Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/TrG1W3NtEh1fPV2x9qQZPQXP37g.roa
File: TrG1W3NtEh1fPV2x9qQZPQXP37g.roa (raw, json)
Hash identifier: uFOnxvpQ8rRJ/zdlRhwSnq4uJKr2fbRgJEOMLG5DfkE=
Subject key identifier: 4E:B1:B5:5B:73:6D:12:1D:5F:3D:5D:B1:F6:A4:19:3D:05:CF:DF:B8
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA1FC21A3FEA1599CD50F8CC6C5941127
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/TrG1W3NtEh1fPV2x9qQZPQXP37g.roa
Signing time: Sun 17 Sep 2023 07:12:50 +0000
ROA not before: Sun 17 Sep 2023 07:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a1:fc:21:a3:fe:a1:59:9c:d5:0f:8c:c6:c5:94:11:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 07:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4eb1b55b736d121d5f3d5db1f6a4193d05cfdfb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:03:4a:f4:8d:b0:1c:00:af:3b:05:f4:76:5d:
87:47:be:d3:ad:ef:12:02:67:a3:a3:b3:3b:cb:cc:
bd:6f:4a:20:1f:63:31:69:37:b0:e1:a7:0d:24:67:
7d:91:b9:a4:74:26:4f:41:29:d1:1f:7f:fe:55:4c:
09:5e:80:5d:29:de:b8:16:2a:10:9a:ba:de:e2:f2:
44:02:fc:31:ae:59:42:80:b1:a5:a6:70:6d:99:7b:
9a:52:fd:ec:4d:2b:70:d5:0a:05:63:4a:4f:c7:15:
bb:33:19:0a:a5:5e:4b:df:b5:d5:c1:38:0a:04:0f:
33:22:cc:d9:f2:f9:ee:fb:c2:74:3b:ca:05:74:e3:
87:d4:d1:76:a7:e5:ef:59:84:1c:f3:85:48:46:23:
56:bc:c1:09:db:16:d9:6a:86:a3:34:49:87:9b:18:
64:64:a0:e7:7f:2b:be:26:fb:7f:a6:2e:7c:a2:26:
dd:ae:7e:50:5d:57:93:03:9a:06:c0:e8:a0:47:39:
6f:de:61:9c:f4:85:4e:a8:61:2f:99:13:18:46:e3:
69:7e:12:4d:50:ee:8d:3b:a7:7c:d2:bd:0c:5c:7b:
39:b9:89:59:68:78:ea:66:26:35:56:f2:c0:73:90:
9d:91:da:fa:21:6d:37:82:94:93:fc:77:40:3b:fc:
f7:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B1:B5:5B:73:6D:12:1D:5F:3D:5D:B1:F6:A4:19:3D:05:CF:DF:B8
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/TrG1W3NtEh1fPV2x9qQZPQXP37g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0b:00:a5:a1:0c:c9:ac:28:fd:b1:c1:25:1f:dc:c3:57:1c:b0:
d6:a8:46:77:a9:92:df:76:57:14:e2:42:3f:67:ea:fa:d7:7c:
e0:9e:4b:59:05:65:74:16:74:65:e0:d2:34:3f:c5:b0:b2:c3:
59:c3:a8:43:67:d2:ab:bb:be:48:34:96:de:a4:38:0c:b5:c6:
b8:0d:a0:58:44:7b:08:05:38:4b:11:93:41:e9:ab:78:d1:19:
5e:74:36:e3:e2:42:54:76:8b:64:66:c1:69:0d:a0:cd:dc:e3:
06:bf:e9:07:4b:53:23:fe:b2:79:a8:62:c7:84:42:b4:53:21:
91:f7:d9:36:1b:b4:8f:d1:07:d2:21:20:7b:97:bb:a5:cd:e7:
80:74:77:0a:47:33:0b:34:31:18:1e:b5:45:ac:16:e9:eb:b6:
e4:72:ef:c8:2e:82:90:80:cf:15:2c:81:ca:82:5b:22:df:2f:
07:33:0d:6c:6a:db:f3:78:26:3c:d5:85:15:7d:94:d9:00:5a:
c0:98:78:e0:8d:b1:c2:ca:2d:40:04:0c:ed:7b:2d:a4:d6:1f:
a2:34:72:bc:d0:f3:10:62:78:f9:b5:d2:43:98:46:8a:b9:65:
47:f5:0a:59:95:f3:a6:9c:ec:c0:dc:7d:a5:01:85:c8:66:9a:
1b:b3:6e:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqh/CGj/qFZnNUPjMbFlBEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MDcxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWIxYjU1YjczNmQxMjFkNWYzZDVkYjFmNmE0MTkzZDA1Y2ZkZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngNK9I2wHACvOwX0dl2HR77Tre8S
Amejo7M7y8y9b0ogH2MxaTew4acNJGd9kbmkdCZPQSnRH3/+VUwJXoBdKd64FioQ
mrre4vJEAvwxrllCgLGlpnBtmXuaUv3sTStw1QoFY0pPxxW7MxkKpV5L37XVwTgK
BA8zIszZ8vnu+8J0O8oFdOOH1NF2p+XvWYQc84VIRiNWvMEJ2xbZaoajNEmHmxhk
ZKDnfyu+Jvt/pi58oibdrn5QXVeTA5oGwOigRzlv3mGc9IVOqGEvmRMYRuNpfhJN
UO6NO6d80r0MXHs5uYlZaHjqZiY1VvLAc5Cdkdr6IW03gpST/HdAO/z3sQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE6xtVtzbRIdXz1dsfakGT0Fz9+4MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvVHJHMVczTnRFaDFmUFYyeDlxUVpQUVhQMzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAsApaEMyawo/bHBJR/c
w1ccsNaoRnepkt92VxTiQj9n6vrXfOCeS1kFZXQWdGXg0jQ/xbCyw1nDqENn0qu7
vkg0lt6kOAy1xrgNoFhEewgFOEsRk0Hpq3jRGV50NuPiQlR2i2RmwWkNoM3c4wa/
6QdLUyP+snmoYseEQrRTIZH32TYbtI/RB9IhIHuXu6XN54B0dwpHMws0MRgetUWs
FunrtuRy78gugpCAzxUsgcqCWyLfLwczDWxq2/N4JjzVhRV9lNkAWsCYeOCNscLK
LUAEDO17LaTWH6I0crzQ8xBiePm10kOYRoq5ZUf1ClmV86ac7MDcfaUBhchmmhuz
bmE=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:47 2023 by rpki-client on console.sobornost.net