Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Y3U70-DvAELZW7QnmZGIRKiiRRQ.roa
File: Y3U70-DvAELZW7QnmZGIRKiiRRQ.roa (raw, json)
Hash identifier: RRMPASKV0jtR5+VWzHUROytEoF7/Dj9F+ZKrUcjjmnE=
Subject key identifier: 63:75:3B:D3:E0:EF:00:42:D9:5B:B4:27:99:91:88:44:A8:A2:45:14
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6056D283DE6D38475AFE5AA2C4387462
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Y3U70-DvAELZW7QnmZGIRKiiRRQ.roa
Signing time: Mon 04 Sep 2023 13:16:57 +0000
ROA not before: Mon 04 Sep 2023 13:16:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:56:d2:83:de:6d:38:47:5a:fe:5a:a2:c4:38:74:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 13:16:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63753bd3e0ef0042d95bb42799918844a8a24514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b9:ad:2d:f8:12:3f:18:97:d6:70:74:44:97:
a9:44:bd:ff:31:11:e8:45:ec:f5:84:da:52:25:52:
58:2a:24:93:a1:57:0b:d8:a7:e7:64:cb:14:27:02:
21:a2:c9:c5:52:48:2c:0d:59:7a:5e:0f:d4:a6:a6:
65:b0:08:1e:4c:53:29:dc:a0:5d:1f:15:f8:01:66:
a0:04:4f:7c:77:f6:72:b1:8d:a3:0d:09:42:2b:b6:
37:b9:37:fa:5e:6f:c4:43:15:9e:08:3f:96:4d:69:
d7:fa:f0:55:05:25:14:59:20:43:1d:7f:b3:e8:98:
4a:a4:2c:80:f4:a3:5a:27:08:12:80:ce:c9:84:7d:
f6:ff:38:70:0a:13:7d:83:b3:de:0a:79:2e:e8:de:
c5:33:b4:89:d3:ba:dd:c4:15:06:a0:2e:5a:47:d5:
42:e2:34:1e:00:0f:d9:74:51:ec:51:76:b5:e8:ed:
04:ba:9a:d9:4f:8d:f1:c1:ee:bb:0e:03:5e:c0:a8:
5b:59:ac:28:3f:6b:8a:4a:4d:fb:19:6b:ce:9c:b0:
35:d3:0f:16:7e:f8:c5:65:02:49:3c:79:df:de:84:
dd:01:b7:c3:9d:bf:e2:e0:af:0a:66:c9:be:74:03:
a7:3e:ca:8d:02:76:42:ce:12:eb:d7:a4:7e:ca:69:
2a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:75:3B:D3:E0:EF:00:42:D9:5B:B4:27:99:91:88:44:A8:A2:45:14
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Y3U70-DvAELZW7QnmZGIRKiiRRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:fd:af:e5:c7:c2:00:66:d6:49:cc:f4:b1:d8:dc:8a:0f:4e:
02:d0:60:cd:74:27:59:6f:53:09:20:f2:09:3c:4d:cf:27:4b:
49:b1:fe:6d:95:8a:63:3c:33:be:5f:a8:d9:d5:51:1b:64:93:
d9:48:d8:2e:2d:d2:39:58:bd:f3:e8:70:bd:8c:18:9a:74:33:
73:6a:1c:d5:33:34:2e:25:8e:e0:e5:20:68:1c:56:f1:78:7c:
0f:1f:92:ba:1f:11:38:81:48:d7:3b:fd:c4:4e:85:e0:61:64:
58:a0:97:1d:0d:02:5e:31:27:a3:79:41:e7:ec:fd:82:0e:93:
cd:6c:59:dc:6b:ae:6f:65:ba:b8:84:6b:55:3b:20:32:cb:51:
01:b4:b5:9a:82:1b:76:0b:8a:ae:d7:7d:94:0d:de:c7:4c:85:
8d:96:21:76:5c:e2:40:63:1b:f4:6b:3a:21:a6:43:d3:25:d8:
b5:ae:c4:63:62:5f:40:5a:db:e4:9b:9d:0b:61:72:ae:f6:83:
3a:3e:43:db:34:86:9a:87:d0:d7:fe:b5:9e:64:ee:9d:47:25:
d7:da:23:d1:74:2a:03:a6:7e:3c:03:56:74:95:9a:8d:46:9c:
4d:ab:60:4e:83:ae:8b:aa:f3:9c:33:4d:e5:ab:39:24:f2:2e:
f1:13:17:ee
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpgVtKD3m04R1r+WqLEOHRiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MTMxNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzc1M2JkM2UwZWYwMDQyZDk1YmI0Mjc5OTkxODg0NGE4YTI0NTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7mtLfgSPxiX1nB0RJepRL3/MRHo
Rez1hNpSJVJYKiSToVcL2KfnZMsUJwIhosnFUkgsDVl6Xg/UpqZlsAgeTFMp3KBd
HxX4AWagBE98d/ZysY2jDQlCK7Y3uTf6Xm/EQxWeCD+WTWnX+vBVBSUUWSBDHX+z
6JhKpCyA9KNaJwgSgM7JhH32/zhwChN9g7PeCnku6N7FM7SJ07rdxBUGoC5aR9VC
4jQeAA/ZdFHsUXa16O0EuprZT43xwe67DgNewKhbWawoP2uKSk37GWvOnLA10w8W
fvjFZQJJPHnf3oTdAbfDnb/i4K8KZsm+dAOnPsqNAnZCzhLr16R+ymkqqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGN1O9Pg7wBC2Vu0J5mRiESookUUMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvWTNVNzAtRHZBRUxaVzdRbm1aR0lSS2lpUlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACT9r+XHwgBm1knM9LHY
3IoPTgLQYM10J1lvUwkg8gk8Tc8nS0mx/m2VimM8M75fqNnVURtkk9lI2C4t0jlY
vfPocL2MGJp0M3NqHNUzNC4ljuDlIGgcVvF4fA8fkrofETiBSNc7/cROheBhZFig
lx0NAl4xJ6N5Qefs/YIOk81sWdxrrm9luriEa1U7IDLLUQG0tZqCG3YLiq7XfZQN
3sdMhY2WIXZc4kBjG/RrOiGmQ9Ml2LWuxGNiX0Ba2+SbnQthcq72gzo+Q9s0hpqH
0Nf+tZ5k7p1HJdfaI9F0KgOmfjwDVnSVmo1GnE2rYE6Drouq85wzTeWrOSTyLvET
F+4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org