Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/v85AzAX7FKDJ-HbmxEbnY_8oStc.roa
File: v85AzAX7FKDJ-HbmxEbnY_8oStc.roa (raw, json)
Hash identifier: 3WyKXEM0bcCCSKsuTVGCuJd7bNdg999HgyFNqgz2i1o=
Subject key identifier: BF:CE:40:CC:05:FB:14:A0:C9:F8:76:E6:C4:46:E7:63:FF:28:4A:D7
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8CB69368D1E90D2D066CACA5D8616A3B
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/v85AzAX7FKDJ-HbmxEbnY_8oStc.roa
Signing time: Wed 13 Sep 2023 04:04:50 +0000
ROA not before: Wed 13 Sep 2023 04:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:8cb6:355a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8c:b6:93:68:d1:e9:0d:2d:06:6c:ac:a5:d8:61:6a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 13 04:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfce40cc05fb14a0c9f876e6c446e763ff284ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:21:eb:ce:bc:cb:54:84:cb:4d:e0:95:06:1b:
f5:d7:85:8c:2b:59:3e:e6:25:d4:7e:70:4b:73:ab:
42:9d:d0:10:75:cb:48:06:5b:da:b0:21:06:39:dc:
48:5f:20:f8:b4:5f:58:d7:e7:ae:16:a8:97:44:86:
40:f3:bf:b6:5e:2c:e3:97:e0:b0:19:96:c1:03:a8:
e6:f4:bd:e4:51:19:8c:17:bf:86:e7:f6:1c:54:9c:
df:6b:e0:8c:3d:61:bd:b0:0c:3d:74:ba:11:09:aa:
d0:b0:92:38:1b:48:a7:ae:5b:f1:09:2d:4f:eb:9d:
b7:c5:f1:42:84:88:5c:a5:36:fc:e6:1e:03:5e:76:
ab:ae:2a:ff:9d:89:33:17:84:d0:50:ca:5d:61:d0:
9b:0b:4e:79:76:84:f1:bc:65:7f:37:95:fc:0b:20:
45:d9:88:9c:f2:29:8d:d4:67:4a:eb:7f:a4:e8:47:
71:c9:05:d2:9a:62:c1:43:0f:96:be:f1:b4:eb:6c:
18:97:ce:a7:8d:11:6a:12:ae:be:e6:39:b4:86:4a:
4a:ef:06:f2:94:09:05:8b:e8:7e:ad:04:62:15:aa:
3d:19:31:d7:c8:3c:d6:00:a4:d1:f0:9e:62:57:cd:
73:18:89:c8:1a:96:27:eb:53:99:0e:04:81:bd:05:
4d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CE:40:CC:05:FB:14:A0:C9:F8:76:E6:C4:46:E7:63:FF:28:4A:D7
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/v85AzAX7FKDJ-HbmxEbnY_8oStc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:2e:a3:09:b5:4c:04:54:cb:22:2f:9c:45:82:bd:53:8f:fa:
2e:ba:8f:7a:4c:68:07:dd:28:02:00:ad:c5:ad:f3:37:94:bc:
e9:9e:1c:27:b8:02:02:f0:2e:a0:1a:49:54:79:43:36:6a:90:
d1:0c:4d:ea:bc:73:f8:c6:ad:bd:ac:66:5a:79:1b:f5:18:f2:
bb:0c:38:d2:e8:3a:23:94:ae:ab:db:13:b0:e6:82:c2:52:be:
c9:9a:08:c4:34:1f:44:8a:21:fa:fd:6c:24:70:bf:a2:f1:86:
43:b2:59:0a:27:39:53:db:19:a9:92:90:a1:7a:e6:01:b5:aa:
2f:83:7d:2c:5b:4a:0d:4d:81:9a:75:3c:f3:b1:6d:70:90:79:
2c:6f:c3:3c:f0:9f:2a:c6:78:8a:0a:a5:62:8d:86:57:bb:a2:
46:e0:fa:95:14:81:eb:1e:2c:34:be:cb:cc:0f:f1:f7:45:d5:
df:5c:87:28:03:ae:5c:bd:1f:ab:42:10:f4:28:dc:e0:97:a9:
4e:00:5f:f5:9a:32:02:f0:60:7b:ff:20:82:66:1e:2b:49:88:
b8:b9:d5:a6:09:c1:b3:c7:7d:66:7e:13:7d:64:cd:03:6f:a0:
b8:4b:5b:1d:1e:41:f2:94:b6:1a:ca:23:c6:ef:45:05:70:b9:
ed:7a:68:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqMtpNo0ekNLQZsrKXYYWo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEzMDQwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmNlNDBjYzA1ZmIxNGEwYzlmODc2ZTZjNDQ2ZTc2M2ZmMjg0YWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiHrzrzLVITLTeCVBhv114WMK1k+
5iXUfnBLc6tCndAQdctIBlvasCEGOdxIXyD4tF9Y1+euFqiXRIZA87+2Xizjl+Cw
GZbBA6jm9L3kURmMF7+G5/YcVJzfa+CMPWG9sAw9dLoRCarQsJI4G0inrlvxCS1P
6523xfFChIhcpTb85h4DXnarrir/nYkzF4TQUMpdYdCbC055doTxvGV/N5X8CyBF
2Yic8imN1GdK63+k6EdxyQXSmmLBQw+WvvG062wYl86njRFqEq6+5jm0hkpK7wby
lAkFi+h+rQRiFao9GTHXyDzWAKTR8J5iV81zGInIGpYn61OZDgSBvQVNWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL/OQMwF+xSgyfh25sRG52P/KErXMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvdjg1QXpBWDdGS0RKLUhibXhFYm5ZXzhvU3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH0uowm1TARUyyIvnEWC
vVOP+i66j3pMaAfdKAIArcWt8zeUvOmeHCe4AgLwLqAaSVR5QzZqkNEMTeq8c/jG
rb2sZlp5G/UY8rsMONLoOiOUrqvbE7DmgsJSvsmaCMQ0H0SKIfr9bCRwv6LxhkOy
WQonOVPbGamSkKF65gG1qi+DfSxbSg1NgZp1PPOxbXCQeSxvwzzwnyrGeIoKpWKN
hle7okbg+pUUgeseLDS+y8wP8fdF1d9chygDrly9H6tCEPQo3OCXqU4AX/WaMgLw
YHv/IIJmHitJiLi51aYJwbPHfWZ+E31kzQNvoLhLWx0eQfKUthrKI8bvRQVwue16
aCQ=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net