Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/fXl4wgLFSmIoDXQnQsK-X_DMjak.roa
File: fXl4wgLFSmIoDXQnQsK-X_DMjak.roa (raw, json)
Hash identifier: BN+z2LkVt33D5wp50TF/m2v0S9Z+mQfLe5koZv1pI3o=
Subject key identifier: 7D:79:78:C2:02:C5:4A:62:28:0D:74:27:42:C2:BE:5F:F0:CC:8D:A9
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A78541B05C70F4257EC7884DDA56704D7
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/fXl4wgLFSmIoDXQnQsK-X_DMjak.roa
Signing time: Sat 09 Sep 2023 05:04:52 +0000
ROA not before: Sat 09 Sep 2023 05:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:7853:bf85/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:78:54:1b:05:c7:0f:42:57:ec:78:84:dd:a5:67:04:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 05:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d7978c202c54a62280d742742c2be5ff0cc8da9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8f:6e:3c:db:64:3c:c8:56:ce:3a:f7:41:e3:
39:de:c4:2c:06:5a:04:be:ec:b5:81:ec:c8:54:5b:
c4:a7:f9:01:99:0f:5d:76:ab:c3:26:fb:df:63:ed:
4d:a4:10:69:b3:7f:da:fe:82:37:9b:f2:0a:f7:14:
d7:7f:0e:0f:38:40:96:67:00:f8:f6:29:1d:3f:c1:
f6:23:9b:1b:a4:e5:81:1c:55:70:2c:27:f4:14:85:
50:43:ee:14:cb:27:b3:47:39:d8:5c:88:ec:68:92:
93:45:0d:77:20:ff:50:76:72:7b:26:6f:e8:ab:e2:
a4:28:78:43:6d:29:81:7e:02:5d:96:b2:e5:fb:2f:
62:42:75:ae:3a:ea:3a:ec:b5:39:5e:2f:ba:2f:9b:
e7:18:f2:55:51:ca:00:f3:f4:d2:2d:17:b7:fa:8c:
91:3c:7e:62:9f:5d:08:8b:77:4a:b6:e1:98:a3:f9:
a6:2a:15:12:13:50:d3:d3:34:6d:a3:1a:35:dd:11:
96:2f:63:72:3c:0c:7d:61:41:09:61:ec:c3:e5:b7:
47:0f:e3:c8:5a:30:a5:e0:d3:0f:e6:71:f3:ff:9f:
08:c3:1b:04:70:bb:88:0c:17:a4:d7:da:3c:ce:4c:
08:52:2c:7e:1d:9f:bb:c6:72:d7:55:6a:b6:1b:1b:
db:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:79:78:C2:02:C5:4A:62:28:0D:74:27:42:C2:BE:5F:F0:CC:8D:A9
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/fXl4wgLFSmIoDXQnQsK-X_DMjak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:62:86:31:25:88:88:8a:55:8b:ad:30:d0:d3:44:c4:cd:64:
59:26:f7:37:68:de:56:4f:69:16:7c:a5:37:aa:4c:23:35:19:
c2:1b:2b:d1:ae:24:65:a7:94:09:55:36:5c:7f:4a:71:ca:96:
f0:4b:72:6c:71:72:1f:b4:b9:5c:06:d8:7e:09:46:1e:1b:d0:
e5:cc:c3:b4:3d:19:17:fb:88:1f:d5:21:ff:d7:e2:d5:d7:92:
d1:97:4d:28:a9:78:2a:4a:bb:89:e6:60:47:7e:5b:2a:aa:44:
58:79:ea:f7:e1:fc:2b:a1:2e:e8:55:c3:43:e1:96:04:de:d6:
fd:b3:61:13:0f:59:2e:e1:27:f9:4f:fb:c1:43:c3:69:00:1d:
5e:bb:f5:a0:36:2b:58:dd:c2:a1:d9:98:06:8f:a1:3e:ed:ff:
66:a1:22:9c:67:53:28:d8:74:07:ea:0f:b3:c2:ff:19:27:6e:
1a:02:53:f7:5b:ab:bc:f1:5e:98:c9:85:b3:e8:0f:03:c6:93:
b6:ea:bd:e1:ad:ed:16:7a:c0:10:4a:88:81:f4:ef:b1:50:31:
8b:b4:a2:6f:c6:7c:b7:b8:0a:30:f3:1e:ba:97:4f:4f:97:be:
8c:df:c2:70:b0:f1:9d:d4:ea:cd:ce:72:e6:18:77:1e:73:5c:
bb:a1:8a:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp4VBsFxw9CV+x4hN2lZwTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MDUwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDc5NzhjMjAyYzU0YTYyMjgwZDc0Mjc0MmMyYmU1ZmYwY2M4ZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI9uPNtkPMhWzjr3QeM53sQsBloE
vuy1gezIVFvEp/kBmQ9ddqvDJvvfY+1NpBBps3/a/oI3m/IK9xTXfw4POECWZwD4
9ikdP8H2I5sbpOWBHFVwLCf0FIVQQ+4UyyezRznYXIjsaJKTRQ13IP9QdnJ7Jm/o
q+KkKHhDbSmBfgJdlrLl+y9iQnWuOuo67LU5Xi+6L5vnGPJVUcoA8/TSLRe3+oyR
PH5in10Ii3dKtuGYo/mmKhUSE1DT0zRtoxo13RGWL2NyPAx9YUEJYezD5bdHD+PI
WjCl4NMP5nHz/58IwxsEcLuIDBek19o8zkwIUix+HZ+7xnLXVWq2GxvbKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH15eMICxUpiKA10J0LCvl/wzI2pMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvZlhsNHdnTEZTbUlvRFhRblFzSy1YX0RNamFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEpihjEliIiKVYutMNDT
RMTNZFkm9zdo3lZPaRZ8pTeqTCM1GcIbK9GuJGWnlAlVNlx/SnHKlvBLcmxxch+0
uVwG2H4JRh4b0OXMw7Q9GRf7iB/VIf/X4tXXktGXTSipeCpKu4nmYEd+WyqqRFh5
6vfh/CuhLuhVw0PhlgTe1v2zYRMPWS7hJ/lP+8FDw2kAHV679aA2K1jdwqHZmAaP
oT7t/2ahIpxnUyjYdAfqD7PC/xknbhoCU/dbq7zxXpjJhbPoDwPGk7bqveGt7RZ6
wBBKiIH077FQMYu0om/GfLe4CjDzHrqXT0+XvozfwnCw8Z3U6s3OcuYYdx5zXLuh
is0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org