Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/aqnYWEi7DAdtcre-Ylg8qTAL8rM.roa
File: aqnYWEi7DAdtcre-Ylg8qTAL8rM.roa (raw, json)
Hash identifier: 5YYfHAFlmPfnA8TgvBgoOFc6RZcFKqHKLrlwN/4Y4dY=
Subject key identifier: 6A:A9:D8:58:48:BB:0C:07:6D:72:B7:BE:62:58:3C:A9:30:0B:F2:B3
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A694FBC58182A275F3F5629652B260F34
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/aqnYWEi7DAdtcre-Ylg8qTAL8rM.roa
Signing time: Wed 06 Sep 2023 07:05:47 +0000
ROA not before: Wed 06 Sep 2023 07:05:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:694e:d5ab/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:4f:bc:58:18:2a:27:5f:3f:56:29:65:2b:26:0f:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 07:05:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa9d85848bb0c076d72b7be62583ca9300bf2b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:df:0f:53:fa:98:89:65:6f:9c:b3:4d:86:d1:
e9:57:e4:90:b8:23:fc:19:cd:82:86:d1:67:f7:f5:
d8:b1:a0:6d:26:c8:92:aa:bb:74:1c:31:a1:37:2e:
f7:5e:b3:b6:f9:f3:d4:2b:54:6f:e0:33:37:25:63:
bb:03:c2:ee:72:ec:ad:2a:80:6a:99:02:4d:d5:d7:
3c:45:e5:e1:9a:5d:0d:d6:01:f4:ae:5a:8b:a9:c0:
c7:13:20:ff:65:43:6f:92:31:86:bb:74:d9:26:82:
46:28:c3:3e:71:4f:ea:78:ab:32:8b:ae:d9:e2:a4:
5f:ce:ea:a3:df:60:c2:95:63:06:3d:ea:bd:6a:93:
3c:87:e8:88:7f:b9:a3:9b:61:8b:4a:e5:b2:39:dc:
9a:b3:3f:51:87:2b:a8:51:18:f6:55:2d:a8:ba:2e:
b5:7a:cb:51:08:4d:7c:ba:71:cd:50:72:f9:ef:e3:
04:83:84:31:f3:60:5d:b4:8e:fa:2f:fe:41:b1:0a:
43:75:e5:ef:2e:f1:74:b3:6d:4d:71:8d:d5:af:e8:
b7:1e:f4:cd:3b:3a:ea:d9:ba:4c:42:bc:92:ad:1c:
88:22:fb:0a:c8:97:ef:c4:c2:98:2e:04:23:f6:a0:
fa:16:cf:06:3d:7e:ed:5e:e6:15:bf:ff:ab:83:f8:
50:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A9:D8:58:48:BB:0C:07:6D:72:B7:BE:62:58:3C:A9:30:0B:F2:B3
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/aqnYWEi7DAdtcre-Ylg8qTAL8rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:1c:a2:27:a5:f0:43:a9:1e:12:9a:ca:65:c6:99:14:a6:3f:
fd:65:ae:9d:c9:f6:4c:93:1e:f6:42:d1:23:8e:7a:0a:39:22:
f9:c6:35:71:0f:20:b6:bc:e5:c4:78:34:38:42:77:c4:a4:a4:
45:62:9b:37:46:d3:32:7d:b3:5b:9a:e8:a2:c7:76:8d:e2:97:
56:d9:2d:5f:eb:86:e5:41:64:63:b0:0c:5f:7f:0d:e7:8d:52:
56:9c:a3:84:1c:00:74:e6:f3:be:ae:94:6a:4e:1a:ab:db:05:
f2:8d:3d:eb:93:06:20:f0:21:0e:54:88:ee:01:ca:4a:00:a2:
7e:10:bb:3f:39:70:31:c0:a2:62:27:c4:03:7e:0c:8a:b3:28:
e8:23:b3:09:ed:c3:a8:f6:f0:8c:62:94:ff:6c:d6:b7:8e:e0:
9c:0c:6c:30:79:5a:6c:e2:eb:89:73:6e:64:b7:70:46:5d:23:
1e:e0:fa:38:3f:f8:1d:75:e0:c8:fa:a7:83:56:2c:91:9b:0e:
d9:58:c4:e5:8b:49:42:17:0b:0e:3c:de:f4:20:00:aa:9c:35:
53:6d:c6:ae:bb:cc:c3:bd:94:41:aa:af:a0:a1:9a:77:01:c3:
e1:b9:69:c5:ff:ac:64:1e:e8:d5:97:1f:2c:30:e6:37:65:74:
b9:b1:5c:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYppT7xYGConXz9WKWUrJg80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MDcwNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE5ZDg1ODQ4YmIwYzA3NmQ3MmI3YmU2MjU4M2NhOTMwMGJmMmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld8PU/qYiWVvnLNNhtHpV+SQuCP8
Gc2ChtFn9/XYsaBtJsiSqrt0HDGhNy73XrO2+fPUK1Rv4DM3JWO7A8LucuytKoBq
mQJN1dc8ReXhml0N1gH0rlqLqcDHEyD/ZUNvkjGGu3TZJoJGKMM+cU/qeKsyi67Z
4qRfzuqj32DClWMGPeq9apM8h+iIf7mjm2GLSuWyOdyasz9RhyuoURj2VS2oui61
estRCE18unHNUHL57+MEg4Qx82BdtI76L/5BsQpDdeXvLvF0s21NcY3Vr+i3HvTN
Ozrq2bpMQrySrRyIIvsKyJfvxMKYLgQj9qD6Fs8GPX7tXuYVv/+rg/hQewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGqp2FhIuwwHbXK3vmJYPKkwC/KzMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvYXFuWVdFaTdEQWR0Y3JlLVlsZzhxVEFMOHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADQcoiel8EOpHhKaymXG
mRSmP/1lrp3J9kyTHvZC0SOOego5IvnGNXEPILa85cR4NDhCd8SkpEVimzdG0zJ9
s1ua6KLHdo3il1bZLV/rhuVBZGOwDF9/DeeNUlaco4QcAHTm876ulGpOGqvbBfKN
PeuTBiDwIQ5UiO4BykoAon4Quz85cDHAomInxAN+DIqzKOgjswntw6j28IxilP9s
1reO4JwMbDB5Wmzi64lzbmS3cEZdIx7g+jg/+B114Mj6p4NWLJGbDtlYxOWLSUIX
Cw483vQgAKqcNVNtxq67zMO9lEGqr6ChmncBw+G5acX/rGQe6NWXHyww5jdldLmx
XGo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org