Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/oLfwHipA1haJ4VzxOaDzAb2Fkuk.roa
File: oLfwHipA1haJ4VzxOaDzAb2Fkuk.roa (raw, json)
Hash identifier: h5HxTYDwC1/jTWfl1vq9bmB2ipmB8rzE8ht6QYqzcHE=
Subject key identifier: A0:B7:F0:1E:2A:40:D6:16:89:E1:5C:F1:39:A0:F3:01:BD:85:92:E9
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A849595753F2ED1EF7F7A834A5602AF55
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/oLfwHipA1haJ4VzxOaDzAb2Fkuk.roa
Signing time: Mon 11 Sep 2023 14:11:50 +0000
ROA not before: Mon 11 Sep 2023 14:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:95:95:75:3f:2e:d1:ef:7f:7a:83:4a:56:02:af:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 11 14:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0b7f01e2a40d61689e15cf139a0f301bd8592e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:74:6e:56:88:65:f9:a7:41:e2:1d:4a:e9:09:
c3:c4:66:91:e6:7b:82:11:4d:6e:93:0f:15:44:66:
a1:9c:0d:05:5f:91:ab:d0:bf:0e:47:42:fb:4d:84:
ca:6a:fb:1d:32:ec:c2:7e:04:25:ed:bb:1a:42:70:
09:a6:4f:7f:47:c3:32:39:78:ce:68:78:b5:a0:02:
17:45:6e:74:c9:b2:e6:f6:f3:52:20:30:27:e1:f7:
9d:1f:22:ad:df:62:d8:e6:81:05:22:71:6d:83:5b:
29:69:fd:94:f4:91:23:c5:49:bc:cf:a8:79:84:dc:
6d:9f:86:15:91:63:ad:3c:59:0c:8b:6a:ef:01:d1:
de:3b:b4:56:5c:79:2c:af:ae:1b:8c:51:21:5d:71:
61:c5:d8:66:51:5c:be:9c:a3:c9:b9:08:f1:31:f5:
32:78:e4:e9:dd:93:ec:2f:4c:c7:8a:ce:f0:c9:ab:
75:82:09:9c:8c:8d:54:80:28:0c:db:32:bb:6d:8b:
ed:17:90:37:f5:83:e2:e6:bd:54:c6:fb:13:2d:6d:
ed:47:ee:3e:2b:52:37:57:9b:28:9f:88:70:df:e5:
31:e0:8a:56:8d:92:05:69:5b:f3:0c:d7:ce:e1:81:
07:9f:e9:23:cb:7a:b3:13:7f:4a:4c:a8:1a:39:bf:
d5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B7:F0:1E:2A:40:D6:16:89:E1:5C:F1:39:A0:F3:01:BD:85:92:E9
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/oLfwHipA1haJ4VzxOaDzAb2Fkuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:51:c1:b0:5b:74:6c:93:d1:31:80:8e:be:26:da:a6:b7:1c:
76:59:8c:78:18:46:8c:24:62:e0:8e:77:56:01:a2:28:7f:90:
33:61:5c:69:e3:8f:dd:2e:e6:89:3a:a7:db:3c:78:b2:0f:ea:
8e:e9:4b:a9:db:40:9e:6c:10:c2:bc:e0:fd:7f:db:e8:29:05:
9b:49:de:13:8e:57:ef:a9:e7:6b:6a:0f:8c:19:0b:08:0e:c1:
52:78:00:8b:40:f0:ed:a9:a2:b9:53:b8:40:d5:1c:b9:00:fa:
87:59:9a:c1:d1:ab:c5:65:7c:ee:7c:61:63:42:b5:ce:98:16:
f4:35:e8:fb:a7:a7:18:37:48:41:8f:2d:8c:a4:07:8c:65:0b:
8b:8e:dc:5c:18:84:e2:ff:2f:b9:bb:c9:1c:78:3d:a5:c6:56:
cc:4e:8a:10:83:bf:d1:2b:f3:2c:ad:76:e4:65:33:1d:d5:1f:
5a:6e:14:c4:cb:aa:33:d8:ab:85:99:e9:72:71:fd:97:9b:da:
b3:47:77:3b:07:91:ed:b6:0a:f0:c6:12:f4:5d:14:86:c3:e1:
5b:8f:d6:04:22:ae:47:62:91:5f:68:17:03:e3:10:01:5c:21:
56:5f:52:43:fe:d2:2b:f4:62:14:66:00:9c:1e:7b:d6:07:68:
de:e7:b2:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqElZV1Py7R7396g0pWAq9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTExMTQxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGI3ZjAxZTJhNDBkNjE2ODllMTVjZjEzOWEwZjMwMWJkODU5MmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHRuVohl+adB4h1K6QnDxGaR5nuC
EU1ukw8VRGahnA0FX5Gr0L8OR0L7TYTKavsdMuzCfgQl7bsaQnAJpk9/R8MyOXjO
aHi1oAIXRW50ybLm9vNSIDAn4fedHyKt32LY5oEFInFtg1spaf2U9JEjxUm8z6h5
hNxtn4YVkWOtPFkMi2rvAdHeO7RWXHksr64bjFEhXXFhxdhmUVy+nKPJuQjxMfUy
eOTp3ZPsL0zHis7wyat1ggmcjI1UgCgM2zK7bYvtF5A39YPi5r1UxvsTLW3tR+4+
K1I3V5son4hw3+Ux4IpWjZIFaVvzDNfO4YEHn+kjy3qzE39KTKgaOb/VdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKC38B4qQNYWieFc8Tmg8wG9hZLpMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvb0xmd0hpcEExaGFKNFZ6eE9hRHpBYjJGa3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB5RwbBbdGyT0TGAjr4m
2qa3HHZZjHgYRowkYuCOd1YBoih/kDNhXGnjj90u5ok6p9s8eLIP6o7pS6nbQJ5s
EMK84P1/2+gpBZtJ3hOOV++p52tqD4wZCwgOwVJ4AItA8O2porlTuEDVHLkA+odZ
msHRq8VlfO58YWNCtc6YFvQ16Punpxg3SEGPLYykB4xlC4uO3FwYhOL/L7m7yRx4
PaXGVsxOihCDv9Er8yytduRlMx3VH1puFMTLqjPYq4WZ6XJx/Zeb2rNHdzsHke22
CvDGEvRdFIbD4VuP1gQirkdikV9oFwPjEAFcIVZfUkP+0iv0YhRmAJwee9YHaN7n
si0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:01 2024 by rpki-client on console-ams.rpki-client.org