Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iSqKM_dVEfOubC4Qs1X6hSwdMDs.roa
File: iSqKM_dVEfOubC4Qs1X6hSwdMDs.roa (raw, json)
Hash identifier: jJGgAFnrzAx2WO7vq5PQY4wE34fNymIBu60g6/DnPUw=
Subject key identifier: 89:2A:8A:33:F7:55:11:F3:AE:6C:2E:10:B3:55:FA:85:2C:1D:30:3B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A94B11E0BF96861F5FA0B3E284EC7FBCA
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iSqKM_dVEfOubC4Qs1X6hSwdMDs.roa
Signing time: Thu 14 Sep 2023 17:15:50 +0000
ROA not before: Thu 14 Sep 2023 17:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:94:b1:1e:0b:f9:68:61:f5:fa:0b:3e:28:4e:c7:fb:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 14 17:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=892a8a33f75511f3ae6c2e10b355fa852c1d303b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c7:af:2f:78:5c:92:91:c8:d4:de:b4:cb:23:
1c:da:55:c8:fa:03:fc:67:d0:4a:d9:52:99:9b:5c:
58:12:8d:e3:63:48:92:f2:ad:af:c4:e9:97:e3:97:
3e:4e:6b:e1:19:95:f7:51:a6:cb:e0:f6:b6:bd:4d:
97:d7:69:55:79:cc:ce:04:6c:42:d2:41:aa:5a:4a:
bc:ce:d5:62:e4:c0:ff:b5:fc:2e:88:b2:81:d8:b8:
9f:bf:b1:4d:19:ea:25:c1:b4:d6:15:1e:dd:b5:2d:
88:c9:25:cc:40:4b:2c:dd:c3:6b:db:29:cd:4d:5e:
61:65:76:6f:99:f4:00:2a:57:30:e1:b4:c4:3c:90:
18:b6:29:73:1d:58:67:40:0d:16:91:b1:4d:e3:39:
a3:3b:28:f1:fa:84:1c:c4:f3:66:30:04:ca:73:58:
0c:9b:d7:97:5d:85:f9:57:24:96:85:9b:e0:f1:d7:
bc:7c:64:89:09:56:e4:4f:c5:7c:ce:d8:76:72:f5:
03:a9:30:71:f3:8c:f0:86:00:75:16:0a:17:77:39:
87:42:49:6c:c9:2c:de:d3:21:fd:eb:a0:1f:0d:4e:
b3:3b:cd:19:c9:b0:fa:31:68:8d:80:bb:43:c1:52:
b2:92:db:e4:61:32:17:73:78:d6:8a:24:56:9e:fe:
09:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:2A:8A:33:F7:55:11:F3:AE:6C:2E:10:B3:55:FA:85:2C:1D:30:3B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iSqKM_dVEfOubC4Qs1X6hSwdMDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0b:df:b1:7f:ad:db:01:28:da:75:9e:3d:74:c8:1f:52:6b:f9:
42:be:71:73:a6:90:85:4e:c5:4e:a5:35:28:18:d5:fd:ec:b2:
90:ad:c7:46:95:c6:49:85:0b:50:c0:b2:6d:bf:18:7d:a5:a9:
a9:3d:91:db:70:b3:9b:df:ae:b7:eb:09:fa:fd:86:35:7b:78:
00:52:73:60:74:f4:ee:25:fc:16:b0:94:3d:78:97:fa:79:06:
a5:1e:df:b5:55:9b:5b:ea:28:a6:14:c8:34:15:f3:f2:cf:8a:
05:03:44:23:13:75:de:30:36:e6:cb:a6:fb:73:04:8e:dd:a0:
9d:59:a5:4d:1a:d2:61:a3:d2:ec:24:08:df:cf:86:b7:ab:68:
83:6a:d3:c3:05:bc:47:71:40:c2:39:ad:2f:4a:77:64:75:71:
84:a8:46:e4:ca:3d:19:51:83:ef:f7:40:56:cf:c0:d7:a5:da:
1b:35:4e:53:aa:98:71:a0:09:16:55:06:f9:a0:58:3a:97:63:
cd:4e:3b:77:9d:64:23:90:eb:e6:18:2f:ab:b4:1d:44:37:67:
cd:88:7d:3b:b6:9c:ac:26:58:33:9b:2a:f1:44:25:eb:b0:47:
9b:06:16:c3:68:a0:ad:bf:e6:ab:40:28:63:5f:a9:84:0e:bd:
7c:58:78:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqUsR4L+Whh9foLPihOx/vKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE0MTcxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTJhOGEzM2Y3NTUxMWYzYWU2YzJlMTBiMzU1ZmE4NTJjMWQzMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcevL3hckpHI1N60yyMc2lXI+gP8
Z9BK2VKZm1xYEo3jY0iS8q2vxOmX45c+TmvhGZX3UabL4Pa2vU2X12lVeczOBGxC
0kGqWkq8ztVi5MD/tfwuiLKB2Lifv7FNGeolwbTWFR7dtS2IySXMQEss3cNr2ynN
TV5hZXZvmfQAKlcw4bTEPJAYtilzHVhnQA0WkbFN4zmjOyjx+oQcxPNmMATKc1gM
m9eXXYX5VySWhZvg8de8fGSJCVbkT8V8zth2cvUDqTBx84zwhgB1FgoXdzmHQkls
ySze0yH966AfDU6zO80ZybD6MWiNgLtDwVKyktvkYTIXc3jWiiRWnv4JlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIkqijP3VRHzrmwuELNV+oUsHTA7MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaVNxS01fZFZFZk91YkM0UXMxWDZoU3dkTURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAvfsX+t2wEo2nWePXTI
H1Jr+UK+cXOmkIVOxU6lNSgY1f3sspCtx0aVxkmFC1DAsm2/GH2lqak9kdtws5vf
rrfrCfr9hjV7eABSc2B09O4l/BawlD14l/p5BqUe37VVm1vqKKYUyDQV8/LPigUD
RCMTdd4wNubLpvtzBI7doJ1ZpU0a0mGj0uwkCN/PhreraINq08MFvEdxQMI5rS9K
d2R1cYSoRuTKPRlRg+/3QFbPwNel2hs1TlOqmHGgCRZVBvmgWDqXY81OO3edZCOQ
6+YYL6u0HUQ3Z82IfTu2nKwmWDObKvFEJeuwR5sGFsNooK2/5qtAKGNfqYQOvXxY
eBU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org