Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ju8kRNOrUGKbVPYihVIfThrpn54.roa
File: ju8kRNOrUGKbVPYihVIfThrpn54.roa (raw, json)
Hash identifier: /lJZoz+akNHOf6N/Ohy/h7ghMbiUHa30ahNHgJeY0j8=
Subject key identifier: 8E:EF:24:44:D3:AB:50:62:9B:54:F6:22:85:52:1F:4E:1A:E9:9F:9E
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5754B814DA5AF27544F4FC117F699959
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ju8kRNOrUGKbVPYihVIfThrpn54.roa
Signing time: Sat 02 Sep 2023 19:18:04 +0000
ROA not before: Sat 02 Sep 2023 19:18:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:57:54:b8:14:da:5a:f2:75:44:f4:fc:11:7f:69:99:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 19:18:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8eef2444d3ab50629b54f62285521f4e1ae99f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b9:56:d7:e8:87:de:1d:d8:c8:5a:78:fe:92:
67:24:a5:33:08:cb:56:7d:8f:90:43:dc:c4:80:89:
fa:9a:19:51:7c:44:a6:f2:0d:7f:49:94:27:ab:77:
3c:35:c0:c3:af:42:c2:62:fa:1e:7c:b0:9d:d6:57:
8e:fa:b6:fc:eb:19:d5:32:83:ae:f4:ca:9e:43:bc:
56:8a:4c:69:ba:cc:71:28:ca:a2:bc:bc:c2:cb:b5:
e5:a5:2d:c6:6b:de:cd:55:27:12:cb:6e:f6:56:05:
49:0c:d7:12:f2:6e:9f:63:df:98:71:49:5b:b9:e5:
db:93:05:f2:38:9f:3a:10:84:53:c6:7a:29:ed:61:
d3:91:83:c2:ce:7d:63:99:3a:ac:33:96:2d:cd:92:
01:6b:67:61:ea:d6:0f:ad:3b:0a:f5:53:29:72:9b:
2f:ec:01:6d:ea:c0:79:6d:93:2c:fc:04:fd:5a:ae:
53:ba:bd:5b:68:44:da:7c:28:fe:5b:8d:d1:d3:14:
6a:0f:39:7b:c9:06:df:49:0a:85:f7:74:63:4c:b7:
41:89:8a:9e:3a:77:04:5d:c6:ea:c8:14:32:4b:b1:
e0:db:90:df:bf:aa:84:58:d2:ca:aa:f8:17:f7:5a:
32:a8:00:ad:95:32:70:0a:98:64:e9:0b:07:75:5c:
0e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:EF:24:44:D3:AB:50:62:9B:54:F6:22:85:52:1F:4E:1A:E9:9F:9E
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ju8kRNOrUGKbVPYihVIfThrpn54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:be:bb:f7:92:9c:70:4d:69:29:21:80:c0:6f:07:4b:89:93:
11:f7:fa:1c:15:42:9d:a6:dd:b5:0f:69:f6:c2:86:ab:86:0e:
94:24:34:e9:32:d0:f8:2e:da:0c:5a:d5:5c:08:7c:eb:b4:84:
4a:9a:8b:e3:44:9f:d8:40:86:84:44:0f:f8:56:d0:de:9b:00:
42:9e:52:35:1d:57:a4:23:aa:fb:8b:c2:ce:dd:6f:34:1e:42:
88:09:f4:81:1c:86:db:d8:b0:e9:10:aa:40:76:ce:35:49:63:
3a:0a:8f:b6:a6:6f:94:db:42:63:6a:89:a5:b6:25:6b:bc:ef:
1c:f4:78:e3:fe:27:d0:f7:3a:00:ae:a3:4c:b0:68:b9:bf:8d:
37:57:a3:19:a4:38:4a:16:60:a3:91:7d:1a:96:2c:59:81:06:
08:1c:44:8f:df:5c:d4:cd:f8:4f:19:03:43:3c:59:35:53:be:
81:30:20:36:88:17:33:69:b6:bb:a5:ea:c0:d6:21:46:ff:dd:
51:ec:90:1f:73:be:c7:84:e1:b6:55:45:62:c1:8e:e2:62:3d:
68:f2:d9:67:f3:02:93:4f:14:44:b7:f5:88:66:d6:aa:63:59:
a9:6e:71:c1:86:f3:65:9f:ac:b4:2f:20:a7:1c:31:10:8b:d6:
26:e2:88:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpXVLgU2lrydUT0/BF/aZlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMTkxODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWVmMjQ0NGQzYWI1MDYyOWI1NGY2MjI4NTUyMWY0ZTFhZTk5ZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LlW1+iH3h3YyFp4/pJnJKUzCMtW
fY+QQ9zEgIn6mhlRfESm8g1/SZQnq3c8NcDDr0LCYvoefLCd1leO+rb86xnVMoOu
9MqeQ7xWikxpusxxKMqivLzCy7XlpS3Ga97NVScSy272VgVJDNcS8m6fY9+YcUlb
ueXbkwXyOJ86EIRTxnop7WHTkYPCzn1jmTqsM5YtzZIBa2dh6tYPrTsK9VMpcpsv
7AFt6sB5bZMs/AT9Wq5Tur1baETafCj+W43R0xRqDzl7yQbfSQqF93RjTLdBiYqe
OncEXcbqyBQyS7Hg25Dfv6qEWNLKqvgX91oyqACtlTJwCphk6QsHdVwO3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI7vJETTq1Bim1T2IoVSH04a6Z+eMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvanU4a1JOT3JVR0tiVlBZaWhWSWZUaHJwbjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEW+u/eSnHBNaSkhgMBv
B0uJkxH3+hwVQp2m3bUPafbChquGDpQkNOky0Pgu2gxa1VwIfOu0hEqai+NEn9hA
hoRED/hW0N6bAEKeUjUdV6QjqvuLws7dbzQeQogJ9IEchtvYsOkQqkB2zjVJYzoK
j7amb5TbQmNqiaW2JWu87xz0eOP+J9D3OgCuo0ywaLm/jTdXoxmkOEoWYKORfRqW
LFmBBggcRI/fXNTN+E8ZA0M8WTVTvoEwIDaIFzNptrul6sDWIUb/3VHskB9zvseE
4bZVRWLBjuJiPWjy2WfzApNPFES39Yhm1qpjWaluccGG82WfrLQvIKccMRCL1ibi
iPo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:00 2024 by rpki-client on console-ams.rpki-client.org