Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ssMVIjIsh17VEpc-rDJkAp9GIA0.roa
File: ssMVIjIsh17VEpc-rDJkAp9GIA0.roa (raw, json)
Hash identifier: 4L8De60GBWoB3syz4AT2u0AxCfEEBVh6R06o9Icn0+E=
Subject key identifier: B2:C3:15:22:32:2C:87:5E:D5:12:97:3E:AC:32:64:02:9F:46:20:0D
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7AB981F41643F87858954D3723D8F271
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ssMVIjIsh17VEpc-rDJkAp9GIA0.roa
Signing time: Sat 09 Sep 2023 16:14:52 +0000
ROA not before: Sat 09 Sep 2023 16:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7a:b9:81:f4:16:43:f8:78:58:95:4d:37:23:d8:f2:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 9 16:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2c31522322c875ed512973eac3264029f46200d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d3:40:9d:09:85:69:d2:01:47:74:82:f5:21:
64:ca:1f:8f:1c:3b:ce:81:4b:f1:85:5b:e2:e1:ce:
82:28:c4:92:60:b3:52:2b:42:33:3c:1e:bd:f8:c9:
9a:00:d1:12:2c:3d:62:0b:0b:d2:21:6b:6b:79:f2:
27:d0:30:6e:35:1b:ff:af:9f:0a:c1:fc:99:8c:64:
9d:4f:fb:cd:62:91:e4:56:d5:7b:6d:d8:55:a1:c1:
65:b7:fc:b4:42:ab:93:7d:3a:2d:5e:d9:97:41:32:
42:6e:aa:36:a4:e3:93:55:cf:4b:ff:c5:e9:10:33:
2e:79:ad:9b:fe:ba:20:32:17:8c:51:47:ef:eb:60:
aa:af:88:3c:a1:aa:2f:7d:b6:ee:17:b4:5a:0f:3d:
42:a5:a7:da:7d:97:85:a7:76:62:03:8f:76:31:3f:
14:11:a1:be:60:3f:0c:d7:c3:cc:e4:21:05:79:4d:
c2:61:32:cd:7e:59:72:47:6b:88:93:ea:27:eb:b7:
0b:0a:e5:8f:c6:01:6b:d3:3d:1d:2b:2d:e4:81:ca:
b2:aa:0d:0d:fc:88:70:05:2a:19:a1:1e:dd:62:5e:
2e:b2:94:29:be:b7:8d:8a:7b:b8:25:98:5f:07:4a:
17:85:6f:8e:d5:11:dd:1e:ac:89:97:71:09:4f:d9:
d1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C3:15:22:32:2C:87:5E:D5:12:97:3E:AC:32:64:02:9F:46:20:0D
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/ssMVIjIsh17VEpc-rDJkAp9GIA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:01:31:72:11:9d:6d:fb:66:be:2e:5a:d2:73:3c:a2:c8:5b:
33:c1:6a:2d:31:c1:40:cc:78:2d:8e:e6:89:56:ff:12:76:93:
74:94:aa:7a:a2:e4:9e:9b:68:eb:4f:29:81:7e:88:4e:4f:8d:
6d:fa:23:24:41:35:a5:ce:44:b8:5b:42:d5:ac:49:3f:cb:1e:
a8:52:05:78:93:04:ae:12:78:76:db:5a:b3:6f:7e:99:48:ee:
71:91:d6:19:e5:69:90:18:a9:a8:71:86:07:32:9c:86:75:ae:
f2:7b:04:9a:8c:29:d8:b0:b8:5d:26:8c:57:2d:3b:68:93:29:
f3:5c:23:09:4d:21:d9:96:96:7c:be:d1:6a:91:aa:e5:67:2b:
37:dc:7e:aa:7a:a2:88:71:b0:bc:c7:2a:ce:90:b2:68:db:42:
a1:7e:f6:5b:5c:be:ea:55:f2:0b:ff:5d:de:6b:25:2d:54:26:
a2:ed:80:fe:59:a1:08:58:73:2e:c2:f8:45:a5:62:aa:3f:f4:
fd:e5:b3:00:d0:20:13:e3:9d:51:c6:01:d5:7c:99:c4:84:f4:
49:4d:ec:0a:ad:38:dc:77:ec:48:7d:5a:04:7a:ae:1b:81:7f:
79:45:5e:76:5e:03:5f:de:5d:24:6c:16:d9:82:81:d0:34:ef:
74:e5:69:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp6uYH0FkP4eFiVTTcj2PJxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA5MTYxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmMzMTUyMjMyMmM4NzVlZDUxMjk3M2VhYzMyNjQwMjlmNDYyMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNNAnQmFadIBR3SC9SFkyh+PHDvO
gUvxhVvi4c6CKMSSYLNSK0IzPB69+MmaANESLD1iCwvSIWtrefIn0DBuNRv/r58K
wfyZjGSdT/vNYpHkVtV7bdhVocFlt/y0QquTfTotXtmXQTJCbqo2pOOTVc9L/8Xp
EDMuea2b/rogMheMUUfv62Cqr4g8oaovfbbuF7RaDz1CpafafZeFp3ZiA492MT8U
EaG+YD8M18PM5CEFeU3CYTLNfllyR2uIk+on67cLCuWPxgFr0z0dKy3kgcqyqg0N
/IhwBSoZoR7dYl4uspQpvreNinu4JZhfB0oXhW+O1RHdHqyJl3EJT9nRkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLLDFSIyLIde1RKXPqwyZAKfRiANMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvc3NNVklqSXNoMTdWRXBjLXJESmtBcDlHSUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEcBMXIRnW37Zr4uWtJz
PKLIWzPBai0xwUDMeC2O5olW/xJ2k3SUqnqi5J6baOtPKYF+iE5PjW36IyRBNaXO
RLhbQtWsST/LHqhSBXiTBK4SeHbbWrNvfplI7nGR1hnlaZAYqahxhgcynIZ1rvJ7
BJqMKdiwuF0mjFctO2iTKfNcIwlNIdmWlny+0WqRquVnKzfcfqp6oohxsLzHKs6Q
smjbQqF+9ltcvupV8gv/Xd5rJS1UJqLtgP5ZoQhYcy7C+EWlYqo/9P3lswDQIBPj
nVHGAdV8mcSE9ElN7AqtONx37Eh9WgR6rhuBf3lFXnZeA1/eXSRsFtmCgdA073Tl
aaE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:58 2024 by rpki-client on console-fra.rpki-client.org