Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/LbnJ5I0bXtcs6fzDEc2MumOWo_s.roa
File: LbnJ5I0bXtcs6fzDEc2MumOWo_s.roa (raw, json)
Hash identifier: 4JJWQYaMa+ldBUVeLzQZfeXIRPbOsNJH6YJ+dZHBDfg=
Subject key identifier: 2D:B9:C9:E4:8D:1B:5E:D7:2C:E9:FC:C3:11:CD:8C:BA:63:96:A3:FB
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5523803764A9F941F27AB6577F96479A
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/LbnJ5I0bXtcs6fzDEc2MumOWo_s.roa
Signing time: Sat 02 Sep 2023 09:05:04 +0000
ROA not before: Sat 02 Sep 2023 09:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:5522:b7c5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:55:23:80:37:64:a9:f9:41:f2:7a:b6:57:7f:96:47:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 09:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2db9c9e48d1b5ed72ce9fcc311cd8cba6396a3fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3a:47:73:30:7c:77:b0:41:24:9d:2b:82:16:
db:8d:4e:34:d9:4f:c1:ab:b5:ca:dd:e6:dc:1b:30:
54:d3:9d:29:f3:64:82:6d:b2:71:39:3a:ae:70:b7:
de:6a:90:2b:5c:c5:0a:1c:f0:ed:80:57:17:a7:b7:
76:a6:65:88:87:d4:cd:25:18:d0:c4:ae:97:cc:0d:
95:b3:d2:29:e9:6f:d5:13:7e:66:ca:96:60:82:63:
24:43:04:90:c3:de:1c:40:c2:9e:cf:d9:60:97:93:
f5:8c:98:a5:ed:3d:1e:b6:93:85:43:c3:96:1d:15:
a4:35:be:6b:c9:3a:a6:a5:9b:39:b9:21:7c:b9:ec:
8b:e5:2e:24:d3:43:f1:08:85:49:7b:7c:3e:05:16:
05:94:97:13:44:d1:3e:0b:1c:61:47:b7:38:cf:bb:
24:2b:c7:cd:f4:d2:92:93:8a:c3:83:0f:0e:23:b0:
c8:09:c2:33:0e:01:16:a4:0e:c9:b1:98:aa:53:d6:
cf:8c:dd:74:c4:81:b2:9f:f8:42:6b:39:ed:a1:71:
ab:df:3b:ce:9f:0f:71:2e:cd:d7:c2:95:3e:45:80:
0f:82:ff:05:31:ec:2f:b8:2c:c8:6c:3d:8f:dc:84:
30:a1:92:3e:c5:6d:83:10:0f:60:d0:9a:1a:2e:05:
d5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B9:C9:E4:8D:1B:5E:D7:2C:E9:FC:C3:11:CD:8C:BA:63:96:A3:FB
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/LbnJ5I0bXtcs6fzDEc2MumOWo_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:2d:22:a5:77:dd:6d:ae:1b:96:84:7b:e2:70:cb:4e:88:c1:
37:a0:5f:30:64:9d:ed:bd:6c:e3:e3:b5:95:9e:a9:01:bb:b0:
50:bc:16:88:ce:75:39:7b:d3:c8:7f:5e:33:c2:3e:08:ed:32:
9f:a8:96:a8:80:c3:a7:19:ae:93:5a:f1:69:5d:ea:b2:0b:2f:
c3:1d:71:b0:9e:c4:27:4a:06:6c:2a:4b:5f:a9:d0:cd:c1:62:
3f:68:08:a1:bc:d3:fd:54:95:17:6b:eb:ed:e9:2a:74:76:71:
df:b8:36:99:6a:27:9c:14:c9:69:0e:95:d0:13:6a:c3:c0:87:
17:bd:75:12:eb:1c:72:1d:0a:74:0d:ae:99:7b:83:3e:20:62:
7e:d5:b7:fd:28:2d:ed:9c:01:18:05:ee:a7:fa:a0:ab:da:81:
12:42:7e:ee:23:13:f6:f1:71:de:1b:16:f5:2c:89:0e:cd:e3:
6d:49:a3:d9:3b:41:55:2e:d7:43:5c:e2:73:1d:d2:e1:fd:94:
72:27:90:39:5c:30:48:0f:7e:72:66:e7:7e:33:40:63:a6:2c:
61:55:c2:2d:b1:48:0d:5f:00:b0:b6:09:df:8a:3b:25:0f:d0:
28:88:73:e7:b1:36:55:54:4a:bb:46:1e:d4:ca:1a:fb:ac:27:
66:41:ab:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpVI4A3ZKn5QfJ6tld/lkeaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMDkwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGI5YzllNDhkMWI1ZWQ3MmNlOWZjYzMxMWNkOGNiYTYzOTZhM2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DpHczB8d7BBJJ0rghbbjU402U/B
q7XK3ebcGzBU050p82SCbbJxOTqucLfeapArXMUKHPDtgFcXp7d2pmWIh9TNJRjQ
xK6XzA2Vs9Ip6W/VE35mypZggmMkQwSQw94cQMKez9lgl5P1jJil7T0etpOFQ8OW
HRWkNb5ryTqmpZs5uSF8ueyL5S4k00PxCIVJe3w+BRYFlJcTRNE+CxxhR7c4z7sk
K8fN9NKSk4rDgw8OI7DICcIzDgEWpA7JsZiqU9bPjN10xIGyn/hCazntoXGr3zvO
nw9xLs3XwpU+RYAPgv8FMewvuCzIbD2P3IQwoZI+xW2DEA9g0JoaLgXVawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC25yeSNG17XLOn8wxHNjLpjlqP7MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTGJuSjVJMGJYdGNzNmZ6REVjMk11bU9Xb19zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIwtIqV33W2uG5aEe+Jw
y06IwTegXzBkne29bOPjtZWeqQG7sFC8FojOdTl708h/XjPCPgjtMp+olqiAw6cZ
rpNa8Wld6rILL8MdcbCexCdKBmwqS1+p0M3BYj9oCKG80/1UlRdr6+3pKnR2cd+4
NplqJ5wUyWkOldATasPAhxe9dRLrHHIdCnQNrpl7gz4gYn7Vt/0oLe2cARgF7qf6
oKvagRJCfu4jE/bxcd4bFvUsiQ7N421Jo9k7QVUu10Nc4nMd0uH9lHInkDlcMEgP
fnJm534zQGOmLGFVwi2xSA1fALC2Cd+KOyUP0CiIc+exNlVUSrtGHtTKGvusJ2ZB
qwc=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:47 2023 by rpki-client on console.sobornost.net