Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/o-HgbbpYbYUPhJ_amjLeDUGP_xs.roa
File: o-HgbbpYbYUPhJ_amjLeDUGP_xs.roa (raw, json)
Hash identifier: 9P9ZnuOfZtz7cOcYpaveRfpgyVAQoLgzbEc6KqXuk/g=
Subject key identifier: A3:E1:E0:6D:BA:58:6D:85:0F:84:9F:DA:9A:32:DE:0D:41:8F:FF:1B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AACB88B7097115B76CD1A4AC7FACD9137
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/o-HgbbpYbYUPhJ_amjLeDUGP_xs.roa
Signing time: Tue 19 Sep 2023 09:14:50 +0000
ROA not before: Tue 19 Sep 2023 09:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:b8:8b:70:97:11:5b:76:cd:1a:4a:c7:fa:cd:91:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 19 09:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3e1e06dba586d850f849fda9a32de0d418fff1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:30:b4:de:1f:79:a7:6d:f0:f0:0e:04:a3:
8d:2c:98:df:38:e2:f6:2e:cd:db:62:04:79:e1:d1:
c4:1f:e4:7f:f7:bb:0b:c5:f2:fc:75:0d:fc:d1:41:
70:38:b9:24:30:a8:a9:81:51:57:b5:70:9c:97:f8:
73:2d:18:48:85:e4:de:00:8a:11:2e:16:9c:68:12:
81:7b:e2:c1:f3:e9:75:e1:51:e3:4f:11:1c:45:bf:
84:bd:de:3d:ae:12:a8:cc:3a:5e:55:f9:c3:48:e2:
e6:63:3f:77:20:6c:f0:25:ca:da:27:d2:8f:bb:5a:
d7:7b:6c:cd:ca:76:4f:c5:5f:58:da:69:cd:9b:c8:
e0:ce:bc:51:80:3b:e7:70:d7:0f:e3:8f:aa:62:e1:
1d:32:62:db:80:c7:73:ba:15:9a:b4:78:58:f4:2e:
a3:41:78:65:52:fa:ed:89:bf:d7:ee:39:27:4e:1c:
35:ca:39:c3:0c:7a:0b:4d:1e:b0:06:45:6d:36:91:
0b:d5:fc:96:12:4d:9e:5c:d6:e2:e3:39:ed:c4:2b:
f7:84:c2:f0:28:54:8f:47:d0:1d:4f:d1:70:a4:b5:
51:6f:1b:b4:9b:c5:ee:d8:c6:79:0b:1b:35:1e:48:
a4:89:b5:e5:ef:6d:da:af:14:92:a7:c2:e8:c0:46:
0c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E1:E0:6D:BA:58:6D:85:0F:84:9F:DA:9A:32:DE:0D:41:8F:FF:1B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/o-HgbbpYbYUPhJ_amjLeDUGP_xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:e2:c1:3d:03:00:23:b2:77:d2:c1:cc:3a:32:d5:85:4e:de:
03:eb:e7:ab:f9:b8:54:26:16:80:54:d2:b6:0f:c5:9f:20:95:
60:83:19:7b:72:50:d9:e8:63:e1:b3:c6:a8:87:68:40:5b:31:
65:02:69:6c:ff:8b:eb:37:ff:92:fb:e1:82:f4:11:7a:47:26:
d9:97:dc:8b:c0:c5:64:e8:92:d7:2d:58:18:a0:2e:6d:8b:80:
e0:81:d3:b1:fc:4e:80:53:ae:fe:ca:f4:f6:74:0c:11:61:d3:
52:ed:a9:87:85:a2:0e:94:ec:d7:3e:b8:42:ea:7c:b6:d9:12:
73:87:21:2b:26:07:32:a0:f3:c7:0e:e9:eb:8a:35:8a:6c:1f:
56:93:05:d1:db:22:01:77:fb:4e:fb:5c:7e:bd:0b:6f:1c:08:
4e:95:37:a4:6f:fc:e0:fc:91:36:83:c3:6f:9d:46:19:74:c4:
18:9f:93:1d:16:dc:8f:97:5b:28:4c:a5:18:80:c5:e8:f0:cd:
36:9b:33:e3:30:58:90:55:30:c0:ab:33:2d:38:d1:d4:14:65:
1d:00:7d:a7:b6:6d:2b:1a:33:61:46:b0:bf:a8:ed:ad:39:22:
89:81:ad:d9:95:a5:05:97:71:16:28:e2:b4:98:17:d1:f4:83:
73:64:5b:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqsuItwlxFbds0aSsf6zZE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE5MDkxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2UxZTA2ZGJhNTg2ZDg1MGY4NDlmZGE5YTMyZGUwZDQxOGZmZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0IwtN4feadt8PAOBKONLJjfOOL2
Ls3bYgR54dHEH+R/97sLxfL8dQ380UFwOLkkMKipgVFXtXCcl/hzLRhIheTeAIoR
LhacaBKBe+LB8+l14VHjTxEcRb+Evd49rhKozDpeVfnDSOLmYz93IGzwJcraJ9KP
u1rXe2zNynZPxV9Y2mnNm8jgzrxRgDvncNcP44+qYuEdMmLbgMdzuhWatHhY9C6j
QXhlUvrtib/X7jknThw1yjnDDHoLTR6wBkVtNpEL1fyWEk2eXNbi4zntxCv3hMLw
KFSPR9AdT9FwpLVRbxu0m8Xu2MZ5Cxs1HkikibXl723arxSSp8LowEYMPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKPh4G26WG2FD4Sf2poy3g1Bj/8bMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvby1IZ2JicFliWVVQaEpfYW1qTGVEVUdQX3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKTiwT0DACOyd9LBzDoy
1YVO3gPr56v5uFQmFoBU0rYPxZ8glWCDGXtyUNnoY+GzxqiHaEBbMWUCaWz/i+s3
/5L74YL0EXpHJtmX3IvAxWToktctWBigLm2LgOCB07H8ToBTrv7K9PZ0DBFh01Lt
qYeFog6U7Nc+uELqfLbZEnOHISsmBzKg88cO6euKNYpsH1aTBdHbIgF3+077XH69
C28cCE6VN6Rv/OD8kTaDw2+dRhl0xBifkx0W3I+XWyhMpRiAxejwzTabM+MwWJBV
MMCrMy040dQUZR0Afae2bSsaM2FGsL+o7a05IomBrdmVpQWXcRYo4rSYF9H0g3Nk
W1E=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:20 2025 by rpki-client