Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pRsiYfVoqwg6QOopz-78278tduU.roa
File: pRsiYfVoqwg6QOopz-78278tduU.roa (raw, json)
Hash identifier: 7I8vmkUWcZfwLG3/PY3XnC/c9lxrf1a4d2xzrBlEQmE=
Subject key identifier: A5:1B:22:61:F5:68:AB:08:3A:40:EA:29:CF:EE:FC:DB:BF:2D:76:E5
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6923AF9D4116AE3E5478BD114D5A3ABE
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pRsiYfVoqwg6QOopz-78278tduU.roa
Signing time: Wed 06 Sep 2023 06:17:40 +0000
ROA not before: Wed 06 Sep 2023 06:17:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:23:af:9d:41:16:ae:3e:54:78:bd:11:4d:5a:3a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 06:17:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a51b2261f568ab083a40ea29cfeefcdbbf2d76e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:06:6c:95:ba:c7:94:c6:69:f9:e1:57:12:20:
2c:33:2e:be:a3:17:e5:92:0c:84:8d:06:84:5a:b7:
3c:a2:57:14:12:04:93:2e:20:e0:22:d2:58:ad:3f:
12:58:9a:d9:a3:86:0d:80:94:b7:d8:c0:ba:1b:d3:
69:e4:a9:63:ad:c8:f0:bb:5a:38:ff:cb:7e:b1:08:
f0:e8:d1:c2:3a:ef:7a:45:d1:f3:01:10:63:84:d4:
cb:25:c6:68:43:3a:e2:25:20:1d:0e:1f:94:17:52:
d2:7a:8e:b0:fc:da:e8:fd:69:1b:41:92:8e:83:05:
ea:be:45:96:85:a9:55:9b:82:df:21:73:f0:bb:e0:
db:ea:77:50:e5:5a:a8:21:51:ad:ba:66:7a:74:f8:
c5:ae:b6:9d:0a:a1:53:fc:4a:03:25:ce:8f:3e:ee:
80:c3:5d:2b:bc:26:99:d0:1d:0f:e2:bb:cb:40:05:
da:6e:36:b3:e4:32:fa:d9:7a:9d:39:18:ed:d7:e3:
ae:3d:db:7a:96:1d:56:cf:08:c4:5b:2d:2f:de:ff:
fc:de:64:6f:81:0a:4e:4d:13:ef:39:9f:94:ff:89:
73:2f:53:c8:d9:6a:71:39:b9:a4:5b:f2:df:bf:8a:
e2:4e:2c:71:18:48:2d:14:c7:c7:6c:5c:48:40:d7:
55:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:1B:22:61:F5:68:AB:08:3A:40:EA:29:CF:EE:FC:DB:BF:2D:76:E5
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/pRsiYfVoqwg6QOopz-78278tduU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:e6:53:1b:15:d8:47:64:78:df:8b:b0:de:6a:55:d8:c5:3f:
1d:b6:4f:2f:ed:e9:a4:14:16:6d:e0:e4:48:60:e9:c7:42:dc:
83:16:8f:5f:52:9b:7d:60:c5:be:62:ea:fd:7f:35:dc:26:58:
f8:a5:cb:c8:fa:47:9a:0d:1e:84:fc:30:73:57:22:3a:56:1d:
85:5e:08:cc:24:4d:ba:24:d0:64:39:56:56:78:90:a9:38:9d:
a3:4e:88:94:a0:5c:5a:1c:6f:31:f1:42:e9:7f:6b:8d:1a:a2:
6d:c8:96:e7:62:57:70:c1:5f:28:70:e5:ff:b5:13:35:6b:20:
6a:e1:be:a6:a9:d6:9a:7f:f4:ef:f0:bf:2c:e7:a2:0a:db:a6:
a4:44:36:17:02:00:d7:68:de:59:33:27:b4:51:26:04:49:0c:
38:46:b6:44:8f:49:09:af:b3:ac:93:cb:54:de:fd:a7:25:b0:
33:fc:36:d6:71:48:0d:ea:2f:e9:72:5c:ad:28:b6:a5:ee:30:
f5:c6:fb:ad:3c:d0:94:56:ca:90:95:40:7d:f7:84:d4:e7:16:
15:ef:43:53:8c:de:47:cc:6f:2a:ff:4f:30:b6:91:eb:de:86:
88:65:88:4e:64:22:13:36:4c:a8:77:b8:99:08:6a:59:51:9b:
d7:60:04:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYppI6+dQRauPlR4vRFNWjq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MDYxNzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTFiMjI2MWY1NjhhYjA4M2E0MGVhMjljZmVlZmNkYmJmMmQ3NmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAZslbrHlMZp+eFXEiAsMy6+oxfl
kgyEjQaEWrc8olcUEgSTLiDgItJYrT8SWJrZo4YNgJS32MC6G9Np5Kljrcjwu1o4
/8t+sQjw6NHCOu96RdHzARBjhNTLJcZoQzriJSAdDh+UF1LSeo6w/Nro/WkbQZKO
gwXqvkWWhalVm4LfIXPwu+Db6ndQ5VqoIVGtumZ6dPjFrradCqFT/EoDJc6PPu6A
w10rvCaZ0B0P4rvLQAXabjaz5DL62XqdORjt1+OuPdt6lh1WzwjEWy0v3v/83mRv
gQpOTRPvOZ+U/4lzL1PI2WpxObmkW/Lfv4riTixxGEgtFMfHbFxIQNdVNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKUbImH1aKsIOkDqKc/u/Nu/LXblMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcFJzaVlmVm9xd2c2UU9vcHotNzgyNzh0ZHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB7mUxsV2EdkeN+LsN5q
VdjFPx22Ty/t6aQUFm3g5Ehg6cdC3IMWj19Sm31gxb5i6v1/NdwmWPily8j6R5oN
HoT8MHNXIjpWHYVeCMwkTbok0GQ5VlZ4kKk4naNOiJSgXFocbzHxQul/a40aom3I
ludiV3DBXyhw5f+1EzVrIGrhvqap1pp/9O/wvyznogrbpqRENhcCANdo3lkzJ7RR
JgRJDDhGtkSPSQmvs6yTy1Te/aclsDP8NtZxSA3qL+lyXK0otqXuMPXG+6080JRW
ypCVQH33hNTnFhXvQ1OM3kfMbyr/TzC2kevehohliE5kIhM2TKh3uJkIallRm9dg
BCA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:58 2024 by rpki-client on console-fra.rpki-client.org