Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hKyxSEG3mvKCnRhNOMxXpxyBD8k.roa
File: hKyxSEG3mvKCnRhNOMxXpxyBD8k.roa (raw, json)
Hash identifier: CZ8/aqIOey0Mw5udEyAmSFuAAWULjCJnj33uq5pY+NQ=
Subject key identifier: 84:AC:B1:48:41:B7:9A:F2:82:9D:18:4D:38:CC:57:A7:1C:81:0F:C9
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8873441C367889391008A67C5CEEE4CB
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hKyxSEG3mvKCnRhNOMxXpxyBD8k.roa
Signing time: Tue 12 Sep 2023 08:12:50 +0000
ROA not before: Tue 12 Sep 2023 08:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:88:73:44:1c:36:78:89:39:10:08:a6:7c:5c:ee:e4:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 12 08:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84acb14841b79af2829d184d38cc57a71c810fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1d:53:0c:80:f4:cd:d5:52:e9:58:5b:8e:e5:
72:09:94:f5:ec:0e:28:7a:d9:c0:91:11:35:28:0f:
f2:c2:bc:50:80:87:10:17:45:8c:ee:fd:6c:a5:bd:
42:4e:bd:60:4c:43:ba:e6:43:0a:b7:2d:2b:12:ab:
79:68:4a:fd:bd:80:7b:63:19:d8:c0:ef:80:67:f2:
2b:96:c5:a9:58:16:7e:7d:65:8d:3c:fb:f2:c5:43:
be:55:f6:07:3d:05:7d:d9:d9:4c:95:37:15:11:c9:
e8:7a:a5:8d:8c:b0:9d:8c:d6:9a:7d:e4:5a:da:ab:
a7:d6:8c:1e:b0:55:41:90:11:0f:ac:5d:9a:65:2d:
7d:26:ae:66:4e:c0:47:9a:76:bf:e5:b0:1d:ef:b3:
6c:78:7d:f1:26:33:82:6f:a7:c6:96:93:c6:2b:67:
c1:62:ef:77:37:4b:47:53:1e:c4:68:a4:65:b6:ee:
bd:94:f3:db:4a:d5:e2:4a:fb:e4:45:0b:92:28:04:
1d:88:55:87:66:1c:6c:28:c6:ff:94:80:b3:4c:e2:
d9:64:3c:bc:a6:ae:fb:75:b7:61:b0:8e:15:cb:94:
c0:ea:35:8d:18:ad:93:b1:ca:f0:a2:a7:72:58:fe:
45:c3:e0:1f:18:97:07:fc:35:d9:b0:6e:b2:42:c1:
8a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AC:B1:48:41:B7:9A:F2:82:9D:18:4D:38:CC:57:A7:1C:81:0F:C9
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hKyxSEG3mvKCnRhNOMxXpxyBD8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:eb:8b:52:2a:9a:26:f9:7e:3f:cf:55:cc:51:b6:2a:60:bb:
02:c8:5b:c2:37:d1:90:a9:48:16:d7:b7:82:2e:32:30:da:92:
51:0e:dd:c9:34:b6:b9:a2:43:39:28:05:5e:4d:06:30:fe:0d:
d9:24:4e:03:b4:c3:c3:01:96:5f:ae:2f:d7:cc:36:b4:7e:98:
ee:a4:80:3f:d1:55:ed:0b:32:83:7f:7c:9c:25:53:1c:11:12:
b6:f2:50:fb:e7:fe:ca:ba:db:98:30:bd:7a:08:91:28:fc:6a:
79:5a:52:5a:64:1c:8c:e7:b6:3b:73:09:c2:ee:93:b6:e8:3b:
51:8d:91:6f:94:04:97:0f:82:96:96:e7:ff:02:4f:f4:e5:0c:
e4:2a:6a:8f:c7:e1:de:7a:2a:d7:6d:fa:53:34:63:3b:1b:86:
48:21:5e:48:da:dc:a2:e0:bd:f5:f6:8e:a3:cd:67:b3:f5:8d:
60:3d:43:b0:da:ce:2a:55:d1:d6:4d:6f:76:5a:e1:df:69:be:
6a:a9:2a:94:8e:02:da:29:3d:64:dd:8f:e8:14:39:2e:eb:ff:
74:25:f9:e4:c8:52:29:c8:10:76:d6:08:94:24:34:a2:6c:86:
59:99:59:fd:29:6d:0e:f0:2c:30:0d:b5:a7:4f:88:ef:71:af:
9b:fb:11:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqIc0QcNniJORAIpnxc7uTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEyMDgxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGFjYjE0ODQxYjc5YWYyODI5ZDE4NGQzOGNjNTdhNzFjODEwZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjh1TDID0zdVS6VhbjuVyCZT17A4o
etnAkRE1KA/ywrxQgIcQF0WM7v1spb1CTr1gTEO65kMKty0rEqt5aEr9vYB7YxnY
wO+AZ/IrlsWpWBZ+fWWNPPvyxUO+VfYHPQV92dlMlTcVEcnoeqWNjLCdjNaafeRa
2qun1owesFVBkBEPrF2aZS19Jq5mTsBHmna/5bAd77NseH3xJjOCb6fGlpPGK2fB
Yu93N0tHUx7EaKRltu69lPPbStXiSvvkRQuSKAQdiFWHZhxsKMb/lICzTOLZZDy8
pq77dbdhsI4Vy5TA6jWNGK2TscrwoqdyWP5Fw+AfGJcH/DXZsG6yQsGKUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFISssUhBt5rygp0YTTjMV6ccgQ/JMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaEt5eFNFRzNtdktDblJoTk9NeFhweHlCRDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ/ri1Iqmib5fj/PVcxR
tipguwLIW8I30ZCpSBbXt4IuMjDaklEO3ck0trmiQzkoBV5NBjD+DdkkTgO0w8MB
ll+uL9fMNrR+mO6kgD/RVe0LMoN/fJwlUxwRErbyUPvn/sq625gwvXoIkSj8anla
UlpkHIzntjtzCcLuk7boO1GNkW+UBJcPgpaW5/8CT/TlDOQqao/H4d56Ktdt+lM0
YzsbhkghXkja3KLgvfX2jqPNZ7P1jWA9Q7DazipV0dZNb3Za4d9pvmqpKpSOAtop
PWTdj+gUOS7r/3Ql+eTIUinIEHbWCJQkNKJshlmZWf0pbQ7wLDANtadPiO9xr5v7
Edo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org