Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ZGhVlz--DU3SwnDMq-qETsZ9zqs.roa
File: ZGhVlz--DU3SwnDMq-qETsZ9zqs.roa (raw, json)
Hash identifier: bknvzKBxb/W638NIEjG7XTTWipJ6K6ydoTAa+FAE/yg=
Subject key identifier: 64:68:55:97:3F:BE:0D:4D:D2:C2:70:CC:AB:EA:84:4E:C6:7D:CE:AB
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4AA1AEDFF3D9C37C49D12F3F92D1D7FC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ZGhVlz--DU3SwnDMq-qETsZ9zqs.roa
Signing time: Thu 31 Aug 2023 08:07:04 +0000
ROA not before: Thu 31 Aug 2023 08:07:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:4aa1:2fa7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:a1:ae:df:f3:d9:c3:7c:49:d1:2f:3f:92:d1:d7:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 08:07:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=646855973fbe0d4dd2c270ccabea844ec67dceab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:73:d0:97:b8:a6:5e:f4:85:c2:a2:cc:c9:10:
29:7a:e9:5c:47:51:a5:a9:25:56:f7:55:ab:2f:9f:
b3:b1:04:b6:72:5a:c2:91:7a:c5:9d:af:df:a7:71:
6e:da:be:19:99:98:64:86:9f:a5:e2:9a:74:f9:e5:
f8:23:29:af:8f:f4:19:7b:84:7e:ed:a0:ff:98:7c:
c6:34:f3:55:54:e6:d7:35:ca:6b:db:c6:09:f8:9b:
de:ac:9b:47:8e:b2:5c:56:79:31:6f:41:e2:b0:67:
51:83:a1:7f:c8:ef:6e:80:bc:93:49:1e:32:79:a3:
57:97:4c:07:b1:91:e5:bf:51:37:47:4a:15:86:5d:
97:07:e1:3a:71:7c:1b:50:72:13:15:96:cd:bd:5d:
56:13:57:4f:c5:e5:1b:cd:aa:11:c1:28:93:ff:5a:
fa:7c:6d:0c:0d:00:c1:d9:5a:e4:cb:66:80:3d:b4:
da:29:8a:20:5d:7f:2d:af:5e:3b:a7:fb:ec:b5:9a:
4a:15:c5:ee:c9:2b:36:a8:51:71:a4:d8:3c:c9:6f:
0f:fe:0f:dd:d0:3c:18:92:be:48:e8:b7:85:63:75:
7d:de:3c:2b:ff:3a:2d:36:1c:8f:ee:6f:64:94:c7:
ef:77:42:54:cd:ca:b4:19:c4:57:0d:71:30:b4:c6:
8b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:68:55:97:3F:BE:0D:4D:D2:C2:70:CC:AB:EA:84:4E:C6:7D:CE:AB
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ZGhVlz--DU3SwnDMq-qETsZ9zqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:c4:a4:45:2a:0f:a3:b5:73:8f:dc:d0:01:5d:b0:4d:46:7a:
db:95:ad:e6:55:a0:ad:ec:02:ee:0d:f3:ec:c6:1b:e2:1d:d1:
7d:91:5a:bb:ed:9b:d5:86:c1:b2:8a:99:98:84:11:2c:7b:bb:
14:4e:5f:0c:55:04:6d:8f:79:a0:81:68:05:1d:88:e6:21:f5:
40:3a:26:7d:8b:c3:34:f8:e2:84:ba:07:19:bb:3d:b4:b0:c3:
91:2a:ec:03:90:98:3b:ce:2c:a4:54:f9:a1:5b:e1:2a:d7:dc:
14:61:9b:dc:41:26:1f:e4:58:f9:95:fc:c2:9f:98:5d:30:84:
2a:51:ce:88:fb:19:ef:dd:1d:34:69:33:5e:55:6a:45:f9:3c:
aa:72:e9:73:5b:12:39:54:1b:b7:d6:bf:b1:23:a1:bb:45:50:
5b:14:d2:e0:aa:80:9c:e0:c9:6a:fe:35:04:3e:cd:cc:ec:47:
be:3a:bd:02:51:dc:0f:68:54:60:0b:cd:b7:fa:ee:c2:26:32:
de:74:cb:8d:0b:73:2c:37:8c:01:3a:aa:0f:6c:90:b4:ce:87:
75:db:75:77:e9:2d:b4:e0:55:cc:90:3d:0c:d9:6d:74:63:a9:
57:c6:68:ad:12:1b:2d:c2:d4:65:e7:5d:35:cb:e7:79:4c:12:
f3:24:28:f7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpKoa7f89nDfEnRLz+S0df8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMDgwNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDY4NTU5NzNmYmUwZDRkZDJjMjcwY2NhYmVhODQ0ZWM2N2RjZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXPQl7imXvSFwqLMyRApeulcR1Gl
qSVW91WrL5+zsQS2clrCkXrFna/fp3Fu2r4ZmZhkhp+l4pp0+eX4Iymvj/QZe4R+
7aD/mHzGNPNVVObXNcpr28YJ+JverJtHjrJcVnkxb0HisGdRg6F/yO9ugLyTSR4y
eaNXl0wHsZHlv1E3R0oVhl2XB+E6cXwbUHITFZbNvV1WE1dPxeUbzaoRwSiT/1r6
fG0MDQDB2Vrky2aAPbTaKYogXX8tr147p/vstZpKFcXuySs2qFFxpNg8yW8P/g/d
0DwYkr5I6LeFY3V93jwr/zotNhyP7m9klMfvd0JUzcq0GcRXDXEwtMaL8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGRoVZc/vg1N0sJwzKvqhE7Gfc6rMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvWkdoVmx6LS1EVTNTd25ETXEtcUVUc1o5enFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGrEpEUqD6O1c4/c0AFd
sE1GetuVreZVoK3sAu4N8+zGG+Id0X2RWrvtm9WGwbKKmZiEESx7uxROXwxVBG2P
eaCBaAUdiOYh9UA6Jn2LwzT44oS6Bxm7PbSww5Eq7AOQmDvOLKRU+aFb4SrX3BRh
m9xBJh/kWPmV/MKfmF0whCpRzoj7Ge/dHTRpM15VakX5PKpy6XNbEjlUG7fWv7Ej
obtFUFsU0uCqgJzgyWr+NQQ+zczsR746vQJR3A9oVGALzbf67sImMt50y40Lcyw3
jAE6qg9skLTOh3XbdXfpLbTgVcyQPQzZbXRjqVfGaK0SGy3C1GXnXTXL53lMEvMk
KPc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org