Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yVOW4PEwZ32Gt8Mix5_3Q_PrUE0.roa
File: yVOW4PEwZ32Gt8Mix5_3Q_PrUE0.roa (raw, json)
Hash identifier: M2L44e4FI3gTVqz2YtBiM56VT9c7FjPzGYa968s0sO0=
Subject key identifier: C9:53:96:E0:F1:30:67:7D:86:B7:C3:22:C7:9F:F7:43:F3:EB:50:4D
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A541E931C5ED7E5AFEBAF14F57BD9BE60
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yVOW4PEwZ32Gt8Mix5_3Q_PrUE0.roa
Signing time: Sat 02 Sep 2023 04:20:04 +0000
ROA not before: Sat 02 Sep 2023 04:20:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:54:1e:93:1c:5e:d7:e5:af:eb:af:14:f5:7b:d9:be:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 04:20:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c95396e0f130677d86b7c322c79ff743f3eb504d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0d:2d:be:ca:d9:ed:7f:bd:0b:a0:28:28:65:
5e:0c:d4:ce:77:a2:2c:54:f2:fe:ba:ef:2f:3a:3f:
50:02:80:0d:5d:96:6d:dc:7e:4d:12:31:5b:e4:18:
c9:7e:52:45:3b:fb:cf:03:26:d4:de:6c:55:a0:eb:
6d:71:ac:01:03:0f:af:2c:93:a8:3b:28:c6:2d:be:
11:08:59:d6:7c:ac:87:51:7f:93:5a:16:12:9b:53:
e2:dc:83:36:27:44:e4:27:e1:55:50:ab:29:d2:bc:
80:a0:65:e1:39:d4:96:85:79:30:76:e6:92:bb:83:
a5:57:8e:eb:34:8c:2f:bf:69:9a:c6:56:03:68:63:
77:3b:83:62:60:0f:59:c0:86:95:1a:01:13:a3:ee:
e7:c9:e2:d6:82:27:98:03:df:0c:5d:6b:e3:48:6e:
77:ec:49:fb:d7:07:67:57:3c:02:5d:bc:30:ef:16:
6b:11:37:f4:56:78:9c:31:11:c6:80:b7:a0:ab:c5:
5e:ea:2f:4e:fe:ad:8a:53:d9:41:cb:8e:76:ca:11:
f0:3d:6e:b1:49:3b:b9:e5:1b:ce:21:3a:c8:64:28:
da:06:09:f8:6e:54:38:5f:29:10:82:bf:c1:e6:c4:
ad:31:7a:63:a8:ea:a7:32:e3:61:f6:7b:3b:a8:14:
81:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:53:96:E0:F1:30:67:7D:86:B7:C3:22:C7:9F:F7:43:F3:EB:50:4D
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/yVOW4PEwZ32Gt8Mix5_3Q_PrUE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:48:d9:6a:3e:0b:9b:70:6b:18:0a:fa:d7:d9:8e:80:dd:ad:
a6:54:25:3e:58:dd:f7:fa:75:1e:94:61:e6:76:60:dc:79:8e:
a9:4b:43:6c:c8:9d:ad:a8:b6:58:50:d3:87:8d:41:83:cc:1c:
f3:ba:ee:66:13:2e:9d:f2:84:08:38:18:55:7c:f0:0f:97:ea:
26:f3:a7:e7:e9:cc:60:5c:6b:95:82:43:d4:2e:79:2a:4e:3b:
87:d6:89:01:f0:01:aa:6e:6d:57:04:7d:67:ad:17:de:4e:36:
36:28:da:69:a3:18:30:02:24:14:27:f7:bb:4d:1a:4a:43:c6:
2e:c3:21:1c:47:ff:de:3a:7d:8d:1f:2d:b4:4a:a2:81:08:50:
46:00:88:c8:2d:76:01:31:8f:c0:7f:98:e1:99:de:73:a6:af:
17:29:7e:fb:f4:b8:c5:ab:86:dd:1c:28:6a:42:6c:70:d3:89:
48:09:aa:dc:c5:f9:38:dc:56:60:89:95:35:68:20:dd:34:ee:
86:d1:f0:2c:ee:bb:28:04:53:e7:5d:1d:56:29:e6:03:69:76:
c9:00:96:a3:2d:07:3e:52:17:84:b9:2a:e7:c5:23:36:ce:63:
72:5f:23:ea:cc:85:fb:1a:59:cf:ab:e1:63:28:f8:a6:f2:4b:
5b:73:8b:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpUHpMcXtflr+uvFPV72b5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMDQyMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTUzOTZlMGYxMzA2NzdkODZiN2MzMjJjNzlmZjc0M2YzZWI1MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg0tvsrZ7X+9C6AoKGVeDNTOd6Is
VPL+uu8vOj9QAoANXZZt3H5NEjFb5BjJflJFO/vPAybU3mxVoOttcawBAw+vLJOo
OyjGLb4RCFnWfKyHUX+TWhYSm1Pi3IM2J0TkJ+FVUKsp0ryAoGXhOdSWhXkwduaS
u4OlV47rNIwvv2maxlYDaGN3O4NiYA9ZwIaVGgETo+7nyeLWgieYA98MXWvjSG53
7En71wdnVzwCXbww7xZrETf0VnicMRHGgLegq8Ve6i9O/q2KU9lBy452yhHwPW6x
STu55RvOITrIZCjaBgn4blQ4XykQgr/B5sStMXpjqOqnMuNh9ns7qBSB8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMlTluDxMGd9hrfDIsef90Pz61BNMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEveVZPVzRQRXdaMzJHdDhNaXg1XzNRX1ByVUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIlI2Wo+C5twaxgK+tfZ
joDdraZUJT5Y3ff6dR6UYeZ2YNx5jqlLQ2zIna2otlhQ04eNQYPMHPO67mYTLp3y
hAg4GFV88A+X6ibzp+fpzGBca5WCQ9QueSpOO4fWiQHwAapubVcEfWetF95ONjYo
2mmjGDACJBQn97tNGkpDxi7DIRxH/946fY0fLbRKooEIUEYAiMgtdgExj8B/mOGZ
3nOmrxcpfvv0uMWrht0cKGpCbHDTiUgJqtzF+TjcVmCJlTVoIN007obR8CzuuygE
U+ddHVYp5gNpdskAlqMtBz5SF4S5KufFIzbOY3JfI+rMhfsaWc+r4WMo+KbyS1tz
iwY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:58 2024 by rpki-client on console-fra.rpki-client.org