Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/uYYsLrbr56_Qqq6Hi7HwZi5hZ_o.roa
File: uYYsLrbr56_Qqq6Hi7HwZi5hZ_o.roa (raw, json)
Hash identifier: omxQic3r2YIR8HuSMsACN9lYwCnY8ZmmNCL+WrgN+u4=
Subject key identifier: B9:86:2C:2E:B6:EB:E7:AF:D0:AA:AE:87:8B:B1:F0:66:2E:61:67:FA
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A48189242272168633DF19205442F7978
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/uYYsLrbr56_Qqq6Hi7HwZi5hZ_o.roa
Signing time: Wed 30 Aug 2023 20:18:04 +0000
ROA not before: Wed 30 Aug 2023 20:18:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:48:18:92:42:27:21:68:63:3d:f1:92:05:44:2f:79:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 20:18:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9862c2eb6ebe7afd0aaae878bb1f0662e6167fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:16:b1:56:ad:e5:6b:4d:12:f9:87:b0:61:16:
bd:d3:a7:bb:0f:b1:1a:ed:9a:c7:9b:78:26:5f:05:
4e:ca:a9:f7:9d:05:3f:3a:cf:4d:24:e5:18:fc:51:
a2:ae:53:8b:fb:af:c6:61:d8:83:06:be:e9:11:cd:
91:ae:38:11:bf:90:65:67:fb:00:6c:66:4f:8a:bf:
54:7e:22:43:53:73:03:9b:e6:29:1f:6d:b3:de:0b:
94:f5:2b:0f:82:d2:b8:86:1b:64:76:26:17:54:d1:
e2:99:42:ea:33:e8:6c:57:83:1d:ee:89:5b:41:4e:
5d:78:89:f0:ca:a2:8c:82:29:96:2e:0b:d9:7d:e2:
2f:29:29:9d:3c:9b:12:16:d2:1e:e6:0f:85:48:ba:
e2:51:93:b0:5c:26:b3:73:77:e8:19:e6:a9:27:af:
f4:69:1d:5e:ae:ba:e9:6f:49:86:b6:9b:65:93:2a:
be:aa:13:f3:85:9a:1b:b4:1b:f6:9d:72:2e:22:ac:
62:42:bc:72:2e:5e:94:35:e8:f6:57:fc:9d:fb:8f:
f0:de:6f:92:90:5e:90:f8:b9:22:63:97:b6:ab:7d:
a3:fc:f1:e3:f2:fb:2d:45:f5:e5:d4:e2:ad:97:8e:
0c:4e:fc:21:2e:63:03:d1:3a:01:48:2b:02:82:c5:
ac:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:86:2C:2E:B6:EB:E7:AF:D0:AA:AE:87:8B:B1:F0:66:2E:61:67:FA
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/uYYsLrbr56_Qqq6Hi7HwZi5hZ_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:87:bf:17:42:e2:e1:c7:81:31:73:43:5a:ba:44:5b:80:ec:
93:5c:01:63:79:b6:54:63:3d:c6:c1:69:21:91:25:19:e3:ba:
bf:44:d1:09:10:24:e2:e0:2d:ba:19:3a:af:66:dc:3f:62:d9:
d8:5c:64:04:b0:e2:81:d1:f6:a2:09:51:82:5c:41:59:33:85:
2b:46:d9:2f:75:5c:0a:41:50:be:da:c6:59:10:41:48:d1:f4:
9a:13:87:36:01:96:53:bd:28:b8:89:5e:10:40:5a:58:91:66:
ec:53:14:9c:ba:81:83:46:03:57:f8:77:c4:59:99:da:d1:3b:
a7:ed:68:d2:29:6e:bc:f8:14:11:da:be:39:ae:ae:95:db:7e:
1f:16:f9:d6:a6:87:7e:62:f7:42:48:94:a8:b8:17:bf:63:b9:
9c:ca:55:7e:38:9f:b3:32:54:34:27:e8:59:f0:2b:54:2d:9e:
3b:9f:18:a7:a2:72:c4:0f:b9:2c:82:15:a0:9b:33:4c:b8:d8:
96:81:5a:22:e2:50:77:43:73:d4:ba:d9:82:1a:90:4f:27:91:
35:fd:ca:b0:dd:03:f8:30:f0:6b:a2:a8:de:b0:43:d6:61:9b:
1f:b6:65:cc:9d:91:50:55:0f:b3:b1:6c:22:86:18:65:93:5d:
f3:21:7e:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpIGJJCJyFoYz3xkgVEL3l4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMjAxODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTg2MmMyZWI2ZWJlN2FmZDBhYWFlODc4YmIxZjA2NjJlNjE2N2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBaxVq3la00S+YewYRa906e7D7Ea
7ZrHm3gmXwVOyqn3nQU/Os9NJOUY/FGirlOL+6/GYdiDBr7pEc2RrjgRv5BlZ/sA
bGZPir9UfiJDU3MDm+YpH22z3guU9SsPgtK4hhtkdiYXVNHimULqM+hsV4Md7olb
QU5deInwyqKMgimWLgvZfeIvKSmdPJsSFtIe5g+FSLriUZOwXCazc3foGeapJ6/0
aR1errrpb0mGtptlkyq+qhPzhZobtBv2nXIuIqxiQrxyLl6UNej2V/yd+4/w3m+S
kF6Q+LkiY5e2q32j/PHj8vstRfXl1OKtl44MTvwhLmMD0ToBSCsCgsWsgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLmGLC626+ev0Kquh4ux8GYuYWf6MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdVlZc0xyYnI1Nl9RcXE2SGk3SHdaaTVoWl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB6HvxdC4uHHgTFzQ1q6
RFuA7JNcAWN5tlRjPcbBaSGRJRnjur9E0QkQJOLgLboZOq9m3D9i2dhcZASw4oHR
9qIJUYJcQVkzhStG2S91XApBUL7axlkQQUjR9JoThzYBllO9KLiJXhBAWliRZuxT
FJy6gYNGA1f4d8RZmdrRO6ftaNIpbrz4FBHavjmurpXbfh8W+damh35i90JIlKi4
F79juZzKVX44n7MyVDQn6FnwK1QtnjufGKeicsQPuSyCFaCbM0y42JaBWiLiUHdD
c9S62YIakE8nkTX9yrDdA/gw8GuiqN6wQ9Zhmx+2ZcydkVBVD7OxbCKGGGWTXfMh
fiY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:01 2024 by rpki-client on console-ams.rpki-client.org