Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/g9g1E0bTUOa8DC_lk2kXI6to3MA.roa
File: g9g1E0bTUOa8DC_lk2kXI6to3MA.roa (raw, json)
Hash identifier: hJ1nDHBjrQ3AnqwDAX3srO7HheVNL9J+0ReGSNzU98I=
Subject key identifier: 83:D8:35:13:46:D3:50:E6:BC:0C:2F:E5:93:69:17:23:AB:68:DC:C0
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A94A70BADC707015FD5B5749732E53D94
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/g9g1E0bTUOa8DC_lk2kXI6to3MA.roa
Signing time: Thu 14 Sep 2023 17:04:50 +0000
ROA not before: Thu 14 Sep 2023 17:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64:ffff:0:18a:94a6:97d0/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:94:a7:0b:ad:c7:07:01:5f:d5:b5:74:97:32:e5:3d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 14 17:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83d8351346d350e6bc0c2fe593691723ab68dcc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d9:69:ef:5e:f2:e5:a1:2f:9e:0f:24:00:75:
0f:45:6c:fc:46:5f:23:2c:1e:ad:71:5a:c2:0b:54:
da:d8:e8:91:40:56:d6:c2:f9:32:a8:1c:77:9c:d1:
47:60:14:7e:b3:67:2c:ec:ad:35:8c:58:77:2e:5e:
77:a9:db:7e:7d:86:bd:00:48:5d:34:3b:29:3b:27:
ed:87:e9:1d:6d:43:54:24:89:53:6c:d6:a8:7a:75:
a3:02:24:16:9f:f1:ae:54:0a:a8:3e:a2:52:29:ed:
0c:fd:7f:f9:b0:52:f1:84:e2:cb:2e:37:51:66:7f:
d8:d7:60:b2:4a:72:69:45:6d:04:b0:67:28:ad:d6:
51:e9:9b:8e:fe:62:09:04:11:97:ed:b6:b6:ae:49:
6d:9a:dc:95:a3:3e:a8:06:27:25:88:fc:a8:23:c8:
fa:aa:30:a1:82:2a:ad:14:16:a9:51:be:bd:7a:16:
54:99:d2:3f:ad:53:21:18:8a:ca:f9:20:33:45:44:
71:cc:51:93:a9:de:49:d8:12:54:42:70:ce:73:56:
68:d6:e2:9a:7d:94:03:d8:d4:b6:98:d6:13:b9:0b:
b8:fe:76:16:3a:de:75:5d:d4:bf:a3:13:d5:8d:76:
72:62:81:ab:26:fc:86:4f:5c:06:44:cf:02:a0:65:
bb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D8:35:13:46:D3:50:E6:BC:0C:2F:E5:93:69:17:23:AB:68:DC:C0
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/g9g1E0bTUOa8DC_lk2kXI6to3MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:19:08:6c:39:a8:82:5f:b2:2a:19:79:32:1d:41:c8:3a:3b:
9c:0f:21:38:a9:d8:22:e3:8a:95:9b:5a:a3:d0:4d:10:3c:4e:
90:e1:07:5b:da:f5:c4:9b:0f:0f:a3:77:75:90:1d:c0:52:40:
da:65:0c:8b:70:5f:71:1a:2a:8e:96:12:a5:16:ec:57:21:51:
a5:8d:42:c1:3a:f7:ca:25:51:7d:c6:25:8f:53:93:3f:2e:bb:
ff:63:a1:b0:5e:1b:91:73:29:0f:66:23:d2:64:2f:40:dc:55:
79:a7:b6:c4:d1:c1:07:a7:5d:6a:c6:fb:e7:81:16:71:26:57:
83:14:2c:96:fa:14:1b:d0:41:85:78:bf:1e:70:27:88:b0:ea:
13:3a:51:39:12:8b:bf:b2:4a:3d:76:13:cf:f4:9f:78:cb:78:
0f:bf:61:16:de:d4:ef:61:e3:c0:3c:45:60:f8:7b:a6:c0:24:
37:56:ce:0b:df:05:22:48:17:a7:41:2c:16:0d:d6:93:77:01:
ba:11:7a:ae:4a:72:d7:4a:09:44:f4:72:aa:a0:84:2b:44:6b:
23:24:57:ce:11:08:02:bd:da:73:b3:0c:19:02:7d:24:55:b9:
71:85:19:3f:17:82:33:e9:08:a3:6f:b2:da:11:73:83:7b:3a:
f1:d8:82:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqUpwutxwcBX9W1dJcy5T2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE0MTcwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Q4MzUxMzQ2ZDM1MGU2YmMwYzJmZTU5MzY5MTcyM2FiNjhkY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptlp717y5aEvng8kAHUPRWz8Rl8j
LB6tcVrCC1Ta2OiRQFbWwvkyqBx3nNFHYBR+s2cs7K01jFh3Ll53qdt+fYa9AEhd
NDspOyfth+kdbUNUJIlTbNaoenWjAiQWn/GuVAqoPqJSKe0M/X/5sFLxhOLLLjdR
Zn/Y12CySnJpRW0EsGcordZR6ZuO/mIJBBGX7ba2rkltmtyVoz6oBicliPyoI8j6
qjChgiqtFBapUb69ehZUmdI/rVMhGIrK+SAzRURxzFGTqd5J2BJUQnDOc1Zo1uKa
fZQD2NS2mNYTuQu4/nYWOt51XdS/oxPVjXZyYoGrJvyGT1wGRM8CoGW7swIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIPYNRNG01DmvAwv5ZNpFyOraNzAMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvZzlnMUUwYlRVT2E4RENfbGsya1hJNnRvM01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADMZCGw5qIJfsioZeTId
Qcg6O5wPITip2CLjipWbWqPQTRA8TpDhB1va9cSbDw+jd3WQHcBSQNplDItwX3Ea
Ko6WEqUW7FchUaWNQsE698olUX3GJY9Tkz8uu/9jobBeG5FzKQ9mI9JkL0DcVXmn
tsTRwQenXWrG++eBFnEmV4MULJb6FBvQQYV4vx5wJ4iw6hM6UTkSi7+ySj12E8/0
n3jLeA+/YRbe1O9h48A8RWD4e6bAJDdWzgvfBSJIF6dBLBYN1pN3AboReq5KctdK
CUT0cqqghCtEayMkV84RCAK92nOzDBkCfSRVuXGFGT8XgjPpCKNvstoRc4N7OvHY
gqA=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net