Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hbLCmeN2Au1sKhADz3slTmU02i4.roa
File: hbLCmeN2Au1sKhADz3slTmU02i4.roa (raw, json)
Hash identifier: VvN7s0NivPyNnd9eScOlvjZT+4anOzTJm+tG5fnpluM=
Subject key identifier: 85:B2:C2:99:E3:76:02:ED:6C:2A:10:03:CF:7B:25:4E:65:34:DA:2E
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A74807D9EFB306EC1ED97DF434E36DD94
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hbLCmeN2Au1sKhADz3slTmU02i4.roa
Signing time: Fri 08 Sep 2023 11:14:52 +0000
ROA not before: Fri 08 Sep 2023 11:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:74:80:7d:9e:fb:30:6e:c1:ed:97:df:43:4e:36:dd:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 8 11:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85b2c299e37602ed6c2a1003cf7b254e6534da2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b5:de:f4:32:6f:6e:1c:72:ee:e6:53:40:9c:
c5:3a:ce:0a:e4:24:ea:88:dc:a8:fb:57:8b:ee:00:
a3:59:85:dd:ec:0d:64:d0:3b:7a:22:68:23:83:e7:
e9:0d:1e:a8:89:47:88:bc:14:f2:ec:22:0a:4a:d2:
55:f4:ae:00:9d:eb:7c:37:24:99:f4:5b:13:4d:8f:
eb:ed:f1:f0:4c:e4:7d:3d:91:e6:28:8e:9a:24:8f:
5f:29:72:e2:ad:d9:44:6c:c0:2a:08:be:1a:ac:4b:
1c:10:04:3d:03:c7:1b:05:96:44:3a:b5:8c:44:7c:
1a:5e:72:46:9d:90:b7:dc:8f:fc:a2:6d:e1:0a:38:
08:1a:a8:60:01:29:de:66:54:3c:11:7d:51:3a:d5:
58:4d:1b:08:de:8c:33:67:b1:2b:71:16:56:ea:8c:
80:49:8f:3a:4f:79:4c:e5:7c:07:cb:dd:3a:82:b5:
10:75:cc:2b:a6:c6:87:94:68:cf:35:95:b8:16:f3:
58:0f:3c:4c:f0:16:f4:d9:ea:7b:78:a3:f6:ec:b6:
e4:91:ff:4a:5a:fe:fa:9e:3a:2a:f6:82:b5:07:26:
cc:0a:0d:ca:57:d7:c1:eb:ed:b6:7d:13:c1:ef:57:
a0:b0:34:3e:fb:10:ae:b2:05:09:a2:0e:be:48:30:
d7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B2:C2:99:E3:76:02:ED:6C:2A:10:03:CF:7B:25:4E:65:34:DA:2E
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hbLCmeN2Au1sKhADz3slTmU02i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:fe:85:bf:29:db:b8:22:ba:2b:0b:68:cf:b7:c0:94:62:34:
8a:c6:fe:8b:01:31:d7:8d:d3:78:03:d6:08:ae:58:58:6e:10:
8c:05:9e:6e:c7:3a:8e:c0:ed:de:ee:5d:ed:91:5c:22:4a:91:
b7:f4:fe:3b:e0:90:92:4c:de:95:bb:50:47:8a:a2:cd:5f:48:
b3:e4:ab:be:7a:73:26:f1:e5:16:9c:b6:59:33:c1:ec:89:70:
d8:95:44:ee:08:e9:23:75:e1:f9:a5:3c:f4:4e:91:a3:1e:e8:
1e:77:c3:e8:21:ed:42:64:37:19:19:6f:c7:f2:e0:01:aa:fa:
25:e6:9a:08:4d:23:96:ff:6e:18:9a:27:c5:8d:fc:61:68:9d:
48:4f:da:64:32:cf:7a:90:ac:8c:ba:4d:f9:d3:59:d1:a9:48:
25:5d:08:09:a7:20:a4:b9:6a:fe:db:23:2a:ea:ed:0a:ef:ec:
97:ee:fa:2c:33:5d:6a:56:15:d1:66:ee:52:4b:56:31:bf:20:
f4:aa:17:16:e8:6f:78:e9:b0:bc:16:65:72:ec:e8:22:0e:19:
81:8f:26:ad:86:6f:e3:0b:ca:63:af:e3:23:91:4d:6f:19:d7:
68:e6:fd:dd:77:13:64:59:74:21:bb:0c:39:ab:93:b8:2c:ce:
10:05:b3:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp0gH2e+zBuwe2X30NONt2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA4MTExNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWIyYzI5OWUzNzYwMmVkNmMyYTEwMDNjZjdiMjU0ZTY1MzRkYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbXe9DJvbhxy7uZTQJzFOs4K5CTq
iNyo+1eL7gCjWYXd7A1k0Dt6Imgjg+fpDR6oiUeIvBTy7CIKStJV9K4Anet8NySZ
9FsTTY/r7fHwTOR9PZHmKI6aJI9fKXLirdlEbMAqCL4arEscEAQ9A8cbBZZEOrWM
RHwaXnJGnZC33I/8om3hCjgIGqhgASneZlQ8EX1ROtVYTRsI3owzZ7ErcRZW6oyA
SY86T3lM5XwHy906grUQdcwrpsaHlGjPNZW4FvNYDzxM8Bb02ep7eKP27Lbkkf9K
Wv76njoq9oK1BybMCg3KV9fB6+22fRPB71egsDQ++xCusgUJog6+SDDX8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIWywpnjdgLtbCoQA897JU5lNNouMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaGJMQ21lTjJBdTFzS2hBRHozc2xUbVUwMmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADX+hb8p27giuisLaM+3
wJRiNIrG/osBMdeN03gD1giuWFhuEIwFnm7HOo7A7d7uXe2RXCJKkbf0/jvgkJJM
3pW7UEeKos1fSLPkq756cybx5RactlkzweyJcNiVRO4I6SN14fmlPPROkaMe6B53
w+gh7UJkNxkZb8fy4AGq+iXmmghNI5b/bhiaJ8WN/GFonUhP2mQyz3qQrIy6TfnT
WdGpSCVdCAmnIKS5av7bIyrq7Qrv7Jfu+iwzXWpWFdFm7lJLVjG/IPSqFxbob3jp
sLwWZXLs6CIOGYGPJq2Gb+MLymOv4yORTW8Z12jm/d13E2RZdCG7DDmrk7gszhAF
szM=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net