Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/dNKC4WPByNVG0BON7fHHwAt-uJU.roa
File: dNKC4WPByNVG0BON7fHHwAt-uJU.roa (raw, json)
Hash identifier: cb6x/sKBvqSD8aPZ9YNDBFnOOUyfM8JudWC28uMF4a0=
Subject key identifier: 74:D2:82:E1:63:C1:C8:D5:46:D0:13:8D:ED:F1:C7:C0:0B:7E:B8:95
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9EC6E7A3DBC51C9E883E613995EBDBDC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/dNKC4WPByNVG0BON7fHHwAt-uJU.roa
Signing time: Sat 16 Sep 2023 16:15:50 +0000
ROA not before: Sat 16 Sep 2023 16:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9e:c6:e7:a3:db:c5:1c:9e:88:3e:61:39:95:eb:db:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 16 16:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74d282e163c1c8d546d0138dedf1c7c00b7eb895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d9:91:2e:7b:36:ff:87:85:78:6b:72:15:2b:
a2:f6:6a:5b:a5:62:16:04:06:05:3d:0c:a9:72:50:
4a:80:47:7f:cf:e6:e4:e8:93:2e:9b:81:15:f8:7b:
41:1b:52:0e:d6:e2:9f:3d:25:d2:87:9c:69:23:5d:
e0:e3:10:22:93:95:df:ed:94:47:87:b5:75:48:7f:
ed:bb:11:63:ab:75:7b:d3:98:76:72:39:45:9c:d6:
7d:57:bf:2f:73:64:f2:a9:91:04:ac:2b:db:ba:76:
bd:12:f5:3b:e3:3b:31:17:27:67:17:a1:4e:eb:f4:
cc:dc:cc:ae:04:60:e4:19:b5:eb:f8:4e:36:34:57:
1f:ee:d9:e2:ff:fb:e5:c2:16:b4:4c:38:2b:80:b1:
a3:d8:b5:90:eb:d4:7c:f7:93:72:e0:92:7e:ec:9e:
c3:5b:04:47:3c:d6:67:55:21:d2:d1:64:bb:06:06:
21:dc:4c:b6:10:a6:91:d7:c0:99:f0:c1:39:95:8d:
bd:f7:17:1b:5b:15:9e:c1:80:9b:b4:63:f1:96:a4:
77:97:93:1d:c3:2c:b2:2c:d6:5c:2a:9b:50:50:e4:
5c:ba:f0:bb:3e:09:74:16:a1:2d:60:12:de:8a:99:
85:c2:55:5d:bc:fc:25:f5:01:bd:7f:6a:fb:b7:f1:
a0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:D2:82:E1:63:C1:C8:D5:46:D0:13:8D:ED:F1:C7:C0:0B:7E:B8:95
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/dNKC4WPByNVG0BON7fHHwAt-uJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:bf:30:a8:f0:b1:02:f0:fd:f5:fa:5d:7d:f8:c4:29:10:df:
4a:02:7c:ae:db:5f:bd:14:37:61:2f:ec:42:ab:4b:2c:e9:57:
4c:2d:b3:de:28:77:c1:9c:e4:15:f8:1d:a6:aa:7c:c9:a5:1d:
92:9f:9c:53:ba:b3:45:20:ca:93:62:21:53:21:cf:0b:6d:fb:
35:fc:c6:52:35:d4:28:4a:73:9e:c6:43:b1:87:67:92:cf:2f:
39:c0:35:34:90:f2:85:0a:dd:d4:38:06:ea:fc:b9:2f:12:11:
52:ac:0b:70:58:19:60:49:54:d6:6b:39:04:d5:20:59:49:b4:
18:88:d1:87:97:5e:b8:3c:51:d8:11:8a:be:2e:ea:12:19:3e:
7e:e7:c7:43:21:82:83:35:4e:c5:b6:8b:ea:37:3c:c2:7f:16:
9e:26:3b:57:11:19:1a:d6:b6:b4:c2:3f:5f:d8:99:b9:63:88:
5d:d3:cc:ee:bb:a9:25:88:70:35:f3:d4:51:19:23:67:23:41:
2c:42:16:46:8d:6d:53:4e:2b:66:bb:2b:4b:4b:ff:46:a8:01:
ed:81:ef:7e:ae:64:01:f5:a7:a0:b1:da:6c:7a:7c:ec:33:c1:
5a:34:12:14:45:a5:29:30:4e:d5:86:76:eb:5f:9f:30:b2:dd:
f4:72:92:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqexuej28Ucnog+YTmV69vcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE2MTYxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGQyODJlMTYzYzFjOGQ1NDZkMDEzOGRlZGYxYzdjMDBiN2ViODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29mRLns2/4eFeGtyFSui9mpbpWIW
BAYFPQypclBKgEd/z+bk6JMum4EV+HtBG1IO1uKfPSXSh5xpI13g4xAik5Xf7ZRH
h7V1SH/tuxFjq3V705h2cjlFnNZ9V78vc2TyqZEErCvbuna9EvU74zsxFydnF6FO
6/TM3MyuBGDkGbXr+E42NFcf7tni//vlwha0TDgrgLGj2LWQ69R895Ny4JJ+7J7D
WwRHPNZnVSHS0WS7BgYh3Ey2EKaR18CZ8ME5lY299xcbWxWewYCbtGPxlqR3l5Md
wyyyLNZcKptQUORcuvC7Pgl0FqEtYBLeipmFwlVdvPwl9QG9f2r7t/GgawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHTSguFjwcjVRtATje3xx8ALfriVMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvZE5LQzRXUEJ5TlZHMEJPTjdmSEh3QXQtdUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADu/MKjwsQLw/fX6XX34
xCkQ30oCfK7bX70UN2Ev7EKrSyzpV0wts94od8Gc5BX4HaaqfMmlHZKfnFO6s0Ug
ypNiIVMhzwtt+zX8xlI11ChKc57GQ7GHZ5LPLznANTSQ8oUK3dQ4Bur8uS8SEVKs
C3BYGWBJVNZrOQTVIFlJtBiI0YeXXrg8UdgRir4u6hIZPn7nx0MhgoM1TsW2i+o3
PMJ/Fp4mO1cRGRrWtrTCP1/YmbljiF3TzO67qSWIcDXz1FEZI2cjQSxCFkaNbVNO
K2a7K0tL/0aoAe2B736uZAH1p6Cx2mx6fOwzwVo0EhRFpSkwTtWGdutfnzCy3fRy
km0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org