Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/sgK7i4SKb69rRsSn5F6r4SCD81k.roa
File: sgK7i4SKb69rRsSn5F6r4SCD81k.roa (raw, json)
Hash identifier: lEj4p+nfoOe5yzwbS1JVFwXrnAgRlWLX1u/2CQ6JhlU=
Subject key identifier: B2:02:BB:8B:84:8A:6F:AF:6B:46:C4:A7:E4:5E:AB:E1:20:83:F3:59
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7A7FCDAA13BA24D891C2FCA1DABA3257
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/sgK7i4SKb69rRsSn5F6r4SCD81k.roa
Signing time: Sat 09 Sep 2023 15:11:50 +0000
ROA not before: Sat 09 Sep 2023 15:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7a:7f:cd:aa:13:ba:24:d8:91:c2:fc:a1:da:ba:32:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 15:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b202bb8b848a6faf6b46c4a7e45eabe12083f359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f5:f1:e4:47:68:64:76:8a:d4:05:2f:b2:fd:
75:1c:87:72:f7:b9:72:09:2f:0f:ef:13:ff:90:a8:
2c:90:0d:02:42:31:83:08:46:02:36:c1:a0:1f:c1:
05:e6:19:a7:ac:d5:7e:a9:26:6c:f2:1d:95:9d:c5:
2d:b6:a0:2b:d0:cc:0c:1c:f1:c7:ff:60:4f:26:bb:
ae:b7:37:cc:f3:7e:43:a1:23:4c:42:da:62:b6:04:
cb:72:01:55:98:ca:7b:df:d1:c7:24:0e:8d:01:d1:
11:3d:67:c7:a1:dd:5f:c0:a7:98:fd:6c:4d:dc:d0:
18:a6:83:a0:c9:0e:78:4c:cd:4c:7a:bb:21:f0:12:
f6:b7:d2:39:9e:72:ec:6d:af:dc:d9:e9:04:db:b8:
c4:c0:87:6d:e5:40:4a:35:66:c1:e6:e6:59:06:96:
5d:6f:99:1c:63:b5:12:65:98:66:56:f2:47:4b:58:
cc:a1:9b:ae:9a:f4:55:33:e7:b8:35:cf:de:12:7b:
f0:c0:53:2c:fb:37:70:e9:f1:e8:80:bf:34:95:72:
dc:2c:f2:28:48:b1:c3:44:da:d4:cc:65:74:2b:a8:
2f:5a:5f:96:94:fd:aa:f0:57:36:6f:65:1e:8d:68:
c8:f6:be:7f:c4:35:5f:e2:a8:55:6b:77:0f:1a:37:
4c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:02:BB:8B:84:8A:6F:AF:6B:46:C4:A7:E4:5E:AB:E1:20:83:F3:59
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/sgK7i4SKb69rRsSn5F6r4SCD81k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:29:c0:68:62:0b:e4:76:51:94:8e:b1:18:52:72:e9:1e:2c:
9a:8d:1e:1e:10:04:10:82:64:86:c9:43:6c:a3:45:cc:20:41:
c8:90:7c:e9:95:f7:a6:f5:41:5b:ff:fb:5f:88:62:ba:9c:ce:
a6:c4:73:db:04:a5:fb:aa:e7:89:8a:b0:b0:ce:70:5c:6f:d9:
df:19:14:c1:36:27:ee:ae:1b:b1:d9:88:d5:1e:ae:b5:5f:c9:
dd:bc:53:4f:e3:c2:ad:88:ad:ad:ac:f2:c2:c2:e4:81:cd:5d:
04:97:fb:dc:bd:7e:47:11:9e:d2:06:ff:a5:11:53:bd:6c:82:
0e:14:4e:98:14:b6:38:9d:a4:4f:c7:b0:cf:ce:a9:a7:ef:6e:
ac:ae:1b:03:32:4f:db:07:2d:6f:d1:4d:81:0e:95:6d:81:42:
59:58:17:c3:18:11:5c:d4:b8:55:35:05:89:3f:83:c8:05:82:
db:29:25:e8:cf:ce:ba:71:f5:89:cf:19:a8:d1:79:0c:4d:0f:
18:2a:75:00:f2:f4:db:4a:64:4d:06:ee:5b:e0:c9:64:2a:0d:
80:54:2a:1e:53:0b:e2:d7:3f:f1:15:d3:80:3d:80:e7:a6:2f:
e5:51:ba:8c:94:39:ef:ee:71:dd:6b:63:c2:0c:35:34:bb:2a:
b9:c0:31:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp6f82qE7ok2JHC/KHaujJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MTUxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjAyYmI4Yjg0OGE2ZmFmNmI0NmM0YTdlNDVlYWJlMTIwODNmMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/Xx5EdoZHaK1AUvsv11HIdy97ly
CS8P7xP/kKgskA0CQjGDCEYCNsGgH8EF5hmnrNV+qSZs8h2VncUttqAr0MwMHPHH
/2BPJruutzfM835DoSNMQtpitgTLcgFVmMp739HHJA6NAdERPWfHod1fwKeY/WxN
3NAYpoOgyQ54TM1Mersh8BL2t9I5nnLsba/c2ekE27jEwIdt5UBKNWbB5uZZBpZd
b5kcY7USZZhmVvJHS1jMoZuumvRVM+e4Nc/eEnvwwFMs+zdw6fHogL80lXLcLPIo
SLHDRNrUzGV0K6gvWl+WlP2q8Fc2b2UejWjI9r5/xDVf4qhVa3cPGjdM4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLICu4uEim+va0bEp+Req+Egg/NZMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvc2dLN2k0U0tiNjlyUnNTbjVGNnI0U0NEODFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJwpwGhiC+R2UZSOsRhS
cukeLJqNHh4QBBCCZIbJQ2yjRcwgQciQfOmV96b1QVv/+1+IYrqczqbEc9sEpfuq
54mKsLDOcFxv2d8ZFME2J+6uG7HZiNUerrVfyd28U0/jwq2Ira2s8sLC5IHNXQSX
+9y9fkcRntIG/6URU71sgg4UTpgUtjidpE/HsM/OqafvbqyuGwMyT9sHLW/RTYEO
lW2BQllYF8MYEVzUuFU1BYk/g8gFgtspJejPzrpx9YnPGajReQxNDxgqdQDy9NtK
ZE0G7lvgyWQqDYBUKh5TC+LXP/EV04A9gOemL+VRuoyUOe/ucd1rY8IMNTS7KrnA
MaE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:58 2024 by rpki-client on console-fra.rpki-client.org