Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ongW_CzuAPZu24_YbY3cuPqY5Ak.roa
File: ongW_CzuAPZu24_YbY3cuPqY5Ak.roa (raw, json)
Hash identifier: az6QjDYKbUomcf9wB2W0f4BarmS2S1z0cy+eSFnvVqQ=
Subject key identifier: A2:78:16:FC:2C:EE:00:F6:6E:DB:8F:D8:6D:8D:DC:B8:FA:98:E4:09
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9B1E51CBDD7B7690C1686907406E8324
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ongW_CzuAPZu24_YbY3cuPqY5Ak.roa
Signing time: Fri 15 Sep 2023 23:12:50 +0000
ROA not before: Fri 15 Sep 2023 23:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9b:1e:51:cb:dd:7b:76:90:c1:68:69:07:40:6e:83:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 15 23:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a27816fc2cee00f66edb8fd86d8ddcb8fa98e409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c9:28:d6:57:71:a9:e3:71:b5:c7:c1:f3:85:
33:a0:d9:df:f7:3f:6e:ce:9e:52:2e:94:51:05:01:
3c:69:2e:79:3b:92:10:86:dc:35:b0:d1:9e:45:eb:
99:9a:3e:c3:dd:ae:db:42:db:dd:6b:bb:d6:a5:a0:
aa:59:31:c6:31:f5:ef:a0:be:bc:a0:7c:ec:d2:ee:
95:e0:b1:c6:3f:87:2f:9d:c2:0d:f8:69:b9:09:64:
a4:35:dd:21:dd:19:39:52:89:1b:ff:39:c7:1b:72:
02:cb:07:b0:42:22:88:19:63:79:28:9c:4b:25:9a:
80:49:45:e0:c9:82:88:b5:28:08:3e:31:30:f2:99:
60:cf:e5:c7:26:60:5a:07:65:7e:e6:20:17:2f:d0:
da:5a:3e:0d:57:99:0c:da:c2:0b:69:a3:eb:a6:15:
19:4d:e3:74:8d:e9:7a:8e:f0:e3:eb:a4:ff:fa:05:
ca:7c:da:ba:d8:e9:df:f5:64:e0:e6:6c:83:04:0a:
2b:ba:d0:92:8c:e2:1b:9e:46:39:77:cc:46:0d:7b:
4b:7f:49:83:68:10:d3:a8:4f:18:14:00:86:56:58:
b4:53:98:66:08:85:0b:e8:64:22:ff:cf:f3:c5:89:
ce:60:51:d8:73:df:8b:28:ab:00:c5:1b:87:c9:9f:
26:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:78:16:FC:2C:EE:00:F6:6E:DB:8F:D8:6D:8D:DC:B8:FA:98:E4:09
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ongW_CzuAPZu24_YbY3cuPqY5Ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:58:3a:1b:b7:42:77:e7:4f:e5:36:01:eb:31:3d:e7:26:03:
4c:b5:ab:48:38:82:9e:1c:7b:ad:24:58:03:80:01:09:c4:79:
cd:5a:68:d5:19:ad:c9:08:da:a4:02:d2:61:c7:40:c0:24:e7:
1d:fd:2e:b9:2a:f5:b2:2a:84:0a:dd:82:e2:11:64:08:20:13:
49:89:30:f6:12:60:0e:d8:96:18:54:56:7f:44:eb:8d:c0:a2:
ea:0c:8a:46:81:d6:dd:5f:87:e2:48:dd:30:a4:dd:3c:45:db:
dd:61:0a:b3:63:6d:29:88:1e:c7:23:c1:cc:e3:b7:99:8d:df:
9f:4f:0f:77:3a:74:5f:30:6b:70:83:62:0e:07:24:26:20:e3:
1a:29:dc:ba:f2:47:e2:9c:96:33:94:88:d1:19:84:5b:36:de:
f9:cc:75:b4:e0:b6:74:b3:76:c4:6e:c4:3c:71:c0:de:b7:1e:
23:b0:ba:93:d0:4d:b1:78:f8:de:66:49:50:4a:62:cc:06:18:
f0:3c:c0:e0:58:b7:8e:bf:6f:d2:f8:66:31:f1:44:f6:12:01:
ca:e7:e6:df:c4:a6:18:9a:bb:b8:e9:66:1e:bc:ab:00:14:c4:
51:36:22:ef:e3:83:e1:29:06:68:12:13:42:cc:12:ee:d4:23:
3e:58:2d:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqbHlHL3Xt2kMFoaQdAboMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE1MjMxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjc4MTZmYzJjZWUwMGY2NmVkYjhmZDg2ZDhkZGNiOGZhOThlNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcko1ldxqeNxtcfB84UzoNnf9z9u
zp5SLpRRBQE8aS55O5IQhtw1sNGeReuZmj7D3a7bQtvda7vWpaCqWTHGMfXvoL68
oHzs0u6V4LHGP4cvncIN+Gm5CWSkNd0h3Rk5Uokb/znHG3ICywewQiKIGWN5KJxL
JZqASUXgyYKItSgIPjEw8plgz+XHJmBaB2V+5iAXL9DaWj4NV5kM2sILaaPrphUZ
TeN0jel6jvDj66T/+gXKfNq62Onf9WTg5myDBAorutCSjOIbnkY5d8xGDXtLf0mD
aBDTqE8YFACGVli0U5hmCIUL6GQi/8/zxYnOYFHYc9+LKKsAxRuHyZ8mnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKJ4Fvws7gD2btuP2G2N3Lj6mOQJMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvb25nV19DenVBUFp1MjRfWWJZM2N1UHFZNUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKZYOhu3QnfnT+U2Aesx
PecmA0y1q0g4gp4ce60kWAOAAQnEec1aaNUZrckI2qQC0mHHQMAk5x39Lrkq9bIq
hArdguIRZAggE0mJMPYSYA7YlhhUVn9E643AouoMikaB1t1fh+JI3TCk3TxF291h
CrNjbSmIHscjwczjt5mN359PD3c6dF8wa3CDYg4HJCYg4xop3LryR+KcljOUiNEZ
hFs23vnMdbTgtnSzdsRuxDxxwN63HiOwupPQTbF4+N5mSVBKYswGGPA8wOBYt46/
b9L4ZjHxRPYSAcrn5t/Ephiau7jpZh68qwAUxFE2Iu/jg+EpBmgSE0LMEu7UIz5Y
Ldc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:33 2025 by rpki-client