Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/TWKP9vcL1DvMV6rTBDhrQghP5QI.roa
File: TWKP9vcL1DvMV6rTBDhrQghP5QI.roa (raw, json)
Hash identifier: Wl1KrSQwPFONGctNexSCs9UAJhE7NyJ4sPhRFPxLSJ0=
Subject key identifier: 4D:62:8F:F6:F7:0B:D4:3B:CC:57:AA:D3:04:38:6B:42:08:4F:E5:02
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7B5B6AACDAFD7C43134F676D6FE54B74
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/TWKP9vcL1DvMV6rTBDhrQghP5QI.roa
Signing time: Sat 09 Sep 2023 19:11:43 +0000
ROA not before: Sat 09 Sep 2023 19:11:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7b:5b:6a:ac:da:fd:7c:43:13:4f:67:6d:6f:e5:4b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 19:11:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d628ff6f70bd43bcc57aad304386b42084fe502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ad:b4:05:f0:5d:72:1c:fd:08:d9:46:8e:99:
1b:37:77:85:3c:28:a8:68:b4:93:bb:59:4d:00:07:
9b:1b:10:a6:e5:ee:80:9e:17:8f:5c:ee:6a:77:b7:
7e:08:c3:55:53:ac:35:e4:b1:23:64:fd:19:86:bc:
ca:cd:38:f0:c4:d1:16:58:79:04:c2:8e:d9:2c:fc:
4c:20:fb:a3:0d:f1:cf:a2:79:e6:b6:51:9d:6a:8b:
e2:59:ed:bb:5b:c9:5f:2d:4a:41:40:2d:12:e2:d6:
60:3b:94:a0:a4:84:b0:29:7a:ae:d2:10:10:81:68:
e3:9e:48:46:ab:5c:b8:86:43:2b:13:ec:0f:1b:f6:
0b:45:7d:03:20:fc:b1:59:d4:e9:ad:8a:41:4c:99:
b2:7c:c5:bb:ee:c7:f8:7c:89:1e:c8:aa:f8:9d:51:
ee:45:3c:8e:1c:b5:be:f3:79:ac:30:30:77:33:a2:
11:a4:95:93:3a:5d:ff:dd:c2:8c:ba:81:6c:73:4a:
1b:83:bb:95:f6:83:ea:ed:18:f6:79:7f:58:80:e1:
a6:3d:3e:6b:bd:19:fa:61:2f:33:5f:ed:2f:0d:3a:
79:9f:69:46:e9:c1:ef:e1:ce:24:92:ec:af:2c:21:
90:1d:da:c1:30:e5:30:c4:76:f9:4c:f0:2d:14:92:
df:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:62:8F:F6:F7:0B:D4:3B:CC:57:AA:D3:04:38:6B:42:08:4F:E5:02
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/TWKP9vcL1DvMV6rTBDhrQghP5QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:11:20:36:00:38:67:84:e6:46:51:01:e4:26:d3:15:5e:8a:
02:36:c6:34:6e:a4:2f:84:d6:be:c8:21:f0:41:44:a5:59:88:
4e:e9:bc:93:dc:2f:dd:59:17:98:2a:1a:0a:9d:9e:29:c2:4a:
37:05:cf:3d:92:aa:47:e6:a5:ff:6b:29:76:d0:ba:27:6f:a3:
92:52:f3:34:ed:b6:e9:ab:3c:e5:d3:2f:ac:17:f6:d7:92:67:
0e:c1:b7:72:e8:90:43:70:38:f5:7d:af:a1:30:92:27:08:4d:
7c:30:21:67:56:ff:19:0f:09:6c:c0:c4:ec:e4:9b:82:64:55:
84:1b:fe:89:49:a1:3c:88:88:20:d5:32:23:30:fd:f6:78:14:
2f:6b:a4:22:49:20:5b:1d:6c:75:06:02:57:57:df:a2:e6:ca:
e5:b3:de:78:34:73:f7:72:95:04:1e:fc:9f:31:9b:36:3e:f3:
96:85:cf:9c:fb:66:f2:d9:0c:f6:0f:6b:14:1e:00:10:67:78:
81:8a:5f:4f:b6:10:84:7f:f6:51:91:b4:ca:11:b3:99:e1:9d:
92:66:65:6c:63:5f:54:5f:44:12:de:bb:71:36:0e:64:dd:94:
ce:0e:72:b2:4b:fc:17:f4:55:64:fa:6b:5f:bd:35:8b:27:2f:
ab:f8:c4:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp7W2qs2v18QxNPZ21v5Ut0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MTkxMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDYyOGZmNmY3MGJkNDNiY2M1N2FhZDMwNDM4NmI0MjA4NGZlNTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu620BfBdchz9CNlGjpkbN3eFPCio
aLSTu1lNAAebGxCm5e6AnhePXO5qd7d+CMNVU6w15LEjZP0ZhrzKzTjwxNEWWHkE
wo7ZLPxMIPujDfHPonnmtlGdaoviWe27W8lfLUpBQC0S4tZgO5SgpISwKXqu0hAQ
gWjjnkhGq1y4hkMrE+wPG/YLRX0DIPyxWdTprYpBTJmyfMW77sf4fIkeyKr4nVHu
RTyOHLW+83msMDB3M6IRpJWTOl3/3cKMuoFsc0obg7uV9oPq7Rj2eX9YgOGmPT5r
vRn6YS8zX+0vDTp5n2lG6cHv4c4kkuyvLCGQHdrBMOUwxHb5TPAtFJLf1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE1ij/b3C9Q7zFeq0wQ4a0IIT+UCMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvVFdLUDl2Y0wxRHZNVjZyVEJEaHJRZ2hQNVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKURIDYAOGeE5kZRAeQm
0xVeigI2xjRupC+E1r7IIfBBRKVZiE7pvJPcL91ZF5gqGgqdninCSjcFzz2Sqkfm
pf9rKXbQuidvo5JS8zTttumrPOXTL6wX9teSZw7Bt3LokENwOPV9r6EwkicITXww
IWdW/xkPCWzAxOzkm4JkVYQb/olJoTyIiCDVMiMw/fZ4FC9rpCJJIFsdbHUGAldX
36LmyuWz3ng0c/dylQQe/J8xmzY+85aFz5z7ZvLZDPYPaxQeABBneIGKX0+2EIR/
9lGRtMoRs5nhnZJmZWxjX1RfRBLeu3E2DmTdlM4OcrJL/Bf0VWT6a1+9NYsnL6v4
xAA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org