Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tJW_9VhEJrYeJksLn70WMMgtb20.roa
File: tJW_9VhEJrYeJksLn70WMMgtb20.roa (raw, json)
Hash identifier: CHncPzMvQCDvl8ZQWMIkwH+v6sZOdUOO4BfBbmEi55M=
Subject key identifier: B4:95:BF:F5:58:44:26:B6:1E:26:4B:0B:9F:BD:16:30:C8:2D:6F:6D
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8016CC669A15BA6B5B80E157F63B3D2B
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tJW_9VhEJrYeJksLn70WMMgtb20.roa
Signing time: Sun 10 Sep 2023 17:14:52 +0000
ROA not before: Sun 10 Sep 2023 17:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:80:16:cc:66:9a:15:ba:6b:5b:80:e1:57:f6:3b:3d:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 10 17:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b495bff5584426b61e264b0b9fbd1630c82d6f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:11:08:d2:f6:c5:71:38:74:f5:28:06:1b:85:
44:60:a0:1a:6d:b3:56:28:84:9a:a3:ae:64:fc:90:
66:ce:3e:15:ac:64:3a:c8:aa:05:92:86:e9:07:5b:
0b:e6:aa:a7:59:9b:ef:81:53:49:8f:65:ed:da:7c:
2c:60:5c:2c:3b:4b:17:47:31:38:8e:86:f7:f5:cb:
e1:cb:67:7b:c2:f8:77:8a:67:46:db:d4:10:c3:03:
bd:44:38:97:86:85:66:8c:6b:f8:77:49:41:fa:b2:
6b:8b:a8:aa:63:81:92:83:e8:8a:eb:82:88:d0:58:
fa:05:a6:21:9b:e1:ca:43:3c:45:38:6b:7c:c9:68:
39:f8:ff:b7:1e:8e:e4:0e:14:68:5f:06:0d:03:ee:
a4:ac:75:78:39:c4:7a:73:ee:b0:35:79:14:c4:84:
95:16:56:16:50:00:17:ce:dd:26:be:d8:f2:e1:07:
7d:e3:55:62:12:bf:29:5d:2e:73:dc:a3:dd:cb:59:
2c:a7:ad:d8:11:f8:78:85:74:c6:88:e9:c9:d6:f7:
48:b4:fb:6c:26:04:34:76:dd:44:f1:cf:5c:21:82:
dd:02:29:54:76:26:7a:0d:b1:b0:3c:16:7e:29:8e:
71:e3:b7:18:21:6e:82:9a:a1:fa:ce:09:a6:5f:0c:
64:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:95:BF:F5:58:44:26:B6:1E:26:4B:0B:9F:BD:16:30:C8:2D:6F:6D
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tJW_9VhEJrYeJksLn70WMMgtb20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:34:09:1d:7c:a4:22:ba:ec:47:e8:c7:f7:57:65:b3:0c:ee:
63:07:4f:bd:07:dd:06:5a:53:ca:06:ce:86:e8:36:4f:50:85:
bd:21:ba:df:e0:58:7f:e0:a7:f7:cd:6b:2b:4a:ae:78:a1:b4:
10:57:7d:43:4f:49:e5:af:a3:f1:22:11:36:c3:57:4b:f8:cc:
d4:61:16:8d:1a:ff:bd:3f:8a:82:e5:bd:e5:57:07:55:bb:ff:
60:28:71:08:49:23:cd:08:eb:61:a3:6f:09:eb:5a:9f:27:75:
9d:e7:27:71:11:e8:a5:79:d9:90:94:9e:54:8a:08:cc:73:61:
b4:fd:77:e3:17:f6:aa:29:90:00:32:19:e8:0d:19:db:72:c1:
29:53:b9:c6:52:2b:23:84:e3:dd:20:ab:69:b8:ce:e2:8d:b9:
fa:ea:d4:3a:77:77:1e:a8:39:54:6f:89:e7:8c:77:3d:3a:b1:
e9:c5:b0:48:cb:87:56:09:f0:e7:40:3b:c5:34:4a:76:3c:05:
f1:30:ca:eb:17:4e:31:e1:c4:c3:32:1b:09:fe:a7:61:bf:89:
36:ac:5d:73:82:7b:5d:e2:ab:8b:15:3f:30:eb:b6:86:dd:03:
b9:b7:e2:15:ad:46:fe:b8:7d:ba:e7:30:a1:b5:6a:85:56:f8:
20:26:08:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqAFsxmmhW6a1uA4Vf2Oz0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEwMTcxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDk1YmZmNTU4NDQyNmI2MWUyNjRiMGI5ZmJkMTYzMGM4MmQ2ZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmREI0vbFcTh09SgGG4VEYKAabbNW
KISao65k/JBmzj4VrGQ6yKoFkobpB1sL5qqnWZvvgVNJj2Xt2nwsYFwsO0sXRzE4
job39cvhy2d7wvh3imdG29QQwwO9RDiXhoVmjGv4d0lB+rJri6iqY4GSg+iK64KI
0Fj6BaYhm+HKQzxFOGt8yWg5+P+3Ho7kDhRoXwYNA+6krHV4OcR6c+6wNXkUxISV
FlYWUAAXzt0mvtjy4Qd941ViEr8pXS5z3KPdy1ksp63YEfh4hXTGiOnJ1vdItPts
JgQ0dt1E8c9cIYLdAilUdiZ6DbGwPBZ+KY5x47cYIW6CmqH6zgmmXwxkZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLSVv/VYRCa2HiZLC5+9FjDILW9tMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdEpXXzlWaEVKclllSmtzTG43MFdNTWd0YjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEA0CR18pCK67Efox/dX
ZbMM7mMHT70H3QZaU8oGzoboNk9Qhb0hut/gWH/gp/fNaytKrnihtBBXfUNPSeWv
o/EiETbDV0v4zNRhFo0a/70/ioLlveVXB1W7/2AocQhJI80I62GjbwnrWp8ndZ3n
J3ER6KV52ZCUnlSKCMxzYbT9d+MX9qopkAAyGegNGdtywSlTucZSKyOE490gq2m4
zuKNufrq1Dp3dx6oOVRvieeMdz06senFsEjLh1YJ8OdAO8U0SnY8BfEwyusXTjHh
xMMyGwn+p2G/iTasXXOCe13iq4sVPzDrtobdA7m34hWtRv64fbrnMKG1aoVW+CAm
COI=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net