Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/uGoLa0qJPlPv53cFtXduWs35Hnw.roa
File: uGoLa0qJPlPv53cFtXduWs35Hnw.roa (raw, json)
Hash identifier: 4eZYrWUWrD+kIzywDlV+GTOqijJzf8xSgwTc6hlQUJs=
Subject key identifier: B8:6A:0B:6B:4A:89:3E:53:EF:E7:77:05:B5:77:6E:5A:CD:F9:1E:7C
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8DC93C249F319DB07CD5161361A911F1
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/uGoLa0qJPlPv53cFtXduWs35Hnw.roa
Signing time: Wed 13 Sep 2023 09:04:50 +0000
ROA not before: Wed 13 Sep 2023 09:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64:ffff:0:18a:8dc8:d922/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:c9:3c:24:9f:31:9d:b0:7c:d5:16:13:61:a9:11:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 09:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b86a0b6b4a893e53efe77705b5776e5acdf91e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cb:2a:56:9d:2e:b2:d0:de:6f:7a:17:76:49:
e7:5c:0d:9d:7b:39:91:17:dc:28:8f:14:38:dd:94:
5d:6f:a4:cc:0c:9b:f1:8c:65:05:42:99:e5:bf:46:
d7:f6:a6:b6:08:58:d3:e3:0d:ca:da:98:aa:75:85:
e7:93:ee:c3:05:00:49:70:e6:d5:93:e2:40:00:4c:
26:bf:0a:1a:0c:62:bd:49:12:37:0b:51:7b:24:b0:
16:8f:c0:96:b8:74:cd:d6:02:15:26:25:af:38:d8:
9c:f4:72:58:55:25:dd:29:91:1e:3d:59:a3:e0:a1:
4d:cb:0c:d4:40:36:25:50:85:23:9c:d6:5e:c1:b5:
58:0b:63:ee:8d:e8:bf:c1:e2:91:31:17:cd:1f:05:
7e:d6:be:16:bc:b1:7f:1d:7e:30:8e:92:c8:2e:d0:
e4:28:22:d1:06:78:5e:92:5a:4c:d9:1b:87:02:51:
8c:5c:42:30:57:b6:eb:34:09:d2:fa:ae:75:87:e7:
f9:c1:11:0f:26:24:73:15:cc:b9:2c:47:5a:f6:61:
b1:10:62:a7:02:ef:f3:98:31:e6:9a:bb:c1:15:9c:
a2:72:dc:fe:af:38:38:00:83:1a:90:b9:a3:16:93:
14:cb:f5:90:3c:85:01:81:fc:22:78:87:c1:1d:16:
81:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6A:0B:6B:4A:89:3E:53:EF:E7:77:05:B5:77:6E:5A:CD:F9:1E:7C
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/uGoLa0qJPlPv53cFtXduWs35Hnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:19:9b:da:b8:1a:32:68:1e:88:b3:44:88:49:49:55:67:81:
73:21:0c:10:0c:61:25:b9:d1:0d:9b:d9:a1:3c:f9:9d:31:cd:
4d:ac:c7:d1:e9:44:12:f9:83:7c:2c:02:ee:6a:2d:94:65:cf:
dd:39:0b:b5:78:ae:db:94:95:77:2a:1b:32:84:17:ff:90:a3:
3c:58:d2:21:0a:82:ca:6c:70:e4:6b:b5:48:72:f9:50:2c:05:
b9:42:bd:8d:c0:de:e4:f0:df:89:9a:ed:b4:49:b3:37:bc:b9:
6d:25:83:91:75:6c:a9:de:b9:e8:0f:5a:80:05:fe:98:56:96:
92:07:ab:e4:37:b7:cd:f1:6b:df:7c:14:44:99:02:3c:a5:c3:
6e:67:b0:a1:0a:5e:5a:d9:31:24:ec:48:79:3f:82:4e:80:99:
77:45:8f:c5:84:06:9f:a1:5e:54:75:c2:27:d6:b4:e6:ba:9e:
e7:bf:e2:07:ac:a5:91:34:57:e7:aa:da:86:e0:97:58:b6:48:
07:4f:ae:07:17:0a:41:31:b4:6a:5e:6a:25:f7:a3:27:9d:66:
87:5e:13:3e:49:52:53:de:89:c3:25:17:61:32:8c:6c:2e:8b:
e7:e0:49:f7:42:b3:1e:6c:43:a7:e1:4d:b7:e0:6f:50:92:d1:
13:b3:f9:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqNyTwknzGdsHzVFhNhqRHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMDkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODZhMGI2YjRhODkzZTUzZWZlNzc3MDViNTc3NmU1YWNkZjkxZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8sqVp0ustDeb3oXdknnXA2dezmR
F9wojxQ43ZRdb6TMDJvxjGUFQpnlv0bX9qa2CFjT4w3K2piqdYXnk+7DBQBJcObV
k+JAAEwmvwoaDGK9SRI3C1F7JLAWj8CWuHTN1gIVJiWvONic9HJYVSXdKZEePVmj
4KFNywzUQDYlUIUjnNZewbVYC2Pujei/weKRMRfNHwV+1r4WvLF/HX4wjpLILtDk
KCLRBnheklpM2RuHAlGMXEIwV7brNAnS+q51h+f5wREPJiRzFcy5LEda9mGxEGKn
Au/zmDHmmrvBFZyictz+rzg4AIMakLmjFpMUy/WQPIUBgfwieIfBHRaB6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLhqC2tKiT5T7+d3BbV3blrN+R58MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdUdvTGEwcUpQbFB2NTNjRnRYZHVXczM1SG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAYZm9q4GjJoHoizRIhJ
SVVngXMhDBAMYSW50Q2b2aE8+Z0xzU2sx9HpRBL5g3wsAu5qLZRlz905C7V4rtuU
lXcqGzKEF/+QozxY0iEKgspscORrtUhy+VAsBblCvY3A3uTw34ma7bRJsze8uW0l
g5F1bKneuegPWoAF/phWlpIHq+Q3t83xa998FESZAjylw25nsKEKXlrZMSTsSHk/
gk6AmXdFj8WEBp+hXlR1wifWtOa6nue/4gespZE0V+eq2obgl1i2SAdPrgcXCkEx
tGpeaiX3oyedZodeEz5JUlPeicMlF2EyjGwui+fgSfdCsx5sQ6fhTbfgb1CS0ROz
+eg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:58 2024 by rpki-client on console-fra.rpki-client.org