Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/dUNQXO_CfFLPalMXTCQAgfwyfcg.roa
File: dUNQXO_CfFLPalMXTCQAgfwyfcg.roa (raw, json)
Hash identifier: tZoPy2nZ5RiPggxaJlfdBF6trYyYt601mmZ+Es4vL+M=
Subject key identifier: 75:43:50:5C:EF:C2:7C:52:CF:6A:53:17:4C:24:00:81:FC:32:7D:C8
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A72FF14E1FB3F63507FD04B17AED898FA
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/dUNQXO_CfFLPalMXTCQAgfwyfcg.roa
Signing time: Fri 08 Sep 2023 04:13:54 +0000
ROA not before: Fri 08 Sep 2023 04:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:72:ff:14:e1:fb:3f:63:50:7f:d0:4b:17:ae:d8:98:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 8 04:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7543505cefc27c52cf6a53174c240081fc327dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:23:e4:c8:e2:21:62:03:05:56:29:11:ac:1d:
6f:4c:36:1d:8e:16:7a:99:d4:56:db:bb:18:f0:f7:
dd:86:ba:d2:5f:b0:99:e3:7b:4b:96:e7:15:5b:df:
9d:ae:f0:64:05:27:00:80:11:4e:21:09:fe:69:77:
fe:37:a6:33:e2:71:31:6d:1e:3d:3d:f3:dd:48:18:
bb:14:27:a3:24:86:4d:32:00:d0:17:b7:b8:86:d6:
1e:f6:95:92:df:d4:72:99:84:17:5f:1b:79:46:1a:
35:3c:36:2f:1a:35:d3:25:e9:78:ec:69:62:b0:58:
20:35:50:38:ce:ae:cb:2c:7d:34:52:94:32:dc:06:
92:41:07:b4:73:4c:08:21:89:1c:d8:c5:a1:49:ec:
c5:23:69:26:5b:e2:4e:20:8c:17:a9:60:d3:3d:0d:
d4:9c:b5:2d:28:65:c4:b5:32:7f:95:f5:89:bc:19:
63:fd:ac:58:87:6e:aa:55:0f:1d:7b:ce:ee:ac:2c:
90:9c:b6:a2:a4:f5:2c:6a:b4:3b:94:0b:b5:a4:55:
33:38:97:d0:f8:b3:98:31:b4:6a:f1:7a:47:56:aa:
03:c7:58:92:3e:20:3a:cd:86:67:50:9d:e8:00:78:
5b:bc:27:db:07:a2:d0:36:19:fe:be:05:cc:f9:cd:
04:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:43:50:5C:EF:C2:7C:52:CF:6A:53:17:4C:24:00:81:FC:32:7D:C8
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/dUNQXO_CfFLPalMXTCQAgfwyfcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7a:71:25:3a:48:0c:be:60:6a:4e:4b:40:65:31:d0:b0:0f:85:
83:53:b3:21:4c:3b:17:8c:79:f2:f0:28:d4:c4:fe:74:29:23:
44:af:7d:dc:fa:27:07:60:0b:b4:5f:be:3c:4b:61:fc:71:c6:
de:00:3a:49:46:1f:6b:8e:f4:1c:16:4d:43:43:30:3a:88:77:
83:8a:16:9f:0b:78:17:26:42:4e:3a:09:ff:bd:7e:a8:20:d5:
79:c8:27:43:3e:13:1f:26:bf:06:1d:7f:70:74:b6:df:28:29:
08:ea:73:ce:72:dd:c9:4d:12:20:cf:7b:d5:bc:d7:e9:9f:0b:
f7:7c:96:f0:1a:7f:64:09:54:66:87:2f:14:ba:b4:70:06:32:
c0:09:71:bc:83:0e:99:32:83:7b:86:e6:e5:9e:97:7e:9a:2e:
2a:88:d2:88:05:96:67:27:e5:a6:23:3a:bf:47:65:da:20:96:
47:68:d2:85:56:e8:fb:cc:bc:fc:81:51:9e:ec:42:dc:31:60:
fd:72:00:2e:e1:e8:09:f6:e3:79:65:46:1b:30:7d:f8:24:72:
61:91:e2:f2:ec:2e:e4:a1:d0:8d:00:21:aa:ff:ec:a3:e9:f2:
73:3c:6b:72:a1:ce:e0:32:3c:db:01:e0:09:ee:dd:92:68:01:
20:04:40:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpy/xTh+z9jUH/QSxeu2Jj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA4MDQxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTQzNTA1Y2VmYzI3YzUyY2Y2YTUzMTc0YzI0MDA4MWZjMzI3ZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7iPkyOIhYgMFVikRrB1vTDYdjhZ6
mdRW27sY8PfdhrrSX7CZ43tLlucVW9+drvBkBScAgBFOIQn+aXf+N6Yz4nExbR49
PfPdSBi7FCejJIZNMgDQF7e4htYe9pWS39RymYQXXxt5Rho1PDYvGjXTJel47Gli
sFggNVA4zq7LLH00UpQy3AaSQQe0c0wIIYkc2MWhSezFI2kmW+JOIIwXqWDTPQ3U
nLUtKGXEtTJ/lfWJvBlj/axYh26qVQ8de87urCyQnLaipPUsarQ7lAu1pFUzOJfQ
+LOYMbRq8XpHVqoDx1iSPiA6zYZnUJ3oAHhbvCfbB6LQNhn+vgXM+c0EzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHVDUFzvwnxSz2pTF0wkAIH8Mn3IMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvZFVOUVhPX0NmRkxQYWxNWFRDUUFnZnd5ZmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHpxJTpIDL5gak5LQGUx
0LAPhYNTsyFMOxeMefLwKNTE/nQpI0Svfdz6JwdgC7RfvjxLYfxxxt4AOklGH2uO
9BwWTUNDMDqId4OKFp8LeBcmQk46Cf+9fqgg1XnIJ0M+Ex8mvwYdf3B0tt8oKQjq
c85y3clNEiDPe9W81+mfC/d8lvAaf2QJVGaHLxS6tHAGMsAJcbyDDpkyg3uG5uWe
l36aLiqI0ogFlmcn5aYjOr9HZdoglkdo0oVW6PvMvPyBUZ7sQtwxYP1yAC7h6An2
43llRhswffgkcmGR4vLsLuSh0I0AIar/7KPp8nM8a3KhzuAyPNsB4Anu3ZJoASAE
QDQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org