Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/sD1CTYz-H8_NyT3ck38PkW_Vtnk.roa
File: sD1CTYz-H8_NyT3ck38PkW_Vtnk.roa (raw, json)
Hash identifier: SB57XRDZ2FOeBg3qtXT5ts0dkKA60js0mKWEDGVKOqg=
Subject key identifier: B0:3D:42:4D:8C:FE:1F:CF:CD:C9:3D:DC:93:7F:0F:91:6F:D5:B6:79
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A52C740EAFD5088DC5DC318B6E18A6AED
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/sD1CTYz-H8_NyT3ck38PkW_Vtnk.roa
Signing time: Fri 01 Sep 2023 22:05:04 +0000
ROA not before: Fri 01 Sep 2023 22:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:52c6:7cbe/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:52:c7:40:ea:fd:50:88:dc:5d:c3:18:b6:e1:8a:6a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 22:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b03d424d8cfe1fcfcdc93ddc937f0f916fd5b679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:32:59:f4:ff:48:a0:10:13:36:38:35:0c:23:
a7:81:7c:84:4c:64:50:65:2d:a9:a6:88:00:27:15:
0b:3a:b6:3e:86:82:0e:c2:2b:66:69:de:14:bd:5d:
c1:fa:c6:96:a7:b3:96:6a:ff:13:7c:ed:13:19:a6:
85:27:8c:70:15:c0:4c:96:be:29:86:8f:85:52:f2:
51:fc:c7:c9:65:fa:8d:56:aa:ec:bf:5a:70:48:03:
a5:98:a0:df:b0:87:9e:e8:ae:72:83:67:b5:d6:0c:
c6:01:5b:74:3a:d7:d8:ce:1e:19:f8:83:df:e3:dd:
06:d8:d9:3b:b7:0e:ea:13:2d:fe:76:e5:8c:5e:d5:
bf:28:8f:ce:97:5a:87:78:85:09:77:07:e6:a1:05:
48:76:a5:d2:8d:98:b7:ae:52:ee:f0:79:a1:ee:83:
7e:55:50:90:fd:d9:6f:c0:51:65:ee:82:98:48:b4:
41:b5:01:47:97:b4:a3:6d:b4:fd:f8:e4:d9:e4:fd:
cb:72:e0:9b:dd:b7:fc:83:3d:ac:bf:03:e3:49:a6:
36:f9:3a:17:10:1f:69:d9:1f:56:70:15:3f:dc:1e:
f3:4a:59:66:41:56:8e:d0:9b:6d:3c:26:ea:ca:b5:
51:e7:e9:f5:4d:c6:2e:8d:f5:74:f9:7e:72:48:20:
ed:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3D:42:4D:8C:FE:1F:CF:CD:C9:3D:DC:93:7F:0F:91:6F:D5:B6:79
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/sD1CTYz-H8_NyT3ck38PkW_Vtnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:96:00:fc:b8:68:3a:ef:96:3f:f8:68:1d:e6:ef:f4:b4:36:
d2:0f:21:f9:bc:17:80:60:28:d4:8a:d4:b2:36:88:16:89:0a:
fb:99:35:07:10:4c:f0:5b:57:1e:74:37:1f:df:a9:dd:1e:6d:
03:8e:9b:58:35:48:7d:07:bd:d9:2f:98:2e:9e:c2:e0:29:4c:
dd:2b:d3:94:d6:63:83:ad:08:88:b9:f2:fd:f9:29:2b:da:19:
2b:0e:2a:e5:00:b2:53:aa:92:48:b6:9c:b7:4d:3b:b8:d7:65:
be:5a:44:e3:5b:dd:c3:6b:4f:38:2d:8b:3b:d9:56:79:e2:a6:
e7:b6:9f:a9:7d:bc:73:ad:a0:39:e2:22:57:be:9f:5f:94:88:
5c:58:8e:ca:60:62:03:b5:d9:e9:ac:fc:16:0c:bd:67:02:6f:
79:cb:08:4e:28:cb:e9:d4:36:ab:11:6a:d5:6d:dd:96:c3:d1:
22:fb:bb:b3:2a:0d:29:54:b0:4a:9c:14:db:a3:36:da:c1:62:
c1:f7:16:4a:90:c7:18:57:a8:67:65:55:a6:0f:76:dc:5a:23:
b9:48:27:5a:cc:e5:e0:18:cb:5a:d8:4f:b1:85:91:6e:52:69:
c8:55:fa:a6:81:46:1a:13:2c:e5:e5:a0:32:f1:6d:12:3f:52:
ca:22:56:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpSx0Dq/VCI3F3DGLbhimrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMjIwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDNkNDI0ZDhjZmUxZmNmY2RjOTNkZGM5MzdmMGY5MTZmZDViNjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTJZ9P9IoBATNjg1DCOngXyETGRQ
ZS2ppogAJxULOrY+hoIOwitmad4UvV3B+saWp7OWav8TfO0TGaaFJ4xwFcBMlr4p
ho+FUvJR/MfJZfqNVqrsv1pwSAOlmKDfsIee6K5yg2e11gzGAVt0OtfYzh4Z+IPf
490G2Nk7tw7qEy3+duWMXtW/KI/Ol1qHeIUJdwfmoQVIdqXSjZi3rlLu8Hmh7oN+
VVCQ/dlvwFFl7oKYSLRBtQFHl7SjbbT9+OTZ5P3LcuCb3bf8gz2svwPjSaY2+ToX
EB9p2R9WcBU/3B7zSllmQVaO0JttPCbqyrVR5+n1TcYujfV0+X5ySCDtuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLA9Qk2M/h/Pzck93JN/D5Fv1bZ5MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvc0QxQ1RZei1IOF9OeVQzY2szOFBrV19WdG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHGWAPy4aDrvlj/4aB3m
7/S0NtIPIfm8F4BgKNSK1LI2iBaJCvuZNQcQTPBbVx50Nx/fqd0ebQOOm1g1SH0H
vdkvmC6ewuApTN0r05TWY4OtCIi58v35KSvaGSsOKuUAslOqkki2nLdNO7jXZb5a
RONb3cNrTzgtizvZVnnipue2n6l9vHOtoDniIle+n1+UiFxYjspgYgO12ems/BYM
vWcCb3nLCE4oy+nUNqsRatVt3ZbD0SL7u7MqDSlUsEqcFNujNtrBYsH3FkqQxxhX
qGdlVaYPdtxaI7lIJ1rM5eAYy1rYT7GFkW5SachV+qaBRhoTLOXloDLxbRI/Usoi
VsI=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net