Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0xQIZLdSDY8dMPRW7gIcQe1gYGo.roa
File: 0xQIZLdSDY8dMPRW7gIcQe1gYGo.roa (raw, json)
Hash identifier: M0g9eIOc7Vb8YrS/X5XKOSVtfMyVWYTfMA3UgKhsx/w=
Subject key identifier: D3:14:08:64:B7:52:0D:8F:1D:30:F4:56:EE:02:1C:41:ED:60:60:6A
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9DE11B81748D0E9478F17ABB7679F121
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0xQIZLdSDY8dMPRW7gIcQe1gYGo.roa
Signing time: Sat 16 Sep 2023 12:04:50 +0000
ROA not before: Sat 16 Sep 2023 12:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:9de0:99dd/128 maxlen: 128
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9d:e1:1b:81:74:8d:0e:94:78:f1:7a:bb:76:79:f1:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 16 12:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3140864b7520d8f1d30f456ee021c41ed60606a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a0:e2:74:05:fd:c9:83:14:37:54:13:16:61:
d3:5c:c5:1e:60:9a:7f:ae:5e:56:fb:fa:f9:25:5a:
34:3c:83:b5:68:52:8b:16:7a:80:9e:c7:14:8a:90:
83:2c:aa:d6:aa:29:bc:07:b3:2c:8d:1b:c6:28:b4:
da:a3:e3:dc:8a:c9:66:a3:9a:77:c7:55:63:b4:0c:
4d:b0:a0:d3:ad:26:01:3f:d4:ed:4d:f6:92:5c:60:
75:6f:96:49:ee:16:5b:81:ad:8f:2c:bf:5c:e2:1c:
bd:71:ea:ed:54:e8:81:af:52:04:7d:82:60:eb:b5:
3e:88:bb:dd:81:76:25:66:9b:0c:c8:5b:a7:8c:e6:
60:43:86:29:3e:fb:40:1d:15:ba:5e:39:b2:4a:3f:
65:a1:4d:11:d6:6b:a6:f8:8e:f4:d5:5e:e0:79:62:
7e:df:38:b2:33:c1:d9:04:88:5b:d6:1d:2b:c8:d3:
44:3b:8d:7f:70:06:c2:13:b6:a0:0f:80:e1:f7:51:
d9:17:26:c4:05:af:ae:14:49:dc:50:6a:d3:19:b6:
69:c1:27:63:e2:26:c5:3e:3a:11:bf:e1:00:cd:0d:
2c:6c:9d:98:df:26:8a:51:91:5e:b6:f8:36:d0:f7:
7d:74:0b:a8:aa:ce:1d:9f:f0:d0:1a:cf:06:15:c6:
00:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:14:08:64:B7:52:0D:8F:1D:30:F4:56:EE:02:1C:41:ED:60:60:6A
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/0xQIZLdSDY8dMPRW7gIcQe1gYGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:c8:2a:9a:c4:ba:d0:78:58:92:45:15:e5:09:9c:cb:e7:70:
49:e9:d8:73:32:9a:64:c8:6a:2b:7c:59:77:93:16:7c:1c:37:
ae:13:3c:2e:6a:de:4c:24:7f:3f:66:4d:df:ec:7d:f7:43:a8:
f9:15:32:f7:5f:a5:53:66:4e:e6:19:58:95:7b:ff:50:c9:34:
23:13:2e:33:41:18:59:8d:e4:42:7c:6c:97:40:48:51:96:c6:
db:82:91:3a:31:10:a7:14:20:c1:38:31:f3:ec:e8:ea:16:fa:
cc:f6:53:db:7a:8f:e2:9d:e1:a3:86:b5:42:d9:a9:ee:45:5f:
62:6d:94:53:1d:c7:fb:82:a5:ef:71:ab:1e:1a:e6:76:60:bc:
a8:ea:65:c7:8a:3b:d9:c6:ce:59:ed:39:bf:7d:0d:dd:ab:d0:
a6:d0:5d:e1:83:d9:d3:59:56:e7:aa:60:aa:76:a3:c7:30:2a:
00:b3:91:8a:ed:f4:cd:85:9b:fc:99:59:ff:50:f0:00:e7:32:
ec:43:8b:81:21:b8:39:eb:3e:8f:7f:c2:d8:37:9b:55:28:d5:
58:46:85:ee:df:34:ba:a9:6a:11:25:db:c1:70:9c:9f:6d:7b:
f1:85:61:db:0a:bd:37:51:22:81:cc:2d:32:00:3b:da:7c:ad:
34:d4:50:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqd4RuBdI0OlHjxert2efEhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE2MTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzE0MDg2NGI3NTIwZDhmMWQzMGY0NTZlZTAyMWM0MWVkNjA2MDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6DidAX9yYMUN1QTFmHTXMUeYJp/
rl5W+/r5JVo0PIO1aFKLFnqAnscUipCDLKrWqim8B7MsjRvGKLTao+Pcislmo5p3
x1VjtAxNsKDTrSYBP9TtTfaSXGB1b5ZJ7hZbga2PLL9c4hy9certVOiBr1IEfYJg
67U+iLvdgXYlZpsMyFunjOZgQ4YpPvtAHRW6XjmySj9loU0R1mum+I701V7geWJ+
3ziyM8HZBIhb1h0ryNNEO41/cAbCE7agD4Dh91HZFybEBa+uFEncUGrTGbZpwSdj
4ibFPjoRv+EAzQ0sbJ2Y3yaKUZFetvg20Pd9dAuoqs4dn/DQGs8GFcYAIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNMUCGS3Ug2PHTD0Vu4CHEHtYGBqMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvMHhRSVpMZFNEWThkTVBSVzdnSWNRZTFnWUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAErIKprEutB4WJJFFeUJ
nMvncEnp2HMymmTIait8WXeTFnwcN64TPC5q3kwkfz9mTd/sffdDqPkVMvdfpVNm
TuYZWJV7/1DJNCMTLjNBGFmN5EJ8bJdASFGWxtuCkToxEKcUIME4MfPs6OoW+sz2
U9t6j+Kd4aOGtULZqe5FX2JtlFMdx/uCpe9xqx4a5nZgvKjqZceKO9nGzlntOb99
Dd2r0KbQXeGD2dNZVueqYKp2o8cwKgCzkYrt9M2Fm/yZWf9Q8ADnMuxDi4EhuDnr
Po9/wtg3m1Uo1VhGhe7fNLqpahEl28FwnJ9te/GFYdsKvTdRIoHMLTIAO9p8rTTU
UBI=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:45 2023 by rpki-client on console.sobornost.net