Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hQqpIl_e52j2pIJwwMJoakz8HYM.roa
File: hQqpIl_e52j2pIJwwMJoakz8HYM.roa (raw, json)
Hash identifier: VxnJtAF3eOAH3FVSyM2IbEntcSoPXA/4a+c6Qj568Dk=
Subject key identifier: 85:0A:A9:22:5F:DE:E7:68:F6:A4:82:70:C0:C2:68:6A:4C:FC:1D:83
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A96279191BCEF1B21D0A3B8FF52308C72
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hQqpIl_e52j2pIJwwMJoakz8HYM.roa
Signing time: Fri 15 Sep 2023 00:04:50 +0000
ROA not before: Fri 15 Sep 2023 00:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64:ffff:0:18a:9627:1de0/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:96:27:91:91:bc:ef:1b:21:d0:a3:b8:ff:52:30:8c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 15 00:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=850aa9225fdee768f6a48270c0c2686a4cfc1d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4b:90:d9:bb:15:83:1b:fd:34:00:96:2b:97:
c8:0f:e4:7a:c8:ac:6e:9c:3d:45:2a:af:79:b9:45:
6a:31:57:5b:40:52:e2:86:9e:a4:2c:6c:6f:c0:d1:
d5:13:b5:27:be:66:9f:04:fd:73:3b:3d:31:cb:e8:
66:a7:db:68:46:59:72:4a:ff:d2:08:59:d4:26:5e:
b0:80:e3:cc:6e:91:a1:61:49:9e:0a:41:b3:21:c1:
d4:66:2d:5d:e6:e6:b4:16:4d:58:6e:57:9c:27:92:
54:44:c1:fc:65:aa:99:df:29:52:61:85:bf:75:52:
c7:9f:5d:71:10:6a:17:05:7f:77:29:fa:fc:1b:e3:
f7:73:84:83:5e:4b:65:75:c5:37:af:ee:16:23:11:
55:19:31:53:71:8e:cd:7b:a9:0c:9a:65:9d:dc:28:
46:40:b6:f7:21:f6:1d:fb:7e:76:e0:41:50:08:94:
5a:7e:18:46:02:73:dd:c9:a3:4a:24:7b:f7:b1:03:
52:62:72:5d:9b:e2:69:d5:96:c2:34:bd:f4:e1:17:
9a:d0:58:da:a0:d4:ce:05:28:a5:2d:60:ef:a2:c8:
cc:08:14:4e:e5:39:6d:e1:fc:41:20:11:92:55:55:
53:9d:3f:51:9f:cd:c7:45:70:27:76:19:73:08:59:
e3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0A:A9:22:5F:DE:E7:68:F6:A4:82:70:C0:C2:68:6A:4C:FC:1D:83
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hQqpIl_e52j2pIJwwMJoakz8HYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:6d:7e:a7:b0:98:0b:f4:c5:2a:ba:32:a1:12:0f:99:59:56:
50:f6:a0:66:76:72:b6:ca:e7:a3:44:f3:65:43:7e:e5:9c:d5:
92:af:28:cf:06:52:17:cb:a9:75:55:21:01:d1:3f:b3:df:78:
d7:ad:39:b7:f8:d1:74:e4:57:15:37:ca:b3:65:47:66:87:a2:
48:09:38:d6:90:83:66:33:e4:eb:35:28:ba:e9:ed:dc:93:aa:
f7:e6:3b:ba:1a:56:36:6f:99:56:fd:92:02:68:1c:ac:5a:ac:
ff:8a:9e:fd:b5:67:e5:8a:52:a4:bf:b6:04:96:76:de:57:4e:
38:82:52:e0:c3:3b:79:87:4a:9b:91:8b:8b:59:a6:45:ea:d5:
25:f7:ea:57:f5:86:73:7a:da:33:10:17:d5:4d:6d:b6:e5:04:
fb:99:d1:24:5d:45:b3:f0:0f:53:e4:80:5f:0b:f1:cb:11:8f:
f2:75:93:dc:23:c5:0e:2a:27:4a:f0:3a:ec:73:5c:7e:da:63:
d9:75:1c:83:d6:8b:f4:4c:d4:9a:ef:5b:f0:56:2b:5f:3d:37:
e4:01:0e:0b:31:34:f4:8d:11:cf:3e:99:53:6d:41:33:ad:9e:
b2:98:5e:76:0e:2b:ff:b0:6d:e6:26:b2:f9:a1:f7:f7:97:0c:
d3:32:18:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqWJ5GRvO8bIdCjuP9SMIxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE1MDAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTBhYTkyMjVmZGVlNzY4ZjZhNDgyNzBjMGMyNjg2YTRjZmMxZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEuQ2bsVgxv9NACWK5fID+R6yKxu
nD1FKq95uUVqMVdbQFLihp6kLGxvwNHVE7UnvmafBP1zOz0xy+hmp9toRllySv/S
CFnUJl6wgOPMbpGhYUmeCkGzIcHUZi1d5ua0Fk1YblecJ5JURMH8ZaqZ3ylSYYW/
dVLHn11xEGoXBX93Kfr8G+P3c4SDXktldcU3r+4WIxFVGTFTcY7Ne6kMmmWd3ChG
QLb3IfYd+3524EFQCJRafhhGAnPdyaNKJHv3sQNSYnJdm+Jp1ZbCNL304Rea0Fja
oNTOBSilLWDvosjMCBRO5Tlt4fxBIBGSVVVTnT9Rn83HRXAndhlzCFnjKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIUKqSJf3udo9qSCcMDCaGpM/B2DMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaFFxcElsX2U1MmoycElKd3dNSm9ha3o4SFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAdtfqewmAv0xSq6MqES
D5lZVlD2oGZ2crbK56NE82VDfuWc1ZKvKM8GUhfLqXVVIQHRP7PfeNetObf40XTk
VxU3yrNlR2aHokgJONaQg2Yz5Os1KLrp7dyTqvfmO7oaVjZvmVb9kgJoHKxarP+K
nv21Z+WKUqS/tgSWdt5XTjiCUuDDO3mHSpuRi4tZpkXq1SX36lf1hnN62jMQF9VN
bbblBPuZ0SRdRbPwD1PkgF8L8csRj/J1k9wjxQ4qJ0rwOuxzXH7aY9l1HIPWi/RM
1JrvW/BWK189N+QBDgsxNPSNEc8+mVNtQTOtnrKYXnYOK/+wbeYmsvmh9/eXDNMy
GJ0=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net