Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/sZhtAY-Fq7c4zt5zK-tk2Lhdimc.roa
File: sZhtAY-Fq7c4zt5zK-tk2Lhdimc.roa (raw, json)
Hash identifier: EOQK7ypaxMQ3Zs1Ke62Qet9ToIMZucbhUBpaUHmzOno=
Subject key identifier: B1:98:6D:01:8F:85:AB:B7:38:CE:DE:73:2B:EB:64:D8:B8:5D:8A:67
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA7FF229CADF8F8B92BB0CF1730524ADF
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/sZhtAY-Fq7c4zt5zK-tk2Lhdimc.roa
Signing time: Mon 18 Sep 2023 11:13:50 +0000
ROA not before: Mon 18 Sep 2023 11:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:ff:22:9c:ad:f8:f8:b9:2b:b0:cf:17:30:52:4a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 18 11:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1986d018f85abb738cede732beb64d8b85d8a67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a1:3c:a9:76:b5:76:54:3f:e3:66:47:c6:e5:
10:dd:ec:49:d8:9a:a6:f9:e4:5c:88:de:cd:aa:3d:
13:7a:be:2b:e5:fc:8d:fd:05:68:16:63:06:51:30:
e2:ca:a1:06:6c:aa:be:5b:2a:d7:f4:fe:17:b2:53:
a0:d6:8e:3a:89:5d:1a:30:f3:1c:39:24:be:57:e1:
a0:59:21:c8:77:9f:4c:a1:b1:90:12:22:65:db:c9:
03:13:5b:e9:d7:9f:0e:1a:18:85:aa:8e:23:43:3a:
64:30:d4:35:37:74:3f:74:e1:10:f2:86:20:8b:82:
45:70:97:dc:d1:2d:a6:1a:d9:82:d5:5f:c3:f9:d3:
13:62:71:1a:27:b4:c3:6b:5e:06:d2:05:6f:af:a3:
58:39:f5:b7:42:f9:c5:02:49:3a:54:72:55:ab:3c:
0b:c0:4a:42:31:ce:f7:64:f4:13:10:0c:81:f3:89:
da:97:24:cc:ea:bb:26:e6:25:cb:48:91:6a:f4:f6:
96:67:a3:16:95:88:23:c4:7e:5b:d9:54:fe:ae:b4:
62:d6:d4:89:e1:6b:82:2f:7b:83:72:ed:55:45:ee:
29:42:e4:99:28:20:5c:5f:80:a3:d5:a3:9a:ff:b8:
61:be:b8:04:32:d9:08:f9:7b:cd:bf:46:27:1a:95:
66:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:98:6D:01:8F:85:AB:B7:38:CE:DE:73:2B:EB:64:D8:B8:5D:8A:67
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/sZhtAY-Fq7c4zt5zK-tk2Lhdimc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:d3:f5:c4:c6:6e:fa:82:cf:fb:d2:36:24:e1:4a:49:5f:6e:
94:09:84:50:cd:6c:69:82:81:f7:66:58:ff:82:6c:e7:61:24:
5d:91:c2:42:0f:32:fd:58:ed:95:de:80:d7:5a:ba:2d:91:c4:
1c:3c:5d:b6:d9:8f:1b:0b:34:a2:08:95:19:68:04:31:0b:05:
ac:1b:08:82:12:f7:5a:8f:1c:98:17:01:e3:09:64:39:6d:be:
d4:82:4a:7e:0a:ba:21:b4:76:07:fd:e5:2f:c2:ee:06:a1:a1:
62:8f:7a:b0:13:8e:35:43:e8:8a:73:02:24:9f:78:90:27:72:
9b:8e:cb:2a:b9:f6:7f:85:b7:9a:a3:87:54:94:22:d7:60:74:
70:b1:77:35:bd:07:1f:c9:de:a7:5a:2b:d6:a7:6c:b6:c6:31:
5f:c2:75:aa:9d:bf:76:20:6c:09:a8:d4:4c:84:54:a4:ec:6c:
de:d8:5e:2c:16:5c:17:f1:62:38:07:b4:8c:30:ed:55:48:fd:
df:91:6e:c5:fe:f0:e3:56:4e:1b:c1:ba:43:a9:8b:41:dd:c0:
f8:60:d4:b8:9f:20:88:86:25:77:db:82:d4:70:fb:f4:04:06:
5a:08:c0:f1:cc:75:ba:60:eb:ca:f1:67:d6:f4:f9:4d:c7:f2:
6c:7a:a5:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqn/yKcrfj4uSuwzxcwUkrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE4MTExMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTk4NmQwMThmODVhYmI3MzhjZWRlNzMyYmViNjRkOGI4NWQ4YTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKE8qXa1dlQ/42ZHxuUQ3exJ2Jqm
+eRciN7Nqj0Ter4r5fyN/QVoFmMGUTDiyqEGbKq+WyrX9P4XslOg1o46iV0aMPMc
OSS+V+GgWSHId59MobGQEiJl28kDE1vp158OGhiFqo4jQzpkMNQ1N3Q/dOEQ8oYg
i4JFcJfc0S2mGtmC1V/D+dMTYnEaJ7TDa14G0gVvr6NYOfW3QvnFAkk6VHJVqzwL
wEpCMc73ZPQTEAyB84nalyTM6rsm5iXLSJFq9PaWZ6MWlYgjxH5b2VT+rrRi1tSJ
4WuCL3uDcu1VRe4pQuSZKCBcX4Cj1aOa/7hhvrgEMtkI+XvNv0YnGpVmgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLGYbQGPhau3OM7ecyvrZNi4XYpnMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvc1podEFZLUZxN2M0enQ1ekstdGsyTGhkaW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABDT9cTGbvqCz/vSNiTh
SklfbpQJhFDNbGmCgfdmWP+CbOdhJF2RwkIPMv1Y7ZXegNdaui2RxBw8XbbZjxsL
NKIIlRloBDELBawbCIIS91qPHJgXAeMJZDltvtSCSn4KuiG0dgf95S/C7gahoWKP
erATjjVD6IpzAiSfeJAncpuOyyq59n+Ft5qjh1SUItdgdHCxdzW9Bx/J3qdaK9an
bLbGMV/Cdaqdv3YgbAmo1EyEVKTsbN7YXiwWXBfxYjgHtIww7VVI/d+RbsX+8ONW
ThvBukOpi0HdwPhg1LifIIiGJXfbgtRw+/QEBloIwPHMdbpg68rxZ9b0+U3H8mx6
pRg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:01 2024 by rpki-client on console-ams.rpki-client.org