Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/gPBxNWDtts0XPAlAH8tPifnl4qQ.roa
File: gPBxNWDtts0XPAlAH8tPifnl4qQ.roa (raw, json)
Hash identifier: /oOzzvEdz14Oh8NdgYUYXjU2+LofsRe0dPpUfXkaYKQ=
Subject key identifier: 80:F0:71:35:60:ED:B6:CD:17:3C:09:40:1F:CB:4F:89:F9:E5:E2:A4
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5308FFEF3579E815451EC0144FE3BBCB
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/gPBxNWDtts0XPAlAH8tPifnl4qQ.roa
Signing time: Fri 01 Sep 2023 23:16:53 +0000
ROA not before: Fri 01 Sep 2023 23:16:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:53:08:ff:ef:35:79:e8:15:45:1e:c0:14:4f:e3:bb:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 23:16:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80f0713560edb6cd173c09401fcb4f89f9e5e2a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e2:17:7a:68:f5:68:c6:5c:eb:fa:9a:b1:06:
72:aa:56:46:5c:56:4d:87:67:ba:f3:ca:98:9a:41:
66:25:20:61:72:94:32:07:50:ea:af:f3:9f:99:4f:
18:6b:ed:95:a4:21:87:ed:71:e0:55:ac:75:2f:d8:
14:d4:cf:44:d4:0f:49:6d:dd:9e:27:62:64:9d:5c:
76:d3:03:13:f3:63:75:5a:0c:d6:43:83:62:3a:49:
a6:b7:b2:98:19:52:4d:e8:09:91:29:d6:55:0f:9f:
15:d8:aa:e2:41:f5:c1:18:55:52:e3:f8:6d:96:c8:
3d:61:4c:c6:70:82:e0:b2:ce:3c:52:ef:c0:49:14:
9c:b2:a3:e2:11:07:24:af:f7:ae:c7:58:6b:70:a7:
86:74:46:b9:46:44:17:a1:81:f6:3d:62:88:0f:0c:
38:d5:8f:1d:64:cf:9d:ec:aa:02:69:f8:bb:f3:4f:
7d:00:09:cd:87:0b:66:2e:27:15:84:2d:a3:65:1f:
75:8d:2d:9a:6b:7c:e2:1d:cd:eb:fe:26:1c:8d:61:
74:51:8c:a9:f4:62:41:e3:ce:58:eb:d7:9f:33:dd:
8b:fd:15:98:b9:b1:e7:0f:d4:7c:00:8b:59:bd:c0:
5e:45:e8:76:9a:a4:70:34:91:91:79:b9:44:08:01:
86:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:F0:71:35:60:ED:B6:CD:17:3C:09:40:1F:CB:4F:89:F9:E5:E2:A4
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/gPBxNWDtts0XPAlAH8tPifnl4qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:14:0c:f8:dd:fc:ca:06:c0:1f:2f:b7:37:7b:33:5d:dd:64:
cb:3e:47:9e:83:8d:95:60:bd:f3:b5:ef:1a:d0:0c:c1:f2:ca:
df:74:1b:45:54:9f:93:65:52:50:50:4f:68:8b:b8:04:ac:fc:
d4:8c:b7:b6:05:4b:73:93:a7:85:ee:5d:b7:a6:07:af:b5:7e:
a2:37:5e:dd:7b:56:f1:5e:03:16:04:d7:fa:01:54:f3:b3:46:
1a:18:58:55:e6:7b:3f:df:5d:6e:c5:6b:84:28:ec:2d:97:cd:
36:a4:c4:9f:6b:a2:fb:79:ab:20:84:6c:74:15:6f:dc:8c:79:
87:99:f6:22:2a:41:93:12:0e:51:b4:d5:a7:cc:0d:01:09:0c:
4b:38:80:85:d5:c1:0b:7c:5a:86:b4:01:5f:b0:06:7e:6e:55:
5d:48:59:f9:7f:41:ff:3e:6c:04:b7:e8:31:6a:12:b8:8c:22:
4a:db:f5:88:b9:6a:46:ba:cc:4b:c5:dd:95:48:7f:4a:60:aa:
83:34:94:1d:24:c9:c2:32:cf:36:94:d6:12:18:ba:23:74:9a:
9b:52:63:3c:3e:ee:b1:23:a4:c4:3e:05:22:d9:22:7e:2d:29:
36:9d:9e:44:98:1e:90:17:2e:8c:24:be:a9:ba:f3:c2:48:8e:
5a:e0:2d:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpTCP/vNXnoFUUewBRP47vLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMjMxNjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGYwNzEzNTYwZWRiNmNkMTczYzA5NDAxZmNiNGY4OWY5ZTVlMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOIXemj1aMZc6/qasQZyqlZGXFZN
h2e688qYmkFmJSBhcpQyB1Dqr/OfmU8Ya+2VpCGH7XHgVax1L9gU1M9E1A9Jbd2e
J2JknVx20wMT82N1WgzWQ4NiOkmmt7KYGVJN6AmRKdZVD58V2KriQfXBGFVS4/ht
lsg9YUzGcILgss48Uu/ASRScsqPiEQckr/eux1hrcKeGdEa5RkQXoYH2PWKIDww4
1Y8dZM+d7KoCafi78099AAnNhwtmLicVhC2jZR91jS2aa3ziHc3r/iYcjWF0UYyp
9GJB485Y69efM92L/RWYubHnD9R8AItZvcBeReh2mqRwNJGReblECAGG+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIDwcTVg7bbNFzwJQB/LT4n55eKkMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvZ1BCeE5XRHR0czBYUEFsQUg4dFBpZm5sNHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADcUDPjd/MoGwB8vtzd7
M13dZMs+R56DjZVgvfO17xrQDMHyyt90G0VUn5NlUlBQT2iLuASs/NSMt7YFS3OT
p4XuXbemB6+1fqI3Xt17VvFeAxYE1/oBVPOzRhoYWFXmez/fXW7Fa4Qo7C2XzTak
xJ9rovt5qyCEbHQVb9yMeYeZ9iIqQZMSDlG01afMDQEJDEs4gIXVwQt8Woa0AV+w
Bn5uVV1IWfl/Qf8+bAS36DFqEriMIkrb9Yi5aka6zEvF3ZVIf0pgqoM0lB0kycIy
zzaU1hIYuiN0mptSYzw+7rEjpMQ+BSLZIn4tKTadnkSYHpAXLowkvqm688JIjlrg
Ldk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org