c6:5a:a0:52:68:
0f:3d:2f:d7:f6:2b:87:1d:31:f9:41:3b:08:54:98:29:90:25:
17:d1:ca:ea:5b:75:fe:64:77:94:3c:6d:63:14:90:05:a1:5b:
df:b9:57:a8:a2:41:3a:1c:1e:c4:28:83:34:8c:d0:f6:e6:b3:
fa:0d:15:aa:8d:c6:87:e4:78:12:2f:73:ec:db:8a:f3:4d:6b:
78:28:0f:88:7c:67:f4:44:51:10:e0:50:8f:6b:89:2b:20:bc:
6b:d4:4a:5e:06:b1:45:bd:6e:73:7e:09:00:ee:20:f8:c0:4a:
14:ac:53:98:c5:72:74:e9:d0:69:e8:d9:3b:0e:20:ba:55:04:
80:6b:cc:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYprfWPOlLbVRb8rwBXqEnQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MTcxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzBhY2QyMWY2NzRiM2I5YTk3MWFhMDAxZjcxYjg5MzQzMWQ2MjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglNR7Nb3ZGXymfWmhkognMLGsf/D
OHRliRAYnWHh1rB5kN9XC0KT5OSOucf0aNOfEIoeid1la2yfKpUQBh05aur4sWnP
IZtQWvBRdBZCJi9fv1poL2wPw919o7FhPiiAUBg+cgCh8eq2gtr0unv3ZYo2S/z9
+5unq1NXcx2F7lhm9g1W3SpnmR8MGjkDTXnWjVCCehAHL00h8CeD2dNN/l6MoHe1
b2FWo34cyXRIzmeU0VpEMTPspE9USj0PWXK0kv1q5pYgMCekVqvG4i+pGQ3q9Y2C
+VQ9WsybYuPOR7Q0hSqvlwVtVP1vXDgBUwfvJoHP/7u7e0EuYFdDMquXIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEwKzSH2dLO5qXGqAB9xuJNDHWJLMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvVEFyTklmWjBzN21wY2FvQUgzRzRrME1kWWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJYMyx6A9feqiat4n+YA
sVQgjAqyaR2IUJWnPE+IVChFt/EOFb6Fw8hU55dRIN0ED9nulpEsAuzGxoQt681K
DMhd1oBm3z3zOpVBcT3cahbjZ9nC9nBF/Ol+Bqfh4LAZ/7sg+gxlKjoX949ADlei
iAo9TvhZYp/2CdHGWqBSaA89L9f2K4cdMflBOwhUmCmQJRfRyupbdf5kd5Q8bWMU
kAWhW9+5V6iiQTocHsQogzSM0Pbms/oNFaqNxofkeBIvc+zbivNNa3goD4h8Z/RE
URDgUI9riSsgvGvUSl4GsUW9bnN+CQDuIPjAShSsU5jFcnTp0Gno2TsOILpVBIBr
zIs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org