Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hM2yoqHfdKAZHtpIuz90XbP5kjI.roa
File: hM2yoqHfdKAZHtpIuz90XbP5kjI.roa (raw, json)
Hash identifier: 6+AgeOSNLwN/Bk26DwMCCO77Mwm6Y0H3DnQiMQmHsOI=
Subject key identifier: 84:CD:B2:A2:A1:DF:74:A0:19:1E:DA:48:BB:3F:74:5D:B3:F9:92:32
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4F69BD8627258155F7BEE8FC1409CA66
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hM2yoqHfdKAZHtpIuz90XbP5kjI.roa
Signing time: Fri 01 Sep 2023 06:24:04 +0000
ROA not before: Fri 01 Sep 2023 06:24:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:69:bd:86:27:25:81:55:f7:be:e8:fc:14:09:ca:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 06:24:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84cdb2a2a1df74a0191eda48bb3f745db3f99232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e1:99:87:94:ed:76:c6:fb:05:e6:f9:ac:ae:
d3:e3:8f:ed:f2:4a:44:61:a9:88:00:c1:0c:2d:45:
3f:cf:81:20:2d:42:08:51:4d:cc:8c:30:96:a3:4e:
ca:a7:31:29:eb:f2:d7:e1:2a:c0:94:86:c1:86:97:
e1:09:1c:ad:39:5f:3e:9b:38:2e:ca:4f:99:e2:ba:
06:0b:f7:53:09:40:5d:b4:d3:29:06:b2:34:96:f2:
0f:10:8e:01:61:74:7b:e0:50:fe:26:89:2e:91:f1:
53:06:9a:3d:67:95:ff:8c:e2:78:f1:7b:11:e5:ea:
be:65:26:ad:99:5d:83:9b:3d:dc:98:4e:00:78:17:
a4:be:1b:ce:12:2a:01:c2:e4:bc:24:22:4b:00:10:
4b:ba:66:8a:25:8f:66:ab:a3:90:4a:9e:e9:09:ad:
2b:2d:a2:95:19:13:a6:83:c8:bb:7a:d2:02:d3:6c:
77:e3:1b:73:9b:67:f7:6a:b1:c2:32:a5:81:fb:e4:
b9:84:b9:53:3c:37:5f:7e:de:76:1f:ca:d7:b4:84:
f5:34:37:92:0c:e0:12:60:fa:4b:02:72:ca:2e:c7:
05:8e:46:97:e2:a2:55:bd:42:10:ec:b6:36:6a:7f:
23:65:26:b8:d0:e2:de:fd:a7:6e:b6:1a:b3:b0:d2:
78:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CD:B2:A2:A1:DF:74:A0:19:1E:DA:48:BB:3F:74:5D:B3:F9:92:32
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hM2yoqHfdKAZHtpIuz90XbP5kjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:fc:b9:4e:f6:2a:24:7c:c6:6d:72:e4:91:db:e6:02:2a:e0:
5f:fd:a6:ee:05:bc:b2:66:e1:0d:c2:36:70:91:8a:4d:9a:5c:
fd:fd:0b:9e:f8:f2:80:a4:f1:0c:5b:01:22:b1:77:77:56:da:
72:26:f7:26:34:0e:27:31:49:d0:f9:dc:53:53:af:d5:c2:9b:
f2:ab:00:2d:3a:4e:69:d0:aa:8b:de:69:cd:33:ae:2e:9c:10:
35:e5:46:a4:45:e9:6a:a0:48:4c:7c:be:7a:0f:35:e3:03:68:
7e:a1:bb:e4:1b:e4:eb:a1:f5:64:68:bf:c7:7e:59:6e:7a:1a:
51:df:0a:40:8f:22:b0:2d:79:a6:6d:41:53:bd:b5:86:cd:9e:
d1:62:d0:3b:4a:d7:b2:4d:ef:ca:2d:8c:22:72:62:2d:e5:fa:
7b:eb:1a:45:e9:a5:c1:8c:03:f2:04:85:2c:2e:4b:76:d8:0e:
ca:31:98:ef:63:2a:dc:02:eb:7f:0b:ad:c1:9d:41:68:1a:bf:
54:23:5a:3e:0b:07:0f:14:9b:7b:ac:dd:5b:a1:e2:dd:2b:d1:
df:f8:64:90:b9:b1:55:c5:15:26:7c:c3:da:24:6d:a0:b3:27:
9a:67:a8:8f:cc:75:96:aa:79:b8:d6:52:da:af:6f:86:46:6e:
f5:a7:60:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpPab2GJyWBVfe+6PwUCcpmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMDYyNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGNkYjJhMmExZGY3NGEwMTkxZWRhNDhiYjNmNzQ1ZGIzZjk5MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+GZh5Ttdsb7Beb5rK7T44/t8kpE
YamIAMEMLUU/z4EgLUIIUU3MjDCWo07KpzEp6/LX4SrAlIbBhpfhCRytOV8+mzgu
yk+Z4roGC/dTCUBdtNMpBrI0lvIPEI4BYXR74FD+JokukfFTBpo9Z5X/jOJ48XsR
5eq+ZSatmV2Dmz3cmE4AeBekvhvOEioBwuS8JCJLABBLumaKJY9mq6OQSp7pCa0r
LaKVGROmg8i7etIC02x34xtzm2f3arHCMqWB++S5hLlTPDdfft52H8rXtIT1NDeS
DOASYPpLAnLKLscFjkaX4qJVvUIQ7LY2an8jZSa40OLe/aduthqzsNJ4swIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFITNsqKh33SgGR7aSLs/dF2z+ZIyMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaE0yeW9xSGZkS0FaSHRwSXV6OTBYYlA1a2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGX8uU72KiR8xm1y5JHb
5gIq4F/9pu4FvLJm4Q3CNnCRik2aXP39C5748oCk8QxbASKxd3dW2nIm9yY0Dicx
SdD53FNTr9XCm/KrAC06TmnQqoveac0zri6cEDXlRqRF6WqgSEx8vnoPNeMDaH6h
u+Qb5Ouh9WRov8d+WW56GlHfCkCPIrAteaZtQVO9tYbNntFi0DtK17JN78otjCJy
Yi3l+nvrGkXppcGMA/IEhSwuS3bYDsoxmO9jKtwC638LrcGdQWgav1QjWj4LBw8U
m3us3Vuh4t0r0d/4ZJC5sVXFFSZ8w9okbaCzJ5pnqI/MdZaqebjWUtqvb4ZGbvWn
YCw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org