Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bjPBB7jSyVlArBGE525YCsDEObU.roa
File: bjPBB7jSyVlArBGE525YCsDEObU.roa (raw, json)
Hash identifier: IiHTfa8Vk7f0r0ZO52edNcRHUG/X6ZF6pVuc39q47cg=
Subject key identifier: 6E:33:C1:07:B8:D2:C9:59:40:AC:11:84:E7:6E:58:0A:C0:C4:39:B5
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A555A6EF57F8BB47D7AC4903AD6A29598
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bjPBB7jSyVlArBGE525YCsDEObU.roa
Signing time: Sat 02 Sep 2023 10:05:04 +0000
ROA not before: Sat 02 Sep 2023 10:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:5559:b888/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:55:5a:6e:f5:7f:8b:b4:7d:7a:c4:90:3a:d6:a2:95:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 10:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e33c107b8d2c95940ac1184e76e580ac0c439b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:28:78:61:ff:ba:57:40:86:0d:88:21:f4:38:
ad:2e:59:f0:57:84:9a:17:09:6f:0c:a4:7e:58:ef:
c9:c5:91:31:ed:1d:5b:a7:b7:fb:99:2e:3f:7e:c7:
ca:b8:86:9b:0d:26:a1:7d:67:1a:12:c0:73:17:84:
a2:bd:f7:87:5a:c8:67:20:cb:42:b0:ba:d8:05:b2:
ef:af:a8:f4:46:29:83:01:54:cc:b8:4e:50:bf:0c:
36:84:38:6e:53:c6:13:58:89:18:4a:6c:45:ff:f8:
bf:0f:05:91:ab:cb:8f:ad:09:e2:19:d1:40:45:03:
e3:c9:ad:69:46:c0:f4:e6:33:7c:64:db:fc:2d:73:
02:4c:f6:18:bc:56:9d:9d:68:bd:7a:6d:13:97:e8:
58:82:62:c8:43:19:2a:08:6e:10:8a:b2:cb:c2:9b:
4e:d1:c6:80:6e:45:fd:e3:11:24:bb:cd:a1:d5:16:
b0:a3:50:8a:b6:08:59:ad:55:e4:aa:aa:52:06:dd:
13:e5:6a:78:5a:7c:33:c5:47:90:f3:40:79:15:ce:
f9:71:5d:0c:c6:2a:22:79:30:ff:e4:ce:cc:75:3b:
e2:48:e4:e5:05:7b:38:bb:4f:db:6c:0c:62:64:6d:
9b:02:b4:94:01:d9:af:0f:5d:eb:48:f5:44:e8:1b:
87:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:33:C1:07:B8:D2:C9:59:40:AC:11:84:E7:6E:58:0A:C0:C4:39:B5
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bjPBB7jSyVlArBGE525YCsDEObU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:eb:59:bc:f2:12:ec:c9:23:02:92:ee:ff:40:64:1c:74:4d:
9a:5d:92:e3:34:ac:77:d6:7d:c8:75:4b:27:ed:be:2e:41:71:
1c:37:64:f7:da:06:1d:d9:ac:0b:8d:39:4f:00:a3:5a:55:64:
a5:14:2e:08:82:4d:b5:ad:f9:97:4c:0b:63:9a:ad:60:5e:45:
08:79:c0:38:e8:e1:91:9b:c4:3c:28:46:4a:0a:73:27:8d:1f:
c6:47:76:4b:f6:70:f9:b1:13:c4:db:05:27:4f:79:50:54:37:
5a:e7:c5:bd:aa:87:40:63:34:14:0e:c1:d5:96:91:bc:f4:73:
1c:16:6f:6a:85:18:5c:43:5c:56:2c:88:b5:2e:ab:dc:7e:3d:
43:da:0c:9b:d3:cd:40:95:b1:f6:b6:6a:3a:50:cb:21:a9:c3:
1a:00:b8:e7:2d:ed:93:a7:20:60:c3:23:a8:20:cf:18:79:ab:
98:cb:5a:e6:8c:fa:ce:dc:76:f9:a0:90:98:e9:56:90:72:7c:
2a:cd:1c:23:ae:fc:ad:1c:91:1d:95:e0:b6:89:92:8b:f3:1b:
bc:41:6c:ed:17:6b:a7:3c:79:3b:a5:b7:47:fa:5d:b9:1c:b1:
a3:6a:5f:60:a1:25:08:75:00:63:cb:a5:12:2e:c6:c3:30:39:
3a:76:e3:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpVWm71f4u0fXrEkDrWopWYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMTAwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTMzYzEwN2I4ZDJjOTU5NDBhYzExODRlNzZlNTgwYWMwYzQzOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSh4Yf+6V0CGDYgh9DitLlnwV4Sa
FwlvDKR+WO/JxZEx7R1bp7f7mS4/fsfKuIabDSahfWcaEsBzF4SivfeHWshnIMtC
sLrYBbLvr6j0RimDAVTMuE5Qvww2hDhuU8YTWIkYSmxF//i/DwWRq8uPrQniGdFA
RQPjya1pRsD05jN8ZNv8LXMCTPYYvFadnWi9em0Tl+hYgmLIQxkqCG4QirLLwptO
0caAbkX94xEku82h1Rawo1CKtghZrVXkqqpSBt0T5Wp4WnwzxUeQ80B5Fc75cV0M
xioieTD/5M7MdTviSOTlBXs4u0/bbAxiZG2bArSUAdmvD13rSPVE6BuHCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG4zwQe40slZQKwRhOduWArAxDm1MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvYmpQQkI3alN5VmxBckJHRTUyNVlDc0RFT2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE7rWbzyEuzJIwKS7v9A
ZBx0TZpdkuM0rHfWfch1Syftvi5BcRw3ZPfaBh3ZrAuNOU8Ao1pVZKUULgiCTbWt
+ZdMC2OarWBeRQh5wDjo4ZGbxDwoRkoKcyeNH8ZHdkv2cPmxE8TbBSdPeVBUN1rn
xb2qh0BjNBQOwdWWkbz0cxwWb2qFGFxDXFYsiLUuq9x+PUPaDJvTzUCVsfa2ajpQ
yyGpwxoAuOct7ZOnIGDDI6ggzxh5q5jLWuaM+s7cdvmgkJjpVpByfCrNHCOu/K0c
kR2V4LaJkovzG7xBbO0Xa6c8eTult0f6XbkcsaNqX2ChJQh1AGPLpRIuxsMwOTp2
47w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org