Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Uwm76OcM0vM2r8thivk8SvgY8LQ.roa
File: Uwm76OcM0vM2r8thivk8SvgY8LQ.roa (raw, json)
Hash identifier: /N7la4/llUTK+9B8Nm74FFCD5fJOJ4GyfcTZc6l1eec=
Subject key identifier: 53:09:BB:E8:E7:0C:D2:F3:36:AF:CB:61:8A:F9:3C:4A:F8:18:F0:B4
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A7F9FC7DAEB8B9EC44A6800294CF1B04D
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Uwm76OcM0vM2r8thivk8SvgY8LQ.roa
Signing time: Sun 10 Sep 2023 15:04:52 +0000
ROA not before: Sun 10 Sep 2023 15:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:7f9f:32af/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7f:9f:c7:da:eb:8b:9e:c4:4a:68:00:29:4c:f1:b0:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 10 15:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5309bbe8e70cd2f336afcb618af93c4af818f0b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c7:e4:78:2b:0c:ac:ab:c4:14:e9:bf:90:89:
9d:e1:e2:f8:dd:41:57:19:ed:ea:55:f4:50:83:94:
2d:8a:4e:de:35:24:75:81:91:bf:17:cb:36:ef:e2:
4f:5a:09:ce:81:e7:b2:1a:0e:cc:f2:c1:d5:f1:d9:
26:7c:6e:21:75:cb:ed:b1:00:bb:f4:1b:be:76:b4:
7d:fe:a3:b9:95:67:72:e4:4c:6c:c1:58:cd:5d:0d:
1b:d8:c7:e8:14:40:d9:b0:88:37:32:2f:63:05:0c:
3c:75:d9:ca:81:01:93:b9:c8:ec:f2:a3:2a:ba:14:
8a:95:34:fb:b5:98:c4:fd:8e:59:c3:36:56:65:4e:
78:dd:18:ab:29:c0:33:4f:54:43:46:ea:b8:e7:bb:
a2:91:53:4d:b9:29:32:4d:4c:11:55:45:10:01:2e:
1c:86:b4:e4:62:95:b2:ad:52:d9:a4:07:5e:dc:84:
65:a7:8f:1e:7d:e5:2f:ae:32:fd:27:88:30:32:04:
99:b1:c5:19:42:73:c2:b3:99:6d:44:38:a1:aa:5f:
ad:cb:21:06:27:bb:9c:f5:81:08:e5:e9:d3:7c:48:
06:2c:5d:18:8f:c0:76:e7:8b:7d:7b:f2:98:ed:b7:
66:f5:64:7e:f6:1e:9b:e7:7f:6f:f0:cd:da:f8:fc:
86:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:09:BB:E8:E7:0C:D2:F3:36:AF:CB:61:8A:F9:3C:4A:F8:18:F0:B4
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Uwm76OcM0vM2r8thivk8SvgY8LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:a2:27:25:7e:de:32:df:02:0c:c6:6b:9c:00:a3:79:85:72:
a5:76:6a:ca:21:3c:48:ee:21:8c:d7:8c:08:89:47:55:f6:cf:
44:4c:dd:56:17:ae:93:80:ef:10:6c:1f:31:01:12:aa:74:fc:
77:6a:e8:6c:e0:aa:4f:e8:20:c6:ee:b3:c0:f9:1d:ac:41:3e:
c5:fe:2c:6b:8b:35:52:16:97:54:c3:ad:8d:da:1c:d9:56:dd:
89:3b:0f:92:34:85:49:df:2b:ac:81:f1:08:8a:64:84:ec:fd:
67:d1:7d:c6:15:5d:a6:c1:67:70:13:e3:f6:c6:c8:a6:0b:f4:
20:68:4b:e2:28:b1:5a:d3:02:09:9a:4c:af:53:e4:be:44:c8:
d6:67:22:37:b7:dc:11:ec:3c:32:0d:47:c3:2e:23:c3:71:18:
36:74:db:23:76:7b:19:87:82:94:7d:d3:ea:c6:64:07:a6:1f:
86:89:09:dc:16:56:a2:bb:c0:24:0f:c1:36:6a:a9:60:e0:68:
d4:72:48:24:61:c5:5e:99:ed:d9:13:c7:12:93:28:ef:3f:87:
08:f3:27:31:19:0d:d2:e6:7a:d1:6d:43:31:eb:c8:48:3f:da:
9b:0e:b2:1f:2f:f9:79:b8:dc:96:06:92:61:c4:ce:a3:b0:49:
9b:2e:d5:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp/n8fa64uexEpoAClM8bBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEwMTUwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzA5YmJlOGU3MGNkMmYzMzZhZmNiNjE4YWY5M2M0YWY4MThmMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMfkeCsMrKvEFOm/kImd4eL43UFX
Ge3qVfRQg5Qtik7eNSR1gZG/F8s27+JPWgnOgeeyGg7M8sHV8dkmfG4hdcvtsQC7
9Bu+drR9/qO5lWdy5ExswVjNXQ0b2MfoFEDZsIg3Mi9jBQw8ddnKgQGTucjs8qMq
uhSKlTT7tZjE/Y5ZwzZWZU543RirKcAzT1RDRuq457uikVNNuSkyTUwRVUUQAS4c
hrTkYpWyrVLZpAde3IRlp48efeUvrjL9J4gwMgSZscUZQnPCs5ltRDihql+tyyEG
J7uc9YEI5enTfEgGLF0Yj8B254t9e/KY7bdm9WR+9h6b539v8M3a+PyG4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFMJu+jnDNLzNq/LYYr5PEr4GPC0MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvVXdtNzZPY00wdk0ycjh0aGl2azhTdmdZOExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD+iJyV+3jLfAgzGa5wA
o3mFcqV2asohPEjuIYzXjAiJR1X2z0RM3VYXrpOA7xBsHzEBEqp0/Hdq6Gzgqk/o
IMbus8D5HaxBPsX+LGuLNVIWl1TDrY3aHNlW3Yk7D5I0hUnfK6yB8QiKZITs/WfR
fcYVXabBZ3AT4/bGyKYL9CBoS+IosVrTAgmaTK9T5L5EyNZnIje33BHsPDINR8Mu
I8NxGDZ02yN2exmHgpR90+rGZAemH4aJCdwWVqK7wCQPwTZqqWDgaNRySCRhxV6Z
7dkTxxKTKO8/hwjzJzEZDdLmetFtQzHryEg/2psOsh8v+Xm43JYGkmHEzqOwSZsu
1YI=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:47 2023 by rpki-client on console.sobornost.net