Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/b4gIfXaSYNqN34QQHYRgP8ev3W8.roa
File: b4gIfXaSYNqN34QQHYRgP8ev3W8.roa (raw, json)
Hash identifier: C7Vt0IWhg8WTQd6M3xmxOZN58u5lK3cSoByzYMZJGPQ=
Subject key identifier: 6F:88:08:7D:76:92:60:DA:8D:DF:84:10:1D:84:60:3F:C7:AF:DD:6F
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5A12ED7217B37D94C959B8E4D72D1D46
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/b4gIfXaSYNqN34QQHYRgP8ev3W8.roa
Signing time: Sun 03 Sep 2023 08:05:04 +0000
ROA not before: Sun 03 Sep 2023 08:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:5a12:5548/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5a:12:ed:72:17:b3:7d:94:c9:59:b8:e4:d7:2d:1d:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 08:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f88087d769260da8ddf84101d84603fc7afdd6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0d:a6:87:d1:52:ca:c1:f3:2b:56:af:98:ec:
b7:21:38:4e:04:40:06:2f:9e:81:1a:55:6b:c3:03:
41:a8:7f:9b:9b:0a:98:7f:aa:b2:35:1a:64:16:17:
1f:71:d2:61:86:5b:b2:28:08:1f:c2:d6:53:94:93:
fc:4f:95:68:07:86:58:7f:0e:d0:db:7a:21:79:e7:
ec:12:69:72:04:8c:2c:a8:43:c7:78:96:aa:53:2d:
b1:d4:68:10:a5:a9:c2:f0:b7:41:3c:cf:c3:b1:76:
5e:10:e4:2e:05:4d:bb:07:c5:68:19:53:19:29:38:
19:47:ff:9f:6e:42:91:65:5b:4e:ac:74:e1:2c:f6:
9f:4e:db:cf:26:78:80:f9:75:6f:2c:e9:fc:1e:4c:
7d:d2:72:b5:c2:1a:d8:80:c3:23:47:85:c4:60:e4:
77:57:2b:14:23:ec:bc:85:0d:c6:30:95:27:09:1d:
df:1c:f2:9e:a5:98:5a:e4:ae:c8:30:53:c5:98:04:
68:95:83:14:f8:26:85:09:0d:c0:3d:45:b4:1b:43:
9c:88:a1:28:d5:be:e0:1d:0f:c3:83:db:0a:63:ee:
8e:e7:0f:7d:a2:b3:b8:30:9c:04:8d:53:6d:09:70:
90:51:8b:24:77:a3:f5:fa:bd:a8:d7:3d:a9:53:ca:
aa:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:88:08:7D:76:92:60:DA:8D:DF:84:10:1D:84:60:3F:C7:AF:DD:6F
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/b4gIfXaSYNqN34QQHYRgP8ev3W8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:e8:35:3d:66:47:45:10:05:be:0b:36:3d:59:b8:51:8e:95:
34:dd:f7:01:03:58:e7:18:2f:e5:00:ee:f8:07:96:d8:57:23:
b4:d0:1c:ac:86:f0:53:7d:63:48:20:13:3e:0e:a2:19:16:5d:
d0:e4:55:21:87:d9:4c:70:ec:9e:ac:10:3c:42:8a:ca:78:c7:
66:7a:fe:57:45:27:f3:92:87:64:d0:d0:90:77:c5:7b:a4:40:
bd:96:56:eb:c5:2f:f6:79:e6:ff:8a:25:37:aa:31:58:18:ec:
2a:10:b8:9c:f7:da:48:e1:48:16:82:07:b4:da:11:cb:31:bf:
f2:69:c5:99:a1:0c:e5:c3:d6:7f:60:45:b6:fe:52:6f:ad:95:
ea:9c:64:19:7d:c7:9a:86:bf:09:12:1e:41:b9:7f:23:da:61:
58:5e:84:2f:0d:b9:a9:11:7c:a2:d4:19:c7:ee:20:fe:0c:6e:
b9:88:24:51:07:6c:78:86:cb:32:20:93:30:ab:eb:de:79:42:
10:62:28:ba:69:45:07:59:3c:62:7b:53:c5:32:75:16:f7:55:
a5:a3:e9:53:03:42:32:c5:4b:01:7c:55:49:18:4b:8d:78:04:
4b:54:2b:f0:1f:df:66:57:49:12:35:de:7a:67:de:c3:72:95:
9d:4c:14:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpaEu1yF7N9lMlZuOTXLR1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMDgwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjg4MDg3ZDc2OTI2MGRhOGRkZjg0MTAxZDg0NjAzZmM3YWZkZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw2mh9FSysHzK1avmOy3IThOBEAG
L56BGlVrwwNBqH+bmwqYf6qyNRpkFhcfcdJhhluyKAgfwtZTlJP8T5VoB4ZYfw7Q
23oheefsEmlyBIwsqEPHeJaqUy2x1GgQpanC8LdBPM/DsXZeEOQuBU27B8VoGVMZ
KTgZR/+fbkKRZVtOrHThLPafTtvPJniA+XVvLOn8Hkx90nK1whrYgMMjR4XEYOR3
VysUI+y8hQ3GMJUnCR3fHPKepZha5K7IMFPFmARolYMU+CaFCQ3APUW0G0OciKEo
1b7gHQ/Dg9sKY+6O5w99orO4MJwEjVNtCXCQUYskd6P1+r2o1z2pU8qqkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG+ICH12kmDajd+EEB2EYD/Hr91vMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvYjRnSWZYYVNZTnFOMzRRUUhZUmdQOGV2M1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABroNT1mR0UQBb4LNj1Z
uFGOlTTd9wEDWOcYL+UA7vgHlthXI7TQHKyG8FN9Y0ggEz4OohkWXdDkVSGH2Uxw
7J6sEDxCisp4x2Z6/ldFJ/OSh2TQ0JB3xXukQL2WVuvFL/Z55v+KJTeqMVgY7CoQ
uJz32kjhSBaCB7TaEcsxv/JpxZmhDOXD1n9gRbb+Um+tleqcZBl9x5qGvwkSHkG5
fyPaYVhehC8NuakRfKLUGcfuIP4MbrmIJFEHbHiGyzIgkzCr6955QhBiKLppRQdZ
PGJ7U8UydRb3VaWj6VMDQjLFSwF8VUkYS414BEtUK/Af32ZXSRI13npn3sNylZ1M
FJQ=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:47 2023 by rpki-client on console.sobornost.net