Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/kEjXf_vxkgBqvFF20XbvZNX6QPY.roa
File: kEjXf_vxkgBqvFF20XbvZNX6QPY.roa (raw, json)
Hash identifier: ZgUXeu+GLLmhNAPC/ZfysNetXo4ideL+SVfpHUkwf44=
Subject key identifier: 90:48:D7:7F:FB:F1:92:00:6A:BC:51:76:D1:76:EF:64:D5:FA:40:F6
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4E8A5A6C5AD38AE773C0E7B8F86A6E9F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/kEjXf_vxkgBqvFF20XbvZNX6QPY.roa
Signing time: Fri 01 Sep 2023 02:20:04 +0000
ROA not before: Fri 01 Sep 2023 02:20:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4e:8a:5a:6c:5a:d3:8a:e7:73:c0:e7:b8:f8:6a:6e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 02:20:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9048d77ffbf192006abc5176d176ef64d5fa40f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bb:f1:42:19:c8:e3:c1:56:2c:60:5b:ed:7e:
15:5e:82:9d:3b:65:f5:71:65:f2:f4:00:8a:f3:43:
27:20:11:3e:88:fd:85:e2:8b:31:85:83:fd:fe:49:
df:02:f4:a6:7d:61:32:b0:7a:3f:68:03:3f:b0:da:
e7:1c:2b:d2:11:3b:99:39:a6:61:08:35:a2:7f:ab:
45:1d:45:df:40:44:75:61:25:b2:86:63:2a:34:8d:
a5:5a:6c:90:98:2a:7c:52:b7:87:79:f9:72:fd:45:
f9:25:df:0c:26:05:83:21:1a:7b:51:d0:00:af:cf:
68:6a:e7:dc:33:46:46:22:87:2c:7e:81:c8:a3:58:
6d:3f:ad:bb:d8:b2:5f:b0:08:29:56:ef:af:41:fc:
ab:36:1a:74:03:ef:9a:da:56:a3:c0:7b:e3:7e:9a:
11:d8:16:00:95:a9:ec:47:36:f3:49:7a:d1:76:7f:
40:f9:2e:7f:d3:0f:01:1b:d6:db:d1:b4:5f:f0:b6:
bc:27:ac:c4:ab:84:4a:25:78:be:ef:7a:f1:42:29:
a4:d2:6a:bf:d0:27:14:d9:8b:67:d5:c8:67:28:83:
52:06:c9:44:87:8b:19:69:b8:aa:00:a6:dc:a8:9c:
40:69:69:82:a3:4a:20:c9:82:0c:87:87:1a:43:e0:
04:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:48:D7:7F:FB:F1:92:00:6A:BC:51:76:D1:76:EF:64:D5:FA:40:F6
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/kEjXf_vxkgBqvFF20XbvZNX6QPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:71:f1:d2:67:65:4c:16:74:24:df:e5:e6:8b:c2:4b:74:d4:
0c:80:b8:54:75:ba:9c:72:a2:d1:6f:8d:21:1b:59:a2:7d:19:
ef:4f:3e:6d:8b:2d:ef:b4:9e:cc:db:96:f2:d3:7a:c4:b8:95:
17:06:41:49:17:89:ca:d8:ef:c0:a3:47:4b:18:8b:d1:51:a1:
2b:dd:a3:a6:91:df:04:91:32:5d:3a:8b:a4:b2:d1:13:cb:6c:
af:10:fb:01:75:cb:61:69:18:05:54:bb:9b:f1:a1:3b:5c:3c:
70:ae:e0:57:b8:a3:c6:5c:62:69:7c:82:58:75:a5:f9:e1:58:
a8:c4:df:5b:7c:ec:82:1f:b9:72:0a:94:59:24:ba:57:e1:49:
bb:b9:dc:c9:ca:56:c9:21:83:bb:4a:8e:29:15:08:3c:0e:45:
17:70:a0:2f:74:f4:63:fd:e5:20:e1:e1:1b:5a:00:0a:4a:b0:
86:0d:77:65:67:53:e9:1d:2b:29:c4:c4:44:a3:cd:a7:bc:b5:
4e:d7:cb:91:32:f3:bc:59:a6:d9:4f:32:e7:00:6a:bd:e7:e2:
ba:ae:0d:dd:70:52:b9:c6:e8:8b:47:a9:69:90:e9:75:a0:f4:
ed:1c:7b:b0:0d:d3:b9:5e:91:2e:f9:01:63:6c:47:9f:27:3a:
2f:7e:98:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpOilpsWtOK53PA57j4am6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMDIyMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDQ4ZDc3ZmZiZjE5MjAwNmFiYzUxNzZkMTc2ZWY2NGQ1ZmE0MGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbvxQhnI48FWLGBb7X4VXoKdO2X1
cWXy9ACK80MnIBE+iP2F4osxhYP9/knfAvSmfWEysHo/aAM/sNrnHCvSETuZOaZh
CDWif6tFHUXfQER1YSWyhmMqNI2lWmyQmCp8UreHefly/UX5Jd8MJgWDIRp7UdAA
r89oaufcM0ZGIocsfoHIo1htP6272LJfsAgpVu+vQfyrNhp0A++a2lajwHvjfpoR
2BYAlansRzbzSXrRdn9A+S5/0w8BG9bb0bRf8La8J6zEq4RKJXi+73rxQimk0mq/
0CcU2Ytn1chnKINSBslEh4sZabiqAKbcqJxAaWmCo0ogyYIMh4caQ+AEIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJBI13/78ZIAarxRdtF272TV+kD2MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEva0VqWGZfdnhrZ0JxdkZGMjBYYnZaTlg2UVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKBx8dJnZUwWdCTf5eaL
wkt01AyAuFR1upxyotFvjSEbWaJ9Ge9PPm2LLe+0nszblvLTesS4lRcGQUkXicrY
78CjR0sYi9FRoSvdo6aR3wSRMl06i6Sy0RPLbK8Q+wF1y2FpGAVUu5vxoTtcPHCu
4Fe4o8ZcYml8glh1pfnhWKjE31t87IIfuXIKlFkkulfhSbu53MnKVskhg7tKjikV
CDwORRdwoC909GP95SDh4RtaAApKsIYNd2VnU+kdKynExESjzae8tU7Xy5Ey87xZ
ptlPMucAar3n4rquDd1wUrnG6ItHqWmQ6XWg9O0ce7AN07lekS75AWNsR58nOi9+
mHY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org