Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tdG5puRoaeGVUDtWARFLo2rnHdI.roa
File: tdG5puRoaeGVUDtWARFLo2rnHdI.roa (raw, json)
Hash identifier: B4gbbKhV8cpMeEaRoA7lLSBmN9XRwIYhvr/IFrcRPXk=
Subject key identifier: B5:D1:B9:A6:E4:68:69:E1:95:50:3B:56:01:11:4B:A3:6A:E7:1D:D2
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5222756A287E2AF3B749A317C56F1810
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tdG5puRoaeGVUDtWARFLo2rnHdI.roa
Signing time: Fri 01 Sep 2023 19:05:04 +0000
ROA not before: Fri 01 Sep 2023 19:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:5221:d6ce/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:52:22:75:6a:28:7e:2a:f3:b7:49:a3:17:c5:6f:18:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 19:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5d1b9a6e46869e195503b5601114ba36ae71dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:03:46:01:32:91:2d:41:d6:ff:c1:a6:f4:99:
f5:4b:c9:65:45:95:84:68:24:8b:0c:3b:fc:9d:56:
5f:b5:9a:79:1c:19:e5:17:51:76:85:55:eb:78:41:
b8:e4:c9:8d:29:eb:22:65:00:66:7e:6a:00:9f:b0:
ea:60:f9:b6:7b:f6:78:09:91:70:8c:2c:de:80:b8:
a0:38:21:d6:f3:1b:71:8d:07:41:6a:bd:30:4a:8f:
3b:67:c5:60:54:43:15:2a:45:e3:92:e1:bf:be:44:
a0:d7:b0:64:c6:44:00:54:11:60:50:41:e9:c6:f9:
98:30:bc:ae:8f:f1:5d:c4:98:cc:a8:d9:27:92:c6:
5c:31:8f:5f:c3:53:fc:23:db:b4:20:a7:18:63:03:
de:f0:58:01:c1:49:1c:32:c5:70:15:08:33:59:52:
fc:4f:d1:4b:fb:cf:b6:9d:9c:69:5f:31:95:e2:51:
39:fc:ca:23:95:03:cd:d2:aa:9b:30:8b:d6:35:ed:
3b:49:43:05:c4:7d:6a:7f:e7:fe:ff:ab:de:bf:a2:
2e:d2:35:b9:86:68:c9:fb:2c:d7:99:af:05:b8:6f:
88:6d:ef:d9:5f:7a:95:9c:26:15:21:49:70:01:b8:
39:a9:f2:22:67:45:75:4c:43:fc:66:5c:d4:9c:00:
70:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D1:B9:A6:E4:68:69:E1:95:50:3B:56:01:11:4B:A3:6A:E7:1D:D2
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tdG5puRoaeGVUDtWARFLo2rnHdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:07:f5:4a:ca:8b:a0:81:88:de:cc:32:58:4c:c3:e3:68:35:
bf:b8:21:c4:71:ea:8a:d4:b9:6c:35:b4:f2:37:42:31:44:a0:
ad:9f:eb:40:4d:db:b1:29:40:62:bb:07:ff:8a:34:94:63:08:
2d:b2:d2:15:6c:e2:93:43:ce:f8:44:dc:2e:2d:9f:03:f7:a4:
9f:03:fa:52:7d:de:e5:7b:82:37:72:78:b2:5d:91:4e:32:37:
00:77:54:32:e4:c2:3b:a6:8f:0e:ba:af:67:38:0d:1a:71:c7:
2d:81:08:64:99:10:97:8b:1f:f7:09:74:0f:27:41:08:90:88:
a4:6b:ab:11:b8:bf:ac:63:ec:a9:25:64:c8:8a:b1:06:33:ec:
8b:ff:d6:90:a8:91:b1:01:01:93:67:aa:ee:f9:24:1a:42:16:
c7:b5:bb:f5:85:4d:7e:e9:24:b0:e2:bd:64:1b:84:ec:ef:03:
01:32:3b:3b:bf:f0:b6:8e:31:ac:3a:bc:96:92:cb:18:35:c5:
9c:22:b7:2e:ae:98:c6:6b:a3:45:ea:de:16:89:5e:9e:71:95:
c2:7c:b1:7a:df:e3:4a:14:0e:7d:16:5a:54:75:24:81:bc:7f:
17:4c:2b:95:04:95:ca:c4:0b:40:23:30:ae:fb:9e:41:32:b7:
17:2f:ca:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpSInVqKH4q87dJoxfFbxgQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMTkwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQxYjlhNmU0Njg2OWUxOTU1MDNiNTYwMTExNGJhMzZhZTcxZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkANGATKRLUHW/8Gm9Jn1S8llRZWE
aCSLDDv8nVZftZp5HBnlF1F2hVXreEG45MmNKesiZQBmfmoAn7DqYPm2e/Z4CZFw
jCzegLigOCHW8xtxjQdBar0wSo87Z8VgVEMVKkXjkuG/vkSg17BkxkQAVBFgUEHp
xvmYMLyuj/FdxJjMqNknksZcMY9fw1P8I9u0IKcYYwPe8FgBwUkcMsVwFQgzWVL8
T9FL+8+2nZxpXzGV4lE5/MojlQPN0qqbMIvWNe07SUMFxH1qf+f+/6vev6Iu0jW5
hmjJ+yzXma8FuG+Ibe/ZX3qVnCYVIUlwAbg5qfIiZ0V1TEP8ZlzUnABwAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLXRuabkaGnhlVA7VgERS6Nq5x3SMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdGRHNXB1Um9hZUdWVUR0V0FSRkxvMnJuSGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFYH9UrKi6CBiN7MMlhM
w+NoNb+4IcRx6orUuWw1tPI3QjFEoK2f60BN27EpQGK7B/+KNJRjCC2y0hVs4pND
zvhE3C4tnwP3pJ8D+lJ93uV7gjdyeLJdkU4yNwB3VDLkwjumjw66r2c4DRpxxy2B
CGSZEJeLH/cJdA8nQQiQiKRrqxG4v6xj7KklZMiKsQYz7Iv/1pCokbEBAZNnqu75
JBpCFse1u/WFTX7pJLDivWQbhOzvAwEyOzu/8LaOMaw6vJaSyxg1xZwity6umMZr
o0Xq3haJXp5xlcJ8sXrf40oUDn0WWlR1JIG8fxdMK5UElcrEC0AjMK77nkEytxcv
yns=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:01 2024 by rpki-client on console-ams.rpki-client.org