Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hpchpAbqMgmlr_a-74b4rhSPBU4.roa
File: hpchpAbqMgmlr_a-74b4rhSPBU4.roa (raw, json)
Hash identifier: UU5FDSJWN5RDkEExm9oYRgYti10UVBQmf3CxYGTTWK8=
Subject key identifier: 86:97:21:A4:06:EA:32:09:A5:AF:F6:BE:EF:86:F8:AE:14:8F:05:4E
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A57ED9C89EE7CDB782E8451C99F0A174E
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hpchpAbqMgmlr_a-74b4rhSPBU4.roa
Signing time: Sat 02 Sep 2023 22:05:04 +0000
ROA not before: Sat 02 Sep 2023 22:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:57ec:d35b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:57:ed:9c:89:ee:7c:db:78:2e:84:51:c9:9f:0a:17:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 2 22:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=869721a406ea3209a5aff6beef86f8ae148f054e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:77:43:47:62:cf:84:c4:a4:dd:75:10:61:f8:
6a:38:86:0e:91:f9:65:18:44:53:00:7d:ed:43:98:
e7:0b:1c:dd:06:af:1f:ba:ce:39:66:0b:63:31:e7:
66:77:b2:ea:68:24:d5:4e:94:e5:5f:23:18:ce:0b:
9d:d3:3f:c6:8e:5e:2a:86:09:2f:27:0c:b1:ef:6e:
9a:25:72:6b:2f:38:65:c4:0b:7f:e9:7d:7d:9f:25:
80:39:50:89:86:f0:af:4f:d4:9e:c2:53:ba:6a:24:
a5:1a:6b:c8:ff:20:3f:5c:2f:f1:5d:42:b2:97:04:
79:d5:fa:25:2e:cc:e5:de:b4:f3:16:a4:6b:43:87:
a1:27:35:94:8d:5c:d2:fa:b2:07:22:59:5a:4f:19:
d2:52:1f:1f:62:11:95:8b:51:7d:75:dc:1d:93:44:
57:e7:6f:c6:ee:c3:0e:2b:56:c2:32:e7:95:0a:1b:
ef:9f:6e:dd:56:64:74:cb:92:ba:87:e5:65:16:29:
c7:78:03:31:02:e6:1a:a0:e3:47:dd:25:40:9b:d4:
da:14:d6:06:21:f0:44:7e:51:81:5c:7c:a4:a9:a2:
66:ef:95:f7:1b:4f:b0:38:20:ad:38:ec:b4:6f:6a:
0e:8f:45:65:45:f5:9f:29:da:ea:48:2e:79:e3:d5:
e6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:97:21:A4:06:EA:32:09:A5:AF:F6:BE:EF:86:F8:AE:14:8F:05:4E
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hpchpAbqMgmlr_a-74b4rhSPBU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:a8:68:73:97:da:5d:eb:9c:c6:6e:42:93:7c:7f:bd:c9:5a:
7a:f1:40:69:ad:72:07:36:b6:65:0a:4f:6a:5a:aa:18:2c:25:
b8:50:e5:51:fb:b7:72:04:9a:8e:79:1f:5e:fb:4d:9b:0a:d5:
11:b7:1d:35:77:28:5a:c2:03:69:f2:8e:64:6a:4f:11:cd:47:
b6:f3:46:7e:a4:ff:62:e8:86:5b:cb:8a:95:a9:d7:ed:ad:7f:
61:f8:9d:65:22:b2:e8:ee:b3:db:1a:02:98:8f:18:1c:1c:21:
3c:77:e9:22:d8:89:fb:e1:d4:e4:c3:20:4b:cb:92:2c:bb:aa:
26:25:2e:a2:8b:6b:d7:f0:3e:fc:81:1c:45:bf:d9:ec:d4:c7:
da:bf:ec:65:f3:82:d9:39:69:d8:f4:05:cc:22:6d:51:3f:25:
e9:e3:92:04:f1:fb:43:34:2a:e8:51:1d:03:71:2e:af:52:cd:
a4:9d:c0:8f:43:e1:bc:d8:fc:e9:bc:21:47:d3:2d:34:3f:b3:
7b:9c:53:a8:c3:50:ba:f7:8e:3d:77:99:d1:c0:f1:b9:bf:69:
bd:b9:b7:c7:7a:ee:fc:d7:64:24:54:40:11:5c:7b:69:61:28:
3a:89:6d:08:1a:8f:eb:d7:cf:f4:e3:f8:3e:08:99:35:8d:5f:
0b:ce:e7:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpX7ZyJ7nzbeC6EUcmfChdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAyMjIwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njk3MjFhNDA2ZWEzMjA5YTVhZmY2YmVlZjg2ZjhhZTE0OGYwNTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13dDR2LPhMSk3XUQYfhqOIYOkfll
GERTAH3tQ5jnCxzdBq8fus45ZgtjMedmd7LqaCTVTpTlXyMYzgud0z/Gjl4qhgkv
Jwyx726aJXJrLzhlxAt/6X19nyWAOVCJhvCvT9SewlO6aiSlGmvI/yA/XC/xXUKy
lwR51folLszl3rTzFqRrQ4ehJzWUjVzS+rIHIllaTxnSUh8fYhGVi1F9ddwdk0RX
52/G7sMOK1bCMueVChvvn27dVmR0y5K6h+VlFinHeAMxAuYaoONH3SVAm9TaFNYG
IfBEflGBXHykqaJm75X3G0+wOCCtOOy0b2oOj0VlRfWfKdrqSC5549XmzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIaXIaQG6jIJpa/2vu+G+K4UjwVOMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaHBjaHBBYnFNZ21scl9hLTc0YjRyaFNQQlU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAOoaHOX2l3rnMZuQpN8
f73JWnrxQGmtcgc2tmUKT2paqhgsJbhQ5VH7t3IEmo55H177TZsK1RG3HTV3KFrC
A2nyjmRqTxHNR7bzRn6k/2LohlvLipWp1+2tf2H4nWUisujus9saApiPGBwcITx3
6SLYifvh1OTDIEvLkiy7qiYlLqKLa9fwPvyBHEW/2ezUx9q/7GXzgtk5adj0Bcwi
bVE/JenjkgTx+0M0KuhRHQNxLq9SzaSdwI9D4bzY/Om8IUfTLTQ/s3ucU6jDULr3
jj13mdHA8bm/ab25t8d67vzXZCRUQBFce2lhKDqJbQgaj+vXz/Tj+D4ImTWNXwvO
52Y=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net