Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/_kxDTTOCo1k8F6aFERYhm8piqvU.roa
File: _kxDTTOCo1k8F6aFERYhm8piqvU.roa (raw, json)
Hash identifier: xtuqQDKmO8ZA0YVsNMRoR1vNEKWLsoiPcteIoJ2PsM0=
Subject key identifier: FE:4C:43:4D:33:82:A3:59:3C:17:A6:85:11:16:21:9B:CA:62:AA:F5
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9330985DC0DEB8DAC46091768820B05C
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/_kxDTTOCo1k8F6aFERYhm8piqvU.roa
Signing time: Thu 14 Sep 2023 10:15:50 +0000
ROA not before: Thu 14 Sep 2023 10:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:30:98:5d:c0:de:b8:da:c4:60:91:76:88:20:b0:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 14 10:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe4c434d3382a3593c17a6851116219bca62aaf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b2:d8:a0:57:4d:7e:2b:b7:87:9d:81:f6:3d:
dd:32:2e:be:75:ce:f2:17:38:7d:50:59:7c:c2:59:
df:8c:4b:f3:14:f5:50:09:e8:55:12:3f:b1:b7:c3:
87:b2:fa:1c:34:7d:76:a3:41:85:51:4a:e7:d0:77:
45:32:1e:36:e6:d4:00:ba:6b:6a:57:40:99:3b:d1:
ae:85:62:e9:cc:8c:79:9b:0b:b3:6f:78:4f:fd:2b:
de:5e:e9:49:80:fa:17:68:c6:10:a8:7e:93:a3:d7:
d8:34:ee:eb:bc:c7:e0:dd:a1:a4:29:e4:6d:14:ef:
8f:ae:eb:9e:14:98:79:c6:dd:86:80:e6:9f:93:e1:
e1:45:2a:ab:de:27:9f:52:28:84:70:87:b1:be:25:
e0:f1:e3:84:a1:9e:b8:2b:d8:0f:3d:b0:bc:4f:dd:
f1:3a:95:fd:db:b3:00:2c:e4:36:25:dd:59:fc:e8:
ff:99:78:fb:86:06:fd:76:ef:15:00:9b:dd:26:0f:
b5:53:e2:b4:7c:1f:a3:2b:53:e0:c0:f1:48:e6:7f:
a7:87:4d:46:9a:d6:c6:f9:08:95:f0:0f:e2:38:b9:
92:8a:f6:ab:fb:ff:c8:81:f1:e3:72:a4:d7:81:3b:
16:84:27:8c:cf:e9:12:ce:fb:7f:6c:a9:2e:1d:e2:
24:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:4C:43:4D:33:82:A3:59:3C:17:A6:85:11:16:21:9B:CA:62:AA:F5
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/_kxDTTOCo1k8F6aFERYhm8piqvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:83:63:a8:6b:37:08:c2:3a:9d:16:32:83:6e:3b:ac:ed:71:
ad:ba:54:78:db:19:50:7b:e6:99:e8:86:fd:19:0e:ed:4f:ca:
34:91:f4:3b:70:83:97:0a:c7:68:84:a4:42:9b:8d:0f:9f:26:
75:89:a2:63:ff:2c:c4:2a:28:f9:f2:92:05:e0:df:66:20:c1:
ac:9e:73:35:02:f1:e2:c7:57:3f:7e:09:74:e1:40:34:2c:80:
12:6f:ba:1f:d0:93:cb:85:ee:d4:6b:b4:bb:9c:85:bf:5b:8a:
65:40:e4:ef:a9:56:5e:7f:cb:42:07:b6:19:d4:b0:7f:bc:93:
d6:39:e1:cc:fc:9e:3f:3e:99:c8:98:03:71:41:7a:99:9e:a5:
84:3c:b7:73:ef:c1:de:47:bf:63:89:6f:e1:2f:4b:92:76:1d:
f4:ad:0c:57:9a:e2:73:af:84:1e:d6:ae:67:67:18:d5:e3:9e:
47:7c:8a:78:4c:f7:ab:f1:ec:de:f2:e2:89:7d:f0:0a:18:d3:
c3:be:fb:cb:72:28:76:fd:b3:60:fd:3d:73:51:87:c5:ba:31:
08:9a:e5:ff:6d:38:cc:a4:12:d2:38:17:fb:7c:c2:b5:fd:6c:
05:d5:e8:75:81:ac:36:49:39:0a:e4:a0:20:ff:d3:35:5a:f9:
cc:ee:56:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqTMJhdwN642sRgkXaIILBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE0MTAxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTRjNDM0ZDMzODJhMzU5M2MxN2E2ODUxMTE2MjE5YmNhNjJhYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLLYoFdNfiu3h52B9j3dMi6+dc7y
Fzh9UFl8wlnfjEvzFPVQCehVEj+xt8OHsvocNH12o0GFUUrn0HdFMh425tQAumtq
V0CZO9GuhWLpzIx5mwuzb3hP/SveXulJgPoXaMYQqH6To9fYNO7rvMfg3aGkKeRt
FO+PruueFJh5xt2GgOafk+HhRSqr3iefUiiEcIexviXg8eOEoZ64K9gPPbC8T93x
OpX927MALOQ2Jd1Z/Oj/mXj7hgb9du8VAJvdJg+1U+K0fB+jK1PgwPFI5n+nh01G
mtbG+QiV8A/iOLmSivar+//IgfHjcqTXgTsWhCeMz+kSzvt/bKkuHeIkywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP5MQ00zgqNZPBemhREWIZvKYqr1MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvX2t4RFRUT0NvMWs4RjZhRkVSWWhtOHBpcXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFGDY6hrNwjCOp0WMoNu
O6ztca26VHjbGVB75pnohv0ZDu1PyjSR9Dtwg5cKx2iEpEKbjQ+fJnWJomP/LMQq
KPnykgXg32YgwayeczUC8eLHVz9+CXThQDQsgBJvuh/Qk8uF7tRrtLuchb9bimVA
5O+pVl5/y0IHthnUsH+8k9Y54cz8nj8+mciYA3FBepmepYQ8t3Pvwd5Hv2OJb+Ev
S5J2HfStDFea4nOvhB7WrmdnGNXjnkd8inhM96vx7N7y4ol98AoY08O++8tyKHb9
s2D9PXNRh8W6MQia5f9tOMykEtI4F/t8wrX9bAXV6HWBrDZJOQrkoCD/0zVa+czu
Vqw=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:47 2023 by rpki-client on console.sobornost.net