Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zTOwN5not4KFUU_IQ0w1J4ypUjg.roa
File: zTOwN5not4KFUU_IQ0w1J4ypUjg.roa (raw, json)
Hash identifier: lFJr6CbSr1WWOJgW4llZscWZxQWvFuiwvXSGVUgYrHM=
Subject key identifier: CD:33:B0:37:99:E8:B7:82:85:51:4F:C8:43:4C:35:27:8C:A9:52:38
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A97AE7F7DEFCDBE1319DE4A74E473937E
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zTOwN5not4KFUU_IQ0w1J4ypUjg.roa
Signing time: Fri 15 Sep 2023 07:11:50 +0000
ROA not before: Fri 15 Sep 2023 07:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:97:ae:7f:7d:ef:cd:be:13:19:de:4a:74:e4:73:93:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 15 07:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd33b03799e8b78285514fc8434c35278ca95238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:64:a8:4e:5d:d1:4b:4e:42:88:3e:be:5b:b0:
04:e3:80:c9:60:65:c4:08:50:70:76:25:cd:70:d7:
0f:df:32:8f:6d:50:8e:49:e7:18:02:80:c6:9e:12:
4c:56:63:49:80:31:b6:07:ad:05:49:83:b8:77:7e:
8d:6e:cf:30:4f:fc:b0:43:b1:78:3f:96:a9:22:3c:
98:19:3b:7f:65:c1:e0:7f:7e:91:a5:14:be:a1:41:
ad:84:60:c6:0c:bd:af:cc:d9:6f:50:56:48:97:e1:
fd:f9:06:ba:46:09:09:86:b6:71:2d:e0:d9:9a:eb:
74:bc:4a:2c:dc:b5:11:7b:a8:d0:e9:a7:9b:87:0c:
ef:de:c4:dd:08:ef:9b:38:9f:34:d0:ff:5f:b9:30:
98:17:15:dd:44:1a:6b:15:25:57:21:ab:26:b5:90:
2c:89:7d:c1:45:d2:28:bc:0d:a4:5e:24:9d:1d:07:
2f:07:d4:b4:ca:ef:33:0f:b4:ad:15:66:9a:57:ba:
01:fc:ab:e8:22:02:35:88:6d:a7:fa:f2:2b:64:cd:
ed:a4:e8:4e:f7:78:18:89:cf:5a:22:f2:8b:30:3f:
b8:c7:2b:5d:7d:c7:fe:38:6e:7d:47:a3:3b:a1:b1:
e9:b5:ac:0e:11:da:eb:f8:89:49:cc:08:0e:69:98:
90:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:33:B0:37:99:E8:B7:82:85:51:4F:C8:43:4C:35:27:8C:A9:52:38
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/zTOwN5not4KFUU_IQ0w1J4ypUjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:03:62:90:d9:07:f0:c4:88:c6:0c:20:16:99:07:cc:c9:a6:
a8:11:46:6a:17:b5:55:80:e8:b8:04:91:95:22:aa:5e:05:94:
9f:20:18:24:e1:fd:6e:41:8b:e6:39:b4:74:d1:24:31:86:69:
4d:99:1c:b1:a3:2d:0e:49:99:03:23:7e:0a:8c:2e:ed:1e:39:
2b:6a:92:f6:3d:0c:9d:1b:17:d0:02:e1:f1:b1:30:77:bd:23:
f9:f1:b7:aa:e3:e9:8e:22:73:4e:fe:6f:14:91:e5:fc:06:af:
1a:ab:f3:da:3a:3a:ab:2f:2f:ff:4c:33:bb:90:18:aa:3b:d5:
b3:c3:a1:3f:1f:ab:bb:0e:2d:b9:20:ed:03:bc:2b:67:97:c3:
18:52:33:89:59:00:b6:1f:db:64:d2:aa:d7:e4:7a:cc:6a:24:
0f:83:98:3f:7d:26:da:57:78:01:e0:fa:bf:17:76:b0:33:88:
a1:60:1f:a6:9d:c5:4f:2e:dc:ae:2d:c0:8e:e2:2d:46:ea:b1:
08:e6:e5:d8:14:6e:1a:9a:8c:fd:59:f2:4c:85:f2:6c:8c:ac:
32:31:a7:3a:90:fa:2c:12:42:ad:7a:df:cd:65:77:0b:6c:ab:
04:17:12:b3:e5:a8:fb:42:cc:07:d7:fa:cc:85:49:36:6a:19:
78:a9:2a:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqXrn99782+ExneSnTkc5N+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE1MDcxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDMzYjAzNzk5ZThiNzgyODU1MTRmYzg0MzRjMzUyNzhjYTk1MjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2SoTl3RS05CiD6+W7AE44DJYGXE
CFBwdiXNcNcP3zKPbVCOSecYAoDGnhJMVmNJgDG2B60FSYO4d36Nbs8wT/ywQ7F4
P5apIjyYGTt/ZcHgf36RpRS+oUGthGDGDL2vzNlvUFZIl+H9+Qa6RgkJhrZxLeDZ
mut0vEos3LURe6jQ6aebhwzv3sTdCO+bOJ800P9fuTCYFxXdRBprFSVXIasmtZAs
iX3BRdIovA2kXiSdHQcvB9S0yu8zD7StFWaaV7oB/KvoIgI1iG2n+vIrZM3tpOhO
93gYic9aIvKLMD+4xytdfcf+OG59R6M7obHptawOEdrr+IlJzAgOaZiQ/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM0zsDeZ6LeChVFPyENMNSeMqVI4MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvelRPd041bm90NEtGVVVfSVEwdzFKNHlwVWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHIDYpDZB/DEiMYMIBaZ
B8zJpqgRRmoXtVWA6LgEkZUiql4FlJ8gGCTh/W5Bi+Y5tHTRJDGGaU2ZHLGjLQ5J
mQMjfgqMLu0eOStqkvY9DJ0bF9AC4fGxMHe9I/nxt6rj6Y4ic07+bxSR5fwGrxqr
89o6OqsvL/9MM7uQGKo71bPDoT8fq7sOLbkg7QO8K2eXwxhSM4lZALYf22TSqtfk
esxqJA+DmD99JtpXeAHg+r8XdrAziKFgH6adxU8u3K4twI7iLUbqsQjm5dgUbhqa
jP1Z8kyF8myMrDIxpzqQ+iwSQq16381ldwtsqwQXErPlqPtCzAfX+syFSTZqGXip
Kp4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:58 2024 by rpki-client on console-fra.rpki-client.org