Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tVvjBS1ZR_fqeyuD_K_s48xflOI.roa
File: tVvjBS1ZR_fqeyuD_K_s48xflOI.roa (raw, json)
Hash identifier: Y4rxD5I6svR58JmW+Yep0Fk0DOvcv/rV9JHvdcgwKFE=
Subject key identifier: B5:5B:E3:05:2D:59:47:F7:EA:7B:2B:83:FC:AF:EC:E3:CC:5F:94:E2
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A74B681455AA9A55A44509F470E137893
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tVvjBS1ZR_fqeyuD_K_s48xflOI.roa
Signing time: Fri 08 Sep 2023 12:13:52 +0000
ROA not before: Fri 08 Sep 2023 12:13:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:74:b6:81:45:5a:a9:a5:5a:44:50:9f:47:0e:13:78:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 8 12:13:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b55be3052d5947f7ea7b2b83fcafece3cc5f94e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a0:4c:7a:ee:4b:28:bc:48:90:8d:b7:e1:94:
e9:0d:fa:2c:f5:b9:31:33:69:98:4c:e2:72:81:a3:
3b:ca:bf:0e:26:5f:d8:14:3a:f0:87:96:13:e3:57:
57:e0:9e:8d:f9:79:8f:b3:0c:9a:d7:28:0e:93:78:
32:f2:0a:6d:4f:33:8a:7a:c4:90:d9:a0:23:d9:9c:
4f:5c:35:6e:e7:34:af:88:e1:cd:ef:97:75:d0:38:
1c:cf:6a:5c:6d:52:f2:3a:08:3a:69:db:f0:dc:4b:
f4:52:22:7b:4c:bb:24:dc:1a:0f:65:ef:ed:2d:60:
51:42:17:41:1f:d9:a4:24:19:a2:1c:3a:8d:4d:1d:
7c:33:e0:73:f4:59:52:f3:4e:63:10:b8:57:f9:1b:
37:c7:87:67:b7:2c:1a:7d:ce:50:91:ff:3c:88:5b:
bc:80:54:c8:fd:0e:15:d3:3f:1a:58:b0:c8:81:9f:
33:3c:a3:25:78:51:43:dd:49:0e:af:4b:ed:bb:00:
92:d2:be:e2:c7:20:3c:3d:be:3e:ad:16:d4:dd:68:
e5:5e:11:07:b0:00:51:cc:03:e6:ce:2f:e0:87:c9:
ea:eb:c7:90:ac:e7:fc:72:91:25:5a:9a:52:7a:9f:
c7:1d:30:c8:df:95:e8:c8:43:8d:61:e0:3c:30:47:
d3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:5B:E3:05:2D:59:47:F7:EA:7B:2B:83:FC:AF:EC:E3:CC:5F:94:E2
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/tVvjBS1ZR_fqeyuD_K_s48xflOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:6a:63:5a:ce:42:6f:c4:04:35:16:41:4e:2a:a4:83:33:d2:
97:61:d1:3f:a3:63:5e:9e:5f:cb:1b:0e:8c:64:1e:07:86:29:
57:92:81:c3:f7:58:f8:15:23:76:ea:fc:1c:d5:d0:96:af:7d:
82:b9:f6:07:71:78:5b:2d:03:93:3e:bb:d7:48:45:43:53:17:
4a:ac:c4:4e:cc:e5:3a:da:f3:bf:6a:9c:dc:05:6e:8e:b6:fd:
1a:ea:29:5e:35:c3:c6:0e:05:87:62:31:32:d8:e2:d8:d0:bb:
e0:63:4e:59:7e:5c:ea:ee:5c:7d:76:32:7b:ea:29:9a:ef:f5:
e3:a1:6a:44:3d:15:f7:2a:e8:86:93:d2:5b:1e:32:d4:7e:24:
de:8a:45:32:51:46:f0:39:13:88:3d:2f:7f:92:4c:f3:94:ac:
00:ea:a6:a2:6e:21:6e:c3:0c:d9:2f:02:83:ff:98:5b:8b:4a:
f3:a2:ef:1e:a5:ae:19:d6:60:da:87:21:98:d1:fb:b0:6f:e3:
f3:26:2d:a8:c4:98:6e:be:bb:ae:47:c3:1a:4e:76:88:96:fc:
53:05:e0:0f:52:cd:63:dd:c7:7a:b4:fd:b1:e1:d3:8e:91:0f:
a6:21:51:9a:37:2b:99:79:40:53:73:a6:4c:45:57:bf:fd:1a:
79:96:82:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp0toFFWqmlWkRQn0cOE3iTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA4MTIxMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTViZTMwNTJkNTk0N2Y3ZWE3YjJiODNmY2FmZWNlM2NjNWY5NGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6BMeu5LKLxIkI234ZTpDfos9bkx
M2mYTOJygaM7yr8OJl/YFDrwh5YT41dX4J6N+XmPswya1ygOk3gy8gptTzOKesSQ
2aAj2ZxPXDVu5zSviOHN75d10Dgcz2pcbVLyOgg6advw3Ev0UiJ7TLsk3BoPZe/t
LWBRQhdBH9mkJBmiHDqNTR18M+Bz9FlS805jELhX+Rs3x4dntywafc5Qkf88iFu8
gFTI/Q4V0z8aWLDIgZ8zPKMleFFD3UkOr0vtuwCS0r7ixyA8Pb4+rRbU3WjlXhEH
sABRzAPmzi/gh8nq68eQrOf8cpElWppSep/HHTDI35XoyEONYeA8MEfTfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLVb4wUtWUf36nsrg/yv7OPMX5TiMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdFZ2akJTMVpSX2ZxZXl1RF9LX3M0OHhmbE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFFqY1rOQm/EBDUWQU4q
pIMz0pdh0T+jY16eX8sbDoxkHgeGKVeSgcP3WPgVI3bq/BzV0JavfYK59gdxeFst
A5M+u9dIRUNTF0qsxE7M5Tra879qnNwFbo62/RrqKV41w8YOBYdiMTLY4tjQu+Bj
Tll+XOruXH12MnvqKZrv9eOhakQ9Ffcq6IaT0lseMtR+JN6KRTJRRvA5E4g9L3+S
TPOUrADqpqJuIW7DDNkvAoP/mFuLSvOi7x6lrhnWYNqHIZjR+7Bv4/MmLajEmG6+
u65HwxpOdoiW/FMF4A9SzWPdx3q0/bHh046RD6YhUZo3K5l5QFNzpkxFV7/9GnmW
goQ=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net