Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/aX0f0OZm_f3IUiSaCfhr3encjIk.roa
File: aX0f0OZm_f3IUiSaCfhr3encjIk.roa (raw, json)
Hash identifier: /2oWfQM9uqBm+I22fRyb6RAWRjbDGQBYNzaPQWAm5eY=
Subject key identifier: 69:7D:1F:D0:E6:66:FD:FD:C8:52:24:9A:09:F8:6B:DD:E9:DC:8C:89
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A962FCEF3E35AE916C0D2F2043BC12270
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/aX0f0OZm_f3IUiSaCfhr3encjIk.roa
Signing time: Fri 15 Sep 2023 00:13:50 +0000
ROA not before: Fri 15 Sep 2023 00:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:96:2f:ce:f3:e3:5a:e9:16:c0:d2:f2:04:3b:c1:22:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 15 00:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=697d1fd0e666fdfdc852249a09f86bdde9dc8c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0a:4e:b7:1b:e4:e4:aa:79:b5:8a:04:7b:77:
42:52:ca:af:73:84:a6:aa:fd:8d:1b:c9:62:4b:87:
2c:6e:47:f6:de:23:16:12:1e:f3:2b:62:46:f0:3a:
30:7c:90:6c:11:37:53:07:6b:2a:4f:6e:30:12:fd:
ea:a4:da:bd:29:68:db:ba:a5:c4:bc:57:f1:82:45:
10:ca:4f:5a:75:0e:5c:20:f8:91:13:f4:c6:e8:2c:
2f:c4:d1:ef:f3:09:8c:b2:42:a9:9f:d7:b5:84:0c:
c5:7c:27:e5:20:43:3c:70:c2:22:d4:7f:c5:37:73:
6c:fd:08:af:0d:e2:8e:45:8e:6a:94:c4:ab:44:7d:
ac:1d:00:1c:cf:82:8d:b9:10:fa:46:53:86:3a:b8:
79:a7:78:a3:7a:b5:16:5f:c3:f8:b9:ba:08:53:70:
bb:1e:27:ea:5b:41:f3:e0:e1:15:7d:4a:a2:eb:be:
04:55:b0:77:09:29:72:be:4d:be:e6:b0:9a:4e:ab:
a3:83:dd:40:ed:e8:78:07:40:89:54:85:e9:60:60:
4d:04:d5:6e:35:4c:42:81:55:dd:ef:d9:76:f0:bf:
7d:a3:6c:94:39:29:b0:24:83:97:f1:01:70:1e:4a:
15:24:89:00:7f:32:dd:00:ef:d9:2e:65:b7:6c:9b:
0a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:7D:1F:D0:E6:66:FD:FD:C8:52:24:9A:09:F8:6B:DD:E9:DC:8C:89
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/aX0f0OZm_f3IUiSaCfhr3encjIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:35:7e:31:6f:d1:2f:e0:a1:f8:b6:70:60:d5:fa:0a:0c:92:
16:e4:07:37:49:6e:8c:46:5e:22:18:aa:c6:53:06:19:15:b4:
95:54:ba:db:8b:30:3e:74:38:2b:c4:c0:3b:88:f0:85:c6:8c:
b8:9a:98:6e:02:d4:5e:27:08:19:2c:8c:7b:a9:e2:2d:cc:01:
af:2f:a3:bd:8c:b7:c5:f5:24:68:da:a6:8b:16:da:a4:e1:7f:
d7:0b:a3:44:d4:a5:e4:d3:16:3a:1b:c0:5e:e7:e5:d3:0f:15:
2e:37:ec:7a:0f:bf:bd:67:02:76:fe:bc:99:91:a5:fd:4e:27:
c9:d9:d5:b3:e4:98:21:dc:0a:fe:81:e5:1e:1c:0f:2f:dc:86:
d9:79:a4:1e:d3:bd:e1:c1:ef:81:62:a9:a7:da:4b:a4:a0:5f:
e3:c2:d4:ca:32:06:28:37:6b:4a:9c:82:93:d3:ce:15:4b:ed:
6d:1f:aa:8a:14:fa:1f:65:27:95:99:19:46:f7:2d:6d:fd:68:
6d:7e:1d:82:7f:36:e8:94:2c:63:52:3c:26:6f:d5:98:3b:52:
eb:39:30:a9:ff:af:9c:57:3d:8d:2f:9b:21:bf:db:45:54:29:
13:76:06:cc:49:aa:74:0c:16:14:c9:18:93:7e:40:39:87:1d:
73:95:7d:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqWL87z41rpFsDS8gQ7wSJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE1MDAxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTdkMWZkMGU2NjZmZGZkYzg1MjI0OWEwOWY4NmJkZGU5ZGM4Yzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswpOtxvk5Kp5tYoEe3dCUsqvc4Sm
qv2NG8liS4csbkf23iMWEh7zK2JG8DowfJBsETdTB2sqT24wEv3qpNq9KWjbuqXE
vFfxgkUQyk9adQ5cIPiRE/TG6CwvxNHv8wmMskKpn9e1hAzFfCflIEM8cMIi1H/F
N3Ns/QivDeKORY5qlMSrRH2sHQAcz4KNuRD6RlOGOrh5p3ijerUWX8P4uboIU3C7
HifqW0Hz4OEVfUqi674EVbB3CSlyvk2+5rCaTqujg91A7eh4B0CJVIXpYGBNBNVu
NUxCgVXd79l28L99o2yUOSmwJIOX8QFwHkoVJIkAfzLdAO/ZLmW3bJsKKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGl9H9DmZv39yFIkmgn4a93p3IyJMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvYVgwZjBPWm1fZjNJVWlTYUNmaHIzZW5jaklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJQ1fjFv0S/gofi2cGDV
+goMkhbkBzdJboxGXiIYqsZTBhkVtJVUutuLMD50OCvEwDuI8IXGjLiamG4C1F4n
CBksjHup4i3MAa8vo72Mt8X1JGjaposW2qThf9cLo0TUpeTTFjobwF7n5dMPFS43
7HoPv71nAnb+vJmRpf1OJ8nZ1bPkmCHcCv6B5R4cDy/chtl5pB7TveHB74Fiqafa
S6SgX+PC1MoyBig3a0qcgpPTzhVL7W0fqooU+h9lJ5WZGUb3LW39aG1+HYJ/NuiU
LGNSPCZv1Zg7Uus5MKn/r5xXPY0vmyG/20VUKRN2BsxJqnQMFhTJGJN+QDmHHXOV
ffM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org