Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qMmlNz5uDk6q_zFajUGo_wGY92s.roa
File: qMmlNz5uDk6q_zFajUGo_wGY92s.roa (raw, json)
Hash identifier: 8JiscxMgwTeNCaHFdmYX+lFwBH9fKTma9Tqnrefyw6Q=
Subject key identifier: A8:C9:A5:37:3E:6E:0E:4E:AA:FF:31:5A:8D:41:A8:FF:01:98:F7:6B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A58C9565A51806973EF3BFDA0C3634E8C
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qMmlNz5uDk6q_zFajUGo_wGY92s.roa
Signing time: Sun 03 Sep 2023 02:05:04 +0000
ROA not before: Sun 03 Sep 2023 02:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:58c8:9b44/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:58:c9:56:5a:51:80:69:73:ef:3b:fd:a0:c3:63:4e:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 02:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8c9a5373e6e0e4eaaff315a8d41a8ff0198f76b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:40:3c:d3:07:2e:ad:33:fd:0b:8a:3b:e7:c2:
7b:58:ee:84:12:e4:98:1b:a6:c2:d2:96:b8:ce:b1:
28:aa:4c:7f:e0:e8:93:bc:f8:e3:81:4d:f1:c9:00:
db:5b:1a:fa:13:16:bd:03:f8:0e:1e:fe:24:06:98:
d6:a8:b9:9d:e8:37:e9:69:79:40:90:92:7d:ff:26:
61:8e:01:4e:c4:8d:83:c0:46:70:96:2a:e5:f3:a6:
57:ad:90:a5:23:d9:4c:3a:0d:2d:73:40:c0:62:60:
34:4a:0b:c7:86:4b:b1:c9:3d:8b:f3:8f:c3:d5:0f:
4a:c6:8e:68:26:74:87:fc:5c:75:1b:c2:8d:0b:88:
58:26:a9:b4:8e:cd:5d:14:97:f9:8f:16:7d:31:bb:
06:bd:12:41:fe:90:92:fe:08:88:f4:10:5b:4b:64:
1c:63:37:f7:82:7e:da:99:11:cc:02:cc:cf:80:4b:
75:ad:59:16:cf:34:a8:b9:7d:c1:c9:48:48:dd:ee:
e8:58:83:af:14:e6:f7:a1:3b:2d:06:7a:18:b1:9c:
0d:5c:01:94:5a:54:0d:e3:5a:44:f2:a3:84:55:25:
83:bf:7d:b4:97:02:9a:4f:b8:47:9d:38:6b:0d:59:
e2:a9:b7:60:70:af:38:8c:31:94:e2:71:7d:2d:66:
c3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C9:A5:37:3E:6E:0E:4E:AA:FF:31:5A:8D:41:A8:FF:01:98:F7:6B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qMmlNz5uDk6q_zFajUGo_wGY92s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
30:8f:ab:58:00:51:69:01:b7:52:b1:b4:6b:9d:99:10:03:6e:
46:06:f7:9b:90:e5:11:7e:5b:0b:8e:09:01:92:7b:b3:84:d6:
6e:de:a5:31:e1:d2:ac:d4:36:a1:c9:fc:d8:e3:07:5b:a0:93:
bb:b4:89:a4:9c:a0:23:76:c1:3f:37:7e:1d:aa:42:7b:cc:49:
ff:b1:aa:bb:e3:42:eb:ed:5d:88:83:92:f0:ce:81:21:58:f5:
24:51:80:db:62:13:23:03:28:ef:de:9c:07:41:cf:5b:08:3b:
c7:4c:29:25:f8:77:4d:3d:e9:09:03:8e:fc:58:99:c2:18:cd:
70:d3:75:06:6f:29:bf:aa:09:28:79:0e:45:8f:30:52:77:c9:
cb:37:6c:4a:b1:90:34:44:ab:e9:01:9f:6a:c0:73:dc:da:1d:
0d:9c:e9:4e:04:10:08:4d:a4:7b:01:01:40:0f:9f:2a:77:4a:
07:c4:f2:df:39:2d:b9:1d:c9:64:45:aa:b2:9e:ee:c7:7f:22:
e2:b1:9a:95:57:64:2f:29:e1:55:52:8d:9e:21:e3:ea:ac:30:
da:71:a6:43:de:b5:b4:7c:c5:12:b3:19:34:af:72:19:d5:a0:
87:ba:ab:9e:05:e4:68:3b:94:ce:24:85:54:86:51:25:67:2f:
d8:22:66:43
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpYyVZaUYBpc+87/aDDY06MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMDIwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGM5YTUzNzNlNmUwZTRlYWFmZjMxNWE4ZDQxYThmZjAxOThmNzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEA80wcurTP9C4o758J7WO6EEuSY
G6bC0pa4zrEoqkx/4OiTvPjjgU3xyQDbWxr6Exa9A/gOHv4kBpjWqLmd6DfpaXlA
kJJ9/yZhjgFOxI2DwEZwlirl86ZXrZClI9lMOg0tc0DAYmA0SgvHhkuxyT2L84/D
1Q9Kxo5oJnSH/Fx1G8KNC4hYJqm0js1dFJf5jxZ9MbsGvRJB/pCS/giI9BBbS2Qc
Yzf3gn7amRHMAszPgEt1rVkWzzSouX3ByUhI3e7oWIOvFOb3oTstBnoYsZwNXAGU
WlQN41pE8qOEVSWDv320lwKaT7hHnThrDVniqbdgcK84jDGU4nF9LWbD3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKjJpTc+bg5Oqv8xWo1BqP8BmPdrMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcU1tbE56NXVEazZxX3pGYWpVR29fd0dZOTJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADCPq1gAUWkBt1KxtGud
mRADbkYG95uQ5RF+WwuOCQGSe7OE1m7epTHh0qzUNqHJ/NjjB1ugk7u0iaScoCN2
wT83fh2qQnvMSf+xqrvjQuvtXYiDkvDOgSFY9SRRgNtiEyMDKO/enAdBz1sIO8dM
KSX4d0096QkDjvxYmcIYzXDTdQZvKb+qCSh5DkWPMFJ3ycs3bEqxkDREq+kBn2rA
c9zaHQ2c6U4EEAhNpHsBAUAPnyp3SgfE8t85LbkdyWRFqrKe7sd/IuKxmpVXZC8p
4VVSjZ4h4+qsMNpxpkPetbR8xRKzGTSvchnVoIe6q54F5Gg7lM4khVSGUSVnL9gi
ZkM=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net