Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/v1lFNpE1aIHMVCiDu8mABU14_hM.roa
File: v1lFNpE1aIHMVCiDu8mABU14_hM.roa (raw, json)
Hash identifier: 6P5WQoMb1fAPW2TbluR5Oeel+IBBQ3e/Dh4br9kGpmA=
Subject key identifier: BF:59:45:36:91:35:68:81:CC:54:28:83:BB:C9:80:05:4D:78:FE:13
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4772D4D7CA174ADA474DA19C90E0CA0F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/v1lFNpE1aIHMVCiDu8mABU14_hM.roa
Signing time: Wed 30 Aug 2023 17:17:02 +0000
ROA not before: Wed 30 Aug 2023 17:17:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:47:72:d4:d7:ca:17:4a:da:47:4d:a1:9c:90:e0:ca:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 17:17:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf59453691356881cc542883bbc980054d78fe13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6c:35:23:21:ca:99:ad:e2:69:56:5f:14:87:
06:28:86:0f:07:4a:5b:2f:f3:6f:af:18:51:f0:4b:
98:b9:e6:50:2c:04:73:b0:81:c7:6c:e2:6e:d0:17:
b3:08:a5:84:c1:0f:5c:12:1c:58:d5:83:66:1e:4b:
51:94:b8:f2:90:1b:86:74:04:1e:8f:52:e2:38:1b:
9d:1c:be:86:2a:62:ef:5f:aa:b4:7a:c3:77:05:e1:
79:2a:c2:5d:a9:fd:9a:cd:2b:a9:8b:aa:54:f0:91:
d7:cc:66:1c:23:43:6b:97:76:32:c9:34:18:d9:b3:
61:06:e8:de:c3:ec:df:a2:04:7e:d2:0e:6e:dc:f5:
1d:ce:97:c1:00:8e:cf:b8:13:47:38:3f:d2:3e:2d:
32:23:08:fc:c1:57:06:b9:88:ae:12:ee:eb:67:47:
0d:88:e1:58:c4:ef:f5:06:30:c9:15:3a:28:a3:41:
74:a6:85:47:8c:c8:90:d0:9a:22:b6:15:b4:40:07:
fb:88:bc:c9:52:4d:08:ea:3f:cb:1a:16:ac:c5:d4:
32:8d:8d:ba:44:76:40:46:d5:e4:e0:14:ed:21:e6:
a7:13:68:9e:0e:5a:43:fb:f1:79:e1:a9:5f:05:52:
49:cf:92:95:ce:30:58:fc:5f:54:08:01:eb:f4:46:
37:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:59:45:36:91:35:68:81:CC:54:28:83:BB:C9:80:05:4D:78:FE:13
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/v1lFNpE1aIHMVCiDu8mABU14_hM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:49:4f:54:c8:01:43:23:6a:62:95:50:a8:25:91:b5:7f:3a:
ff:37:07:20:32:bb:77:ae:9f:d6:ff:f9:7c:69:8f:e7:1e:40:
da:82:65:c3:7c:b7:87:82:e1:df:1d:22:26:60:cd:fd:4e:ba:
de:50:07:75:3c:10:ad:5d:7c:7f:97:49:e4:b8:30:6f:67:58:
a4:1b:95:10:bd:8c:d7:15:ba:b8:7c:d7:c4:f2:2c:66:87:e1:
c8:f2:d3:50:86:c2:3e:c3:f0:d3:0f:ca:2b:4c:29:4c:29:37:
57:0f:6f:a6:cd:b7:a8:5e:37:2e:bd:bd:89:9e:f3:88:34:91:
db:4b:7c:e1:e1:ef:3e:31:64:23:b2:85:68:32:0f:75:d3:45:
2e:c6:2e:22:3f:5b:27:a0:ed:21:a4:74:f8:be:e9:d0:46:04:
da:e6:77:0e:38:00:6f:03:03:bb:e4:f4:09:9f:cf:af:46:3a:
e5:f6:04:1b:e8:a5:b8:ca:ed:f5:63:1d:b0:82:68:72:35:93:
72:8b:4f:f5:3e:3c:4d:2c:a8:52:0d:36:55:59:e9:0b:67:62:
4f:34:49:2d:e3:7e:89:f4:70:c3:17:1a:23:14:16:e5:3a:fd:
aa:39:33:3c:e4:d6:60:4d:69:5d:50:1d:78:69:87:6b:8e:e4:
ca:58:01:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpHctTXyhdK2kdNoZyQ4MoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMTcxNzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjU5NDUzNjkxMzU2ODgxY2M1NDI4ODNiYmM5ODAwNTRkNzhmZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWw1IyHKma3iaVZfFIcGKIYPB0pb
L/NvrxhR8EuYueZQLARzsIHHbOJu0BezCKWEwQ9cEhxY1YNmHktRlLjykBuGdAQe
j1LiOBudHL6GKmLvX6q0esN3BeF5KsJdqf2azSupi6pU8JHXzGYcI0Nrl3YyyTQY
2bNhBujew+zfogR+0g5u3PUdzpfBAI7PuBNHOD/SPi0yIwj8wVcGuYiuEu7rZ0cN
iOFYxO/1BjDJFTooo0F0poVHjMiQ0JoithW0QAf7iLzJUk0I6j/LGhasxdQyjY26
RHZARtXk4BTtIeanE2ieDlpD+/F54alfBVJJz5KVzjBY/F9UCAHr9EY37QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL9ZRTaRNWiBzFQog7vJgAVNeP4TMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdjFsRk5wRTFhSUhNVkNpRHU4bUFCVTE0X2hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE9JT1TIAUMjamKVUKgl
kbV/Ov83ByAyu3eun9b/+Xxpj+ceQNqCZcN8t4eC4d8dIiZgzf1Out5QB3U8EK1d
fH+XSeS4MG9nWKQblRC9jNcVurh818TyLGaH4cjy01CGwj7D8NMPyitMKUwpN1cP
b6bNt6heNy69vYme84g0kdtLfOHh7z4xZCOyhWgyD3XTRS7GLiI/Wyeg7SGkdPi+
6dBGBNrmdw44AG8DA7vk9Amfz69GOuX2BBvopbjK7fVjHbCCaHI1k3KLT/U+PE0s
qFINNlVZ6QtnYk80SS3jfon0cMMXGiMUFuU6/ao5Mzzk1mBNaV1QHXhph2uO5MpY
AZk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:01 2024 by rpki-client on console-ams.rpki-client.org