Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/_bn34N4tj1jRqvPaAb444um6wro.roa
File: _bn34N4tj1jRqvPaAb444um6wro.roa (raw, json)
Hash identifier: mdX21FQZ6Vt9kbqQM6bFl9M7YNSMwHMDgrRAcbdMcpw=
Subject key identifier: FD:B9:F7:E0:DE:2D:8F:58:D1:AA:F3:DA:01:BE:38:E2:E9:BA:C2:BA
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A620E31FE98212CE6F8BF22E0098DB4F4
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/_bn34N4tj1jRqvPaAb444um6wro.roa
Signing time: Mon 04 Sep 2023 21:16:51 +0000
ROA not before: Mon 04 Sep 2023 21:16:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:62:0e:31:fe:98:21:2c:e6:f8:bf:22:e0:09:8d:b4:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 21:16:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdb9f7e0de2d8f58d1aaf3da01be38e2e9bac2ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:81:92:98:1e:0c:cb:44:f8:de:8c:be:3a:74:
cf:a3:d9:2f:f2:35:b2:65:37:55:0d:ec:bc:31:f7:
3e:05:cd:71:3b:fa:c8:9a:9b:fa:7c:60:65:09:da:
7f:6e:19:d2:10:c6:27:ec:7d:0f:17:13:ed:da:3f:
25:e5:63:ff:86:bb:c6:b8:61:c4:67:5a:08:92:33:
bf:b0:02:18:85:89:88:b5:b3:ce:9e:d0:41:cc:48:
8d:3f:1b:4a:55:9d:ce:9e:a9:91:cd:f0:f3:17:89:
fe:62:fe:57:87:f0:6e:03:d6:cb:be:e3:e3:61:60:
e4:c2:a1:35:e3:5a:a4:40:df:e2:d7:b6:69:cf:f7:
21:9a:65:0d:0f:dd:41:4f:7c:e8:66:bb:c2:ef:55:
58:e9:75:34:cd:7e:00:cf:2d:14:a7:c1:dc:21:1f:
10:24:4a:8b:c7:33:e9:d9:76:4e:cd:3a:8f:0f:27:
e2:b2:77:41:c6:b0:80:a7:fd:66:fa:94:ce:93:0e:
9f:8b:0f:a1:06:21:13:02:5e:bc:f7:0a:65:ed:15:
ec:99:6f:22:65:a8:4f:74:82:8f:e0:f4:5b:ef:42:
5c:50:24:8d:24:c9:01:c8:72:c7:ce:06:ee:78:72:
cd:6c:ca:8c:34:f4:3f:b8:d7:55:c4:68:90:ee:cb:
62:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B9:F7:E0:DE:2D:8F:58:D1:AA:F3:DA:01:BE:38:E2:E9:BA:C2:BA
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/_bn34N4tj1jRqvPaAb444um6wro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:c8:b5:14:ee:28:a8:f2:ad:09:32:2e:84:95:39:51:fd:2a:
60:bd:0f:6a:b7:dc:28:33:1f:91:52:b0:1c:2e:70:bd:14:c8:
e8:5c:2a:ef:8b:76:98:0f:52:5e:14:a2:e2:5f:7b:b8:9c:c8:
bf:9d:8c:e5:a6:09:82:c5:5f:2a:40:5b:67:8e:69:8b:ba:4d:
f9:2b:7c:ea:c6:41:23:0c:54:d4:ba:01:fb:15:67:ac:d8:06:
89:c3:8e:d7:c8:8f:b7:3c:7b:6d:ff:ea:45:6a:be:55:28:e4:
f8:b5:b5:70:c1:c6:f3:ab:59:09:71:f2:00:12:4d:6b:49:b2:
40:91:67:1e:5b:18:ee:7d:6e:f6:07:2f:d6:1a:da:73:2a:ed:
7e:d9:fd:a6:a1:cf:4c:2b:b8:72:02:bf:aa:e9:1e:22:9e:90:
57:53:3c:f9:1a:cc:51:9f:ec:81:3b:dd:e9:e8:f9:f4:be:1b:
14:ad:77:00:92:6d:64:08:9e:26:8c:42:71:ab:6c:b1:ee:bb:
3b:1b:13:d1:10:4a:80:e3:63:fa:c3:56:50:ce:4c:bd:8d:6e:
57:8e:ba:ea:4e:a4:36:3a:7a:6c:1f:d4:ed:f2:bc:08:fc:9b:
d8:49:f8:97:af:50:11:d9:8f:86:06:da:44:0d:14:56:d1:a9:
d4:26:37:9c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpiDjH+mCEs5vi/IuAJjbT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MjExNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGI5ZjdlMGRlMmQ4ZjU4ZDFhYWYzZGEwMWJlMzhlMmU5YmFjMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIGSmB4My0T43oy+OnTPo9kv8jWy
ZTdVDey8Mfc+Bc1xO/rImpv6fGBlCdp/bhnSEMYn7H0PFxPt2j8l5WP/hrvGuGHE
Z1oIkjO/sAIYhYmItbPOntBBzEiNPxtKVZ3OnqmRzfDzF4n+Yv5Xh/BuA9bLvuPj
YWDkwqE141qkQN/i17Zpz/chmmUND91BT3zoZrvC71VY6XU0zX4Azy0Up8HcIR8Q
JEqLxzPp2XZOzTqPDyfisndBxrCAp/1m+pTOkw6fiw+hBiETAl689wpl7RXsmW8i
ZahPdIKP4PRb70JcUCSNJMkByHLHzgbueHLNbMqMNPQ/uNdVxGiQ7stiHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP259+DeLY9Y0arz2gG+OOLpusK6MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvX2JuMzRONHRqMWpScXZQYUFiNDQ0dW02d3JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI3ItRTuKKjyrQkyLoSV
OVH9KmC9D2q33CgzH5FSsBwucL0UyOhcKu+LdpgPUl4UouJfe7icyL+djOWmCYLF
XypAW2eOaYu6TfkrfOrGQSMMVNS6AfsVZ6zYBonDjtfIj7c8e23/6kVqvlUo5Pi1
tXDBxvOrWQlx8gASTWtJskCRZx5bGO59bvYHL9Ya2nMq7X7Z/aahz0wruHICv6rp
HiKekFdTPPkazFGf7IE73eno+fS+GxStdwCSbWQIniaMQnGrbLHuuzsbE9EQSoDj
Y/rDVlDOTL2NbleOuupOpDY6emwf1O3yvAj8m9hJ+JevUBHZj4YG2kQNFFbRqdQm
N5w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org