Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/axUS_26rH8SrJnfMveTAHRRbm6g.roa
File: axUS_26rH8SrJnfMveTAHRRbm6g.roa (raw, json)
Hash identifier: c/ZQ1p+hT5XDpv5gBZ1kJYm3+FcnZhmtGp9E2gwlG1g=
Subject key identifier: 6B:15:12:FF:6E:AB:1F:C4:AB:26:77:CC:BD:E4:C0:1D:14:5B:9B:A8
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6240BDD0B5569084FC84B9BBAFEE927F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/axUS_26rH8SrJnfMveTAHRRbm6g.roa
Signing time: Mon 04 Sep 2023 22:12:04 +0000
ROA not before: Mon 04 Sep 2023 22:12:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:62:40:bd:d0:b5:56:90:84:fc:84:b9:bb:af:ee:92:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 4 22:12:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b1512ff6eab1fc4ab2677ccbde4c01d145b9ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ce:d8:fa:c3:d5:0e:f5:6e:2b:7a:3c:2a:0f:
64:3c:27:20:1e:a2:77:dc:55:b4:26:d4:e7:1c:b4:
ce:11:dc:9f:29:96:a4:67:c2:64:c8:76:db:6e:a7:
9b:d0:af:08:ad:64:7b:8f:71:ad:51:70:a1:1f:82:
55:db:4d:79:23:7a:fb:1f:90:02:1f:56:86:ac:a5:
2e:56:14:38:a8:bd:0c:5e:ae:20:ab:1e:64:4c:b4:
27:2a:5c:46:dd:fc:20:7c:c4:dd:25:72:04:66:26:
f8:26:0a:b6:ca:83:dc:31:14:a5:2d:64:63:46:92:
d0:13:20:1e:69:f0:b3:ef:a1:41:db:db:2f:c3:df:
63:68:ec:8a:ba:d3:cd:d0:2f:b2:11:5f:de:7c:f7:
71:89:43:61:13:e8:b6:32:1e:ef:5c:27:8a:b6:b8:
0b:15:b3:9d:64:02:eb:07:92:0a:f4:5c:2b:ba:0b:
9b:29:82:d2:08:f8:4b:6e:1d:b9:91:97:29:80:59:
d9:e3:b0:1b:60:7d:c5:30:88:57:7d:5b:83:6d:06:
f9:43:b0:c4:30:8c:f3:7a:d4:06:22:8e:c8:c3:8f:
fb:66:f1:5f:07:3e:8c:e4:61:b4:5e:a6:0b:c5:00:
8a:d7:3b:7b:a9:3b:57:17:03:12:62:0e:fe:c8:2b:
9f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:15:12:FF:6E:AB:1F:C4:AB:26:77:CC:BD:E4:C0:1D:14:5B:9B:A8
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/axUS_26rH8SrJnfMveTAHRRbm6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:ed:36:32:3f:27:48:59:22:24:fd:7c:b9:f3:95:b0:94:54:
7f:ab:e5:b3:f5:f9:cd:ee:a8:a3:94:39:bd:ee:cd:53:46:5a:
be:9c:32:43:de:9c:fd:d7:fd:bf:16:09:f7:a6:5f:a2:6e:f4:
66:b7:d6:c6:6a:b4:77:58:c1:9b:f1:bd:9b:4b:8e:98:8c:75:
46:48:66:bc:82:61:72:65:97:52:9f:34:c8:03:1d:ae:f5:0d:
50:25:88:8b:a4:63:0e:02:d4:fb:08:11:f2:f4:41:c6:ed:89:
f1:f0:9f:0f:af:2c:16:be:40:6c:f7:02:54:a7:57:e5:81:5a:
7e:05:64:74:b5:c3:59:47:72:8d:34:c7:f2:d0:27:8e:8a:84:
b6:13:59:89:9a:47:fd:a0:82:6e:e3:c0:65:75:59:3d:75:c9:
13:1c:fb:ca:a1:e1:6b:aa:9d:9d:5e:a9:9b:fb:8b:d0:c4:e5:
97:c7:73:60:3a:2d:d0:2f:24:e8:73:8c:37:93:e5:a5:25:ba:
63:3d:c8:0f:b6:90:7f:2d:ae:ef:39:3f:20:64:3a:d9:68:fe:
71:d5:a6:bd:22:7e:76:9d:77:cd:a6:2e:fe:27:6e:23:74:af:
55:bc:a6:39:ae:69:56:47:9b:b4:55:94:69:b0:af:8d:3e:bf:
28:61:88:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpiQL3QtVaQhPyEubuv7pJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA0MjIxMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjE1MTJmZjZlYWIxZmM0YWIyNjc3Y2NiZGU0YzAxZDE0NWI5YmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis7Y+sPVDvVuK3o8Kg9kPCcgHqJ3
3FW0JtTnHLTOEdyfKZakZ8JkyHbbbqeb0K8IrWR7j3GtUXChH4JV2015I3r7H5AC
H1aGrKUuVhQ4qL0MXq4gqx5kTLQnKlxG3fwgfMTdJXIEZib4Jgq2yoPcMRSlLWRj
RpLQEyAeafCz76FB29svw99jaOyKutPN0C+yEV/efPdxiUNhE+i2Mh7vXCeKtrgL
FbOdZALrB5IK9FwrugubKYLSCPhLbh25kZcpgFnZ47AbYH3FMIhXfVuDbQb5Q7DE
MIzzetQGIo7Iw4/7ZvFfBz6M5GG0XqYLxQCK1zt7qTtXFwMSYg7+yCufjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGsVEv9uqx/EqyZ3zL3kwB0UW5uoMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvYXhVU18yNnJIOFNySm5mTXZlVEFIUlJibTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIHtNjI/J0hZIiT9fLnz
lbCUVH+r5bP1+c3uqKOUOb3uzVNGWr6cMkPenP3X/b8WCfemX6Ju9Ga31sZqtHdY
wZvxvZtLjpiMdUZIZryCYXJll1KfNMgDHa71DVAliIukYw4C1PsIEfL0QcbtifHw
nw+vLBa+QGz3AlSnV+WBWn4FZHS1w1lHco00x/LQJ46KhLYTWYmaR/2ggm7jwGV1
WT11yRMc+8qh4WuqnZ1eqZv7i9DE5ZfHc2A6LdAvJOhzjDeT5aUlumM9yA+2kH8t
ru85PyBkOtlo/nHVpr0ifnadd82mLv4nbiN0r1W8pjmuaVZHm7RVlGmwr40+vyhh
iD8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:17 2025 by rpki-client