Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iBODXPm0b8GhTH7cHH3muMuQF3k.roa
File: iBODXPm0b8GhTH7cHH3muMuQF3k.roa (raw, json)
Hash identifier: YAHpofKpr3WhZVYiMC21SzcmeJR4e2WdZ8haQ40FxjQ=
Subject key identifier: 88:13:83:5C:F9:B4:6F:C1:A1:4C:7E:DC:1C:7D:E6:B8:CB:90:17:79
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A79DB09677115039FE32DFA5F33CA8C7B
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iBODXPm0b8GhTH7cHH3muMuQF3k.roa
Signing time: Sat 09 Sep 2023 12:11:52 +0000
ROA not before: Sat 09 Sep 2023 12:11:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:79:db:09:67:71:15:03:9f:e3:2d:fa:5f:33:ca:8c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 12:11:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8813835cf9b46fc1a14c7edc1c7de6b8cb901779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:58:6f:3c:7d:e7:db:1d:b5:ef:c9:93:10:ff:
bf:90:b2:42:f5:ad:6d:c4:cf:fd:81:7a:9d:51:db:
ce:55:e7:6e:5b:f2:ba:a6:ee:ad:2f:ee:11:18:63:
92:a1:30:59:07:a0:22:c9:9b:bb:41:19:96:f2:82:
06:22:f8:df:e4:c6:ca:55:a4:f7:9b:c0:5f:b4:01:
0f:58:4c:99:bc:16:1d:80:29:73:d9:3b:bb:09:75:
6b:b1:6d:16:cf:08:01:28:07:98:67:2e:4d:e2:b5:
2a:4e:3f:26:25:d1:49:65:d7:19:fd:bd:26:cb:37:
b0:06:e7:af:22:57:6e:fc:43:79:f0:59:4e:73:e8:
fd:86:26:f3:47:11:00:ca:cf:94:0f:bc:63:61:65:
15:e1:db:38:c1:cf:86:c6:96:5b:7d:97:ee:b6:1e:
60:93:c6:6b:ae:81:df:74:a5:a4:37:1c:46:d1:be:
ac:8a:df:21:a2:66:45:a9:3b:0c:de:7d:78:f5:39:
09:ca:25:6b:6f:2b:8f:f7:90:04:7b:50:4e:68:bb:
79:76:8f:f1:35:b5:25:b4:50:2b:d9:3d:52:80:16:
af:bf:4c:ff:55:aa:9a:53:8d:dd:a9:94:f7:08:76:
7a:d1:96:32:85:b1:06:f8:44:50:7c:64:9e:36:51:
de:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:13:83:5C:F9:B4:6F:C1:A1:4C:7E:DC:1C:7D:E6:B8:CB:90:17:79
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iBODXPm0b8GhTH7cHH3muMuQF3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:e7:b4:5e:36:91:c5:80:f0:7c:db:d5:24:a9:ee:62:d4:05:
3b:aa:d1:d9:d8:72:be:8f:e8:e9:f5:a5:05:ee:92:5a:86:61:
4e:52:23:e8:d7:82:65:fb:c4:86:46:00:8a:fb:cc:d2:86:7b:
a7:dd:38:b8:f4:81:56:de:de:52:0c:7e:e7:ee:ec:3b:28:f8:
71:82:7a:b9:20:0e:a2:96:fe:4e:91:e5:f1:7d:88:2f:1d:07:
1c:da:e8:e0:06:53:24:3d:6b:93:4b:c3:b2:e3:2e:87:c4:ea:
0e:21:77:4e:7c:b2:26:cc:78:6a:83:16:ca:87:d2:ff:3d:7c:
63:1b:73:7d:43:3f:b2:29:ea:17:79:ea:8a:c3:b3:de:53:b8:
bc:2d:31:90:f0:d5:6f:c6:90:8c:92:af:89:0a:38:32:8f:c7:
a8:bf:72:f4:d8:2b:fd:c5:0f:d9:91:9d:b0:e9:b5:1a:d3:40:
e3:5c:91:24:98:3c:c3:cc:c4:c3:08:68:e7:69:ae:76:a5:d7:
3f:2f:80:fd:e4:d5:b4:ed:2f:e1:fe:3b:17:3b:fc:66:3b:9f:
6a:da:09:8f:72:0c:c9:47:22:12:fc:72:43:ef:bf:f2:1c:ec:
6e:4d:2a:f2:3a:91:d7:a1:26:a3:c4:94:4e:76:9f:f9:67:a4:
fc:99:7a:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp52wlncRUDn+Mt+l8zyox7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MTIxMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODEzODM1Y2Y5YjQ2ZmMxYTE0YzdlZGMxYzdkZTZiOGNiOTAxNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1hvPH3n2x2178mTEP+/kLJC9a1t
xM/9gXqdUdvOVeduW/K6pu6tL+4RGGOSoTBZB6AiyZu7QRmW8oIGIvjf5MbKVaT3
m8BftAEPWEyZvBYdgClz2Tu7CXVrsW0WzwgBKAeYZy5N4rUqTj8mJdFJZdcZ/b0m
yzewBuevIldu/EN58FlOc+j9hibzRxEAys+UD7xjYWUV4ds4wc+GxpZbfZfuth5g
k8ZrroHfdKWkNxxG0b6sit8homZFqTsM3n149TkJyiVrbyuP95AEe1BOaLt5do/x
NbUltFAr2T1SgBavv0z/VaqaU43dqZT3CHZ60ZYyhbEG+ERQfGSeNlHeRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIgTg1z5tG/BoUx+3Bx95rjLkBd5MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaUJPRFhQbTBiOEdoVEg3Y0hIM211TXVRRjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIjntF42kcWA8Hzb1SSp
7mLUBTuq0dnYcr6P6On1pQXuklqGYU5SI+jXgmX7xIZGAIr7zNKGe6fdOLj0gVbe
3lIMfufu7Dso+HGCerkgDqKW/k6R5fF9iC8dBxza6OAGUyQ9a5NLw7LjLofE6g4h
d058sibMeGqDFsqH0v89fGMbc31DP7Ip6hd56orDs95TuLwtMZDw1W/GkIySr4kK
ODKPx6i/cvTYK/3FD9mRnbDptRrTQONckSSYPMPMxMMIaOdprnal1z8vgP3k1bTt
L+H+Oxc7/GY7n2raCY9yDMlHIhL8ckPvv/Ic7G5NKvI6kdehJqPElE52n/lnpPyZ
ess=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org