Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Tz2BB5Si52Wc_8SKp6QX2WSphpg.roa
File: Tz2BB5Si52Wc_8SKp6QX2WSphpg.roa (raw, json)
Hash identifier: 83RGIVEaCs0dFhm/FTFSQKLdAvlpeCmJ0vOK6IExJaY=
Subject key identifier: 4F:3D:81:07:94:A2:E7:65:9C:FF:C4:8A:A7:A4:17:D9:64:A9:86:98
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6BB27D99F97725686C27C8DCC4873D05
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Tz2BB5Si52Wc_8SKp6QX2WSphpg.roa
Signing time: Wed 06 Sep 2023 18:12:54 +0000
ROA not before: Wed 06 Sep 2023 18:12:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6b:b2:7d:99:f9:77:25:68:6c:27:c8:dc:c4:87:3d:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 18:12:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f3d810794a2e7659cffc48aa7a417d964a98698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:90:1a:91:8e:1e:e9:0b:e6:3e:1d:0a:1d:09:
46:dc:60:bc:13:36:90:22:da:1f:fb:3b:2d:a0:a4:
19:5b:c1:9c:2d:39:d5:b5:2d:50:11:b3:32:3f:7b:
b3:85:44:88:cd:b3:ea:ef:89:ca:36:e9:0b:a6:54:
46:97:14:1c:3e:99:bd:b2:8d:c5:2a:f3:e9:d0:81:
8d:c7:cf:65:96:c2:df:6c:41:2b:82:12:aa:cf:06:
dd:64:f1:ee:c6:85:87:a8:96:f3:dc:1c:38:8d:e6:
1f:4a:9d:d2:a6:40:56:a1:01:47:d6:d6:e4:ce:47:
1a:e1:b5:21:b8:5c:f7:db:a0:59:72:a7:bb:37:57:
8b:d2:cd:26:b2:a6:05:1f:c5:6f:31:16:fa:2a:1a:
56:c1:a9:8a:06:39:9f:c3:7c:94:2f:ec:27:de:a6:
59:fe:82:ed:d7:c2:75:f5:76:75:46:70:29:bb:cc:
f7:bf:57:8a:78:c4:c5:7e:d0:44:b7:20:bb:9c:6d:
70:86:49:35:67:36:e2:64:77:64:ea:db:80:0a:23:
f9:a5:eb:d5:d4:cd:d3:e5:cc:fb:19:ef:60:ed:69:
69:63:f1:fc:99:b8:4d:f7:b3:21:7d:5a:95:eb:28:
21:d8:0c:7e:c4:a2:4d:a2:4a:eb:ca:d0:07:14:16:
57:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:3D:81:07:94:A2:E7:65:9C:FF:C4:8A:A7:A4:17:D9:64:A9:86:98
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Tz2BB5Si52Wc_8SKp6QX2WSphpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:af:97:f1:51:3c:3c:56:88:36:1a:9f:1c:e2:65:60:12:96:
ad:4a:c7:2e:af:27:b1:57:79:49:ac:dd:6b:50:b2:f5:c5:15:
24:5b:4b:c9:0e:0b:3e:8a:da:b7:81:dc:ac:48:68:79:94:49:
14:51:23:d1:17:eb:ad:7f:c8:b8:5b:79:d5:e8:bb:38:dc:4b:
0c:09:f8:f0:3e:f8:25:dd:15:c3:c8:6c:6b:a0:1c:33:d9:bd:
40:1c:4c:7d:29:b4:cc:24:0f:88:47:00:c6:d1:0c:0e:ef:80:
db:e5:f9:ff:d7:18:de:69:15:d1:5d:c4:a0:a5:b7:58:e8:cc:
98:59:e8:19:82:0c:fb:19:4a:70:24:f8:60:ba:61:06:f3:c8:
14:00:bd:5c:a8:6d:07:70:af:b4:ed:0b:7a:b3:07:dd:40:93:
30:07:b9:73:f1:bb:69:a8:43:84:7b:82:ab:97:97:ec:a5:fe:
c6:59:46:19:df:f8:6f:eb:13:fc:98:03:24:49:87:13:3f:b6:
08:5d:b9:c1:63:06:81:cb:48:d8:b9:d9:cc:b2:0a:3f:5a:14:
7f:b0:5d:b1:47:3f:2c:72:e4:71:ea:75:d2:8a:cb:47:d4:b5:
18:e9:52:0d:cd:bd:38:67:04:26:c1:4c:2a:b4:82:80:ba:09:
b1:2b:16:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYprsn2Z+XclaGwnyNzEhz0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MTgxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjNkODEwNzk0YTJlNzY1OWNmZmM0OGFhN2E0MTdkOTY0YTk4Njk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJAakY4e6QvmPh0KHQlG3GC8EzaQ
Itof+zstoKQZW8GcLTnVtS1QEbMyP3uzhUSIzbPq74nKNukLplRGlxQcPpm9so3F
KvPp0IGNx89llsLfbEErghKqzwbdZPHuxoWHqJbz3Bw4jeYfSp3SpkBWoQFH1tbk
zkca4bUhuFz326BZcqe7N1eL0s0msqYFH8VvMRb6KhpWwamKBjmfw3yUL+wn3qZZ
/oLt18J19XZ1RnApu8z3v1eKeMTFftBEtyC7nG1whkk1ZzbiZHdk6tuACiP5pevV
1M3T5cz7Ge9g7WlpY/H8mbhN97MhfVqV6ygh2Ax+xKJNokrrytAHFBZXmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE89gQeUoudlnP/EiqekF9lkqYaYMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvVHoyQkI1U2k1MldjXzhTS3A2UVgyV1NwaHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFOvl/FRPDxWiDYanxzi
ZWASlq1Kxy6vJ7FXeUms3WtQsvXFFSRbS8kOCz6K2reB3KxIaHmUSRRRI9EX661/
yLhbedXouzjcSwwJ+PA++CXdFcPIbGugHDPZvUAcTH0ptMwkD4hHAMbRDA7vgNvl
+f/XGN5pFdFdxKClt1jozJhZ6BmCDPsZSnAk+GC6YQbzyBQAvVyobQdwr7TtC3qz
B91AkzAHuXPxu2moQ4R7gquXl+yl/sZZRhnf+G/rE/yYAyRJhxM/tghducFjBoHL
SNi52cyyCj9aFH+wXbFHPyxy5HHqddKKy0fUtRjpUg3NvThnBCbBTCq0goC6CbEr
Fvo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org