Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/u8ZzAZ2FfWN5YMnjrZh2uZv2d7s.roa
File: u8ZzAZ2FfWN5YMnjrZh2uZv2d7s.roa (raw, json)
Hash identifier: 2fF5dU9g6SFsvEqgZHF3YC/diCNnOqB0GhaHLz4u7/Q=
Subject key identifier: BB:C6:73:01:9D:85:7D:63:79:60:C9:E3:AD:98:76:B9:9B:F6:77:BB
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A91382400CB1C21C2A890621755E526A9
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/u8ZzAZ2FfWN5YMnjrZh2uZv2d7s.roa
Signing time: Thu 14 Sep 2023 01:04:50 +0000
ROA not before: Thu 14 Sep 2023 01:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64:ffff:0:18a:9137:b142/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:91:38:24:00:cb:1c:21:c2:a8:90:62:17:55:e5:26:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 14 01:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbc673019d857d637960c9e3ad9876b99bf677bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:59:c5:95:92:5a:2d:a2:22:84:6f:18:8b:38:
24:b4:3f:1a:69:c5:ca:a3:23:c7:83:8d:d3:08:28:
c5:45:79:f6:ea:8e:9f:89:ad:f4:17:27:cd:4f:09:
73:71:1c:6d:9c:63:5e:17:0c:7d:f5:29:0c:92:ae:
f3:8a:23:7f:c3:cf:8b:d6:63:5d:5d:b6:15:c7:d1:
18:52:4c:05:f6:fe:73:60:18:8e:44:ae:78:55:fc:
38:04:7d:a1:79:85:35:50:1a:b0:98:2e:51:a8:f7:
f8:2e:46:72:1e:68:17:23:93:8f:fe:59:2e:20:a3:
3a:df:55:96:fb:a1:de:35:1c:2b:ca:e9:5d:a3:8e:
5e:9c:9a:47:fa:0a:a7:2d:57:99:99:c4:69:d7:9e:
cc:db:89:e2:c5:f2:55:82:b5:0f:c3:2b:85:66:9f:
2d:f6:e9:1c:21:62:0a:ec:12:5c:d4:bf:2c:90:bf:
34:72:4d:5a:04:3b:30:45:ea:e7:d1:99:ba:bb:04:
0f:27:a1:41:d5:0a:47:3a:97:03:cf:ed:35:61:b1:
38:54:f3:fe:26:fd:78:e3:13:f2:dc:12:3d:4d:65:
b9:a3:e9:86:ff:06:84:e5:8c:46:fd:ba:25:0d:8f:
e3:5e:c4:ea:55:fe:1b:fb:0b:ee:3e:2d:c2:0d:9e:
0b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C6:73:01:9D:85:7D:63:79:60:C9:E3:AD:98:76:B9:9B:F6:77:BB
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/u8ZzAZ2FfWN5YMnjrZh2uZv2d7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:4b:62:0c:2e:96:27:68:98:2e:31:84:66:9f:46:2d:ad:2b:
f3:53:43:89:5e:20:9c:ce:a3:93:f3:dc:58:45:35:f5:3e:d4:
b9:5e:f9:87:b4:fb:c4:fe:80:47:e0:11:f9:fb:95:70:02:79:
be:e0:dd:83:07:eb:d1:47:ae:59:d7:eb:d0:61:b6:fd:bf:33:
ff:14:1c:45:88:21:b4:62:c1:10:17:f3:1d:35:4f:2a:a0:34:
f1:20:96:22:43:72:03:e0:14:6b:a7:d8:c1:55:4f:72:4d:6b:
76:d1:6f:02:b8:34:40:6b:0d:5c:cc:84:38:49:e2:eb:7e:ec:
98:8e:49:36:f2:22:44:06:05:d7:7a:53:6a:fc:3c:9a:3e:98:
19:54:0f:ea:cf:e4:17:30:83:e2:66:88:30:40:42:7b:61:1a:
f5:19:a0:84:53:8d:57:f8:26:dc:66:ed:fb:47:bd:d4:51:dd:
f1:69:7f:02:ea:d3:7a:9c:50:5c:93:ec:c8:c6:25:ff:66:31:
e4:9a:35:a0:78:97:cb:6f:7a:16:6f:03:a4:6a:35:85:30:cd:
d5:0e:b8:3b:42:96:e9:cf:79:09:33:84:5b:49:69:bc:e6:20:
0e:4c:18:15:ca:47:e9:49:a8:78:5b:5a:84:07:22:15:df:9a:
e3:6f:32:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqROCQAyxwhwqiQYhdV5SapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE0MDEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmM2NzMwMTlkODU3ZDYzNzk2MGM5ZTNhZDk4NzZiOTliZjY3N2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolnFlZJaLaIihG8YizgktD8aacXK
oyPHg43TCCjFRXn26o6fia30FyfNTwlzcRxtnGNeFwx99SkMkq7ziiN/w8+L1mNd
XbYVx9EYUkwF9v5zYBiORK54Vfw4BH2heYU1UBqwmC5RqPf4LkZyHmgXI5OP/lku
IKM631WW+6HeNRwryuldo45enJpH+gqnLVeZmcRp157M24nixfJVgrUPwyuFZp8t
9ukcIWIK7BJc1L8skL80ck1aBDswRern0Zm6uwQPJ6FB1QpHOpcDz+01YbE4VPP+
Jv144xPy3BI9TWW5o+mG/waE5YxG/bolDY/jXsTqVf4b+wvuPi3CDZ4LyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLvGcwGdhX1jeWDJ462Ydrmb9ne7MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdThaekFaMkZmV041WU1uanJaaDJ1WnYyZDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKBLYgwulidomC4xhGaf
Ri2tK/NTQ4leIJzOo5Pz3FhFNfU+1Lle+Ye0+8T+gEfgEfn7lXACeb7g3YMH69FH
rlnX69Bhtv2/M/8UHEWIIbRiwRAX8x01TyqgNPEgliJDcgPgFGun2MFVT3JNa3bR
bwK4NEBrDVzMhDhJ4ut+7JiOSTbyIkQGBdd6U2r8PJo+mBlUD+rP5Bcwg+JmiDBA
QnthGvUZoIRTjVf4Jtxm7ftHvdRR3fFpfwLq03qcUFyT7MjGJf9mMeSaNaB4l8tv
ehZvA6RqNYUwzdUOuDtClunPeQkzhFtJabzmIA5MGBXKR+lJqHhbWoQHIhXfmuNv
Miw=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net