Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/i85JjPHzqatP_vFPtrY4WWUHXdc.roa
File: i85JjPHzqatP_vFPtrY4WWUHXdc.roa (raw, json)
Hash identifier: BGjcZVIcn0OLXbagaLgMMVm0OHdqrLJDNJmKm4Lj+Ac=
Subject key identifier: 8B:CE:49:8C:F1:F3:A9:AB:4F:FE:F1:4F:B6:B6:38:59:65:07:5D:D7
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AABA5E35051C13FF06F2A239F666413A9
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/i85JjPHzqatP_vFPtrY4WWUHXdc.roa
Signing time: Tue 19 Sep 2023 04:14:50 +0000
ROA not before: Tue 19 Sep 2023 04:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ab:a5:e3:50:51:c1:3f:f0:6f:2a:23:9f:66:64:13:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 19 04:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bce498cf1f3a9ab4ffef14fb6b6385965075dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:44:6d:13:cb:39:90:f7:9b:f9:46:9f:1c:c7:
0c:cf:6c:a8:69:b8:4a:66:b3:e3:12:4c:d2:b3:d0:
dc:74:95:aa:d7:ab:89:4b:52:ee:02:c6:ba:d2:c1:
a1:91:42:84:26:6e:fa:a6:f5:b1:98:38:1d:69:61:
98:b5:70:56:0c:7d:fc:7e:87:b4:a1:2e:a6:ac:bf:
59:a6:3a:ba:d3:38:4c:83:1f:69:5b:af:76:38:7e:
93:5e:64:d8:de:1f:17:30:81:2f:f6:d8:c6:1f:e4:
8b:19:e4:a7:12:bf:6a:68:41:e6:5c:62:fc:ad:af:
87:93:c9:5f:f0:9c:60:e7:9b:18:22:e0:7b:7f:1b:
10:f7:97:f3:c8:0e:96:b3:4a:31:f0:31:ac:a1:04:
4c:93:0a:5b:e4:20:d6:16:af:4a:46:33:9b:dc:3b:
69:97:46:1e:07:1f:5a:e9:f2:11:7a:cf:0e:f9:be:
54:65:72:51:4c:1a:e3:3e:fa:22:ea:66:e4:60:48:
2e:ef:46:50:29:42:95:d5:af:36:78:90:73:36:cb:
e3:47:c5:02:1f:35:36:7f:bd:40:1e:af:7d:c9:03:
94:9e:f6:83:7c:5b:73:d4:b4:8b:59:8d:8f:dd:e6:
3d:42:5b:89:11:6d:dd:99:2d:29:68:95:0c:70:f8:
13:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:CE:49:8C:F1:F3:A9:AB:4F:FE:F1:4F:B6:B6:38:59:65:07:5D:D7
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/i85JjPHzqatP_vFPtrY4WWUHXdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:19:4e:41:4a:d2:9a:ee:02:7e:63:24:7e:72:35:a2:ea:80:
b5:64:59:b0:19:cb:69:d6:00:46:f1:d7:eb:6f:26:60:da:b8:
f4:7e:9e:dd:6d:dd:6a:c8:2e:9b:d1:73:05:07:e6:b1:56:3e:
c3:e2:84:0a:60:a4:6d:40:57:4e:59:7c:37:e0:01:bf:d4:ab:
5e:d2:6b:69:d3:a6:45:b4:4c:a5:d9:22:64:8f:ee:d1:2d:13:
1f:67:12:b4:7e:bf:c7:39:bc:a1:27:da:7a:58:fa:a7:dd:b7:
8f:64:ae:ce:9c:51:00:34:39:d5:41:ee:3f:17:d4:97:4f:49:
9e:1e:ec:e3:e0:82:8e:d4:1c:8f:a2:d3:c7:64:33:7d:4c:af:
23:fc:a8:9a:6d:60:56:3d:da:71:2a:56:b0:4d:ae:9c:91:ef:
ce:c7:3c:e0:f7:bf:33:98:91:f5:f7:d6:ce:1e:ee:d4:c3:01:
2d:7e:d2:8d:d7:4a:f8:ee:e9:a5:49:e1:9b:5e:ad:3b:3c:61:
da:2a:ec:4c:11:11:eb:3e:e1:31:af:03:d3:79:0f:ff:af:6e:
d5:60:85:66:74:73:57:3a:49:6c:d6:cc:28:ed:01:49:93:de:
ea:ee:bc:d4:21:77:10:92:af:8b:07:6b:a3:aa:11:12:c5:96:
ab:66:8d:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqrpeNQUcE/8G8qI59mZBOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE5MDQxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmNlNDk4Y2YxZjNhOWFiNGZmZWYxNGZiNmI2Mzg1OTY1MDc1ZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0RtE8s5kPeb+UafHMcMz2yoabhK
ZrPjEkzSs9DcdJWq16uJS1LuAsa60sGhkUKEJm76pvWxmDgdaWGYtXBWDH38foe0
oS6mrL9Zpjq60zhMgx9pW692OH6TXmTY3h8XMIEv9tjGH+SLGeSnEr9qaEHmXGL8
ra+Hk8lf8Jxg55sYIuB7fxsQ95fzyA6Ws0ox8DGsoQRMkwpb5CDWFq9KRjOb3Dtp
l0YeBx9a6fIRes8O+b5UZXJRTBrjPvoi6mbkYEgu70ZQKUKV1a82eJBzNsvjR8UC
HzU2f71AHq99yQOUnvaDfFtz1LSLWY2P3eY9QluJEW3dmS0paJUMcPgTWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIvOSYzx86mrT/7xT7a2OFllB13XMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaTg1SmpQSHpxYXRQX3ZGUHRyWTRXV1VIWGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB4ZTkFK0pruAn5jJH5y
NaLqgLVkWbAZy2nWAEbx1+tvJmDauPR+nt1t3WrILpvRcwUH5rFWPsPihApgpG1A
V05ZfDfgAb/Uq17Sa2nTpkW0TKXZImSP7tEtEx9nErR+v8c5vKEn2npY+qfdt49k
rs6cUQA0OdVB7j8X1JdPSZ4e7OPggo7UHI+i08dkM31MryP8qJptYFY92nEqVrBN
rpyR787HPOD3vzOYkfX31s4e7tTDAS1+0o3XSvju6aVJ4ZterTs8Ydoq7EwREes+
4TGvA9N5D/+vbtVghWZ0c1c6SWzWzCjtAUmT3uruvNQhdxCSr4sHa6OqERLFlqtm
jTs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org