Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/wkBO66VOotMmQ5GG03t1VKeafcM.roa
File: wkBO66VOotMmQ5GG03t1VKeafcM.roa (raw, json)
Hash identifier: g9U6/pVk/72sv60HJXraVBkDQrKHWrk5C0I9kpWNH7M=
Subject key identifier: C2:40:4E:EB:A5:4E:A2:D3:26:43:91:86:D3:7B:75:54:A7:9A:7D:C3
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9FD6D160509C4D3CA3775E670C3FAAA9
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/wkBO66VOotMmQ5GG03t1VKeafcM.roa
Signing time: Sat 16 Sep 2023 21:12:50 +0000
ROA not before: Sat 16 Sep 2023 21:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9f:d6:d1:60:50:9c:4d:3c:a3:77:5e:67:0c:3f:aa:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 16 21:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2404eeba54ea2d326439186d37b7554a79a7dc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a9:03:96:d4:cc:37:c4:c2:98:e1:2e:1a:7b:
08:c4:92:16:48:a7:f7:33:12:a8:db:ae:63:1b:89:
ef:7c:49:d7:a7:bf:dd:c8:f4:be:fb:2d:e5:6a:32:
20:11:07:63:da:0a:ab:56:30:1b:05:fb:ec:59:c2:
8a:9a:32:c6:47:e6:5c:e4:b8:9b:f5:d6:29:de:aa:
6a:82:a1:1f:51:27:41:f6:2f:0e:fc:e6:6e:ea:18:
c4:10:6e:aa:22:be:54:ce:d8:1a:cc:54:30:fb:5b:
0d:8f:f6:a4:65:94:a4:12:88:21:5c:f7:84:7b:37:
af:3e:e1:64:a6:e2:0c:53:45:0e:ed:93:4e:06:5a:
43:6b:fe:d1:44:6e:44:ee:8c:07:8a:5c:e4:94:5e:
cc:ab:1b:3e:b5:f2:06:82:d7:1b:b8:24:ea:a5:69:
3b:b8:27:a6:19:a7:a2:24:46:ff:17:9f:df:42:2c:
cf:57:cb:4b:86:27:94:6e:ef:6a:05:b2:55:50:57:
e3:37:8c:4f:ed:df:7a:15:ec:c8:69:3c:31:39:8b:
df:bc:cc:6d:c3:27:90:91:40:6c:38:06:56:75:f5:
d2:b8:ca:b3:65:ed:31:53:e3:4c:a5:99:57:a2:80:
8f:78:64:4a:af:d2:01:41:a0:3e:3f:c1:2d:2f:29:
79:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:40:4E:EB:A5:4E:A2:D3:26:43:91:86:D3:7B:75:54:A7:9A:7D:C3
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/wkBO66VOotMmQ5GG03t1VKeafcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:dd:b4:5a:2e:ca:d3:da:b2:2e:62:14:2c:b4:b1:78:71:d2:
80:b8:f5:c8:11:c8:04:f1:38:f5:9f:b2:a5:b0:64:4b:c8:6a:
6d:b5:f5:c6:7e:a5:9a:ab:bc:34:59:41:e3:60:84:1b:5e:e7:
b5:fd:72:92:7e:86:cc:35:32:e6:d5:b4:49:1a:c6:02:13:be:
ac:b7:25:50:04:5e:b7:fc:d2:de:3f:ec:e5:c8:74:36:de:e7:
36:e8:c2:69:e8:dc:0d:85:a5:67:ac:15:cf:ad:9c:97:88:59:
82:40:d0:de:82:6c:04:aa:cc:97:40:2b:85:52:cc:bd:36:80:
16:b2:1a:1d:c9:10:f6:69:53:b4:86:1b:51:08:71:d8:9a:47:
36:fe:bf:23:5a:c2:ba:21:46:17:50:00:a6:d3:0e:97:e2:a8:
e3:8a:96:4f:61:c2:93:2c:1f:55:88:43:4f:63:a7:46:a4:d1:
a4:34:67:65:4b:fa:d8:6f:f3:0b:8a:fb:7f:05:25:ad:ff:a7:
60:34:de:94:9a:d2:26:d9:0e:c5:29:71:23:8f:a6:a4:4a:46:
17:60:fc:bc:e5:3b:1e:e5:f1:24:de:5a:f8:1b:3c:1a:b3:aa:
ba:3c:8c:d7:82:33:a4:36:0b:16:c9:a9:59:fa:ea:14:f1:15:
6e:05:41:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqf1tFgUJxNPKN3XmcMP6qpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE2MjExMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjQwNGVlYmE1NGVhMmQzMjY0MzkxODZkMzdiNzU1NGE3OWE3ZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqakDltTMN8TCmOEuGnsIxJIWSKf3
MxKo265jG4nvfEnXp7/dyPS++y3lajIgEQdj2gqrVjAbBfvsWcKKmjLGR+Zc5Lib
9dYp3qpqgqEfUSdB9i8O/OZu6hjEEG6qIr5UztgazFQw+1sNj/akZZSkEoghXPeE
ezevPuFkpuIMU0UO7ZNOBlpDa/7RRG5E7owHilzklF7Mqxs+tfIGgtcbuCTqpWk7
uCemGaeiJEb/F5/fQizPV8tLhieUbu9qBbJVUFfjN4xP7d96FezIaTwxOYvfvMxt
wyeQkUBsOAZWdfXSuMqzZe0xU+NMpZlXooCPeGRKr9IBQaA+P8EtLyl58QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMJATuulTqLTJkORhtN7dVSnmn3DMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvd2tCTzY2Vk9vdE1tUTVHRzAzdDFWS2VhZmNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGjdtFouytPasi5iFCy0
sXhx0oC49cgRyATxOPWfsqWwZEvIam219cZ+pZqrvDRZQeNghBte57X9cpJ+hsw1
MubVtEkaxgITvqy3JVAEXrf80t4/7OXIdDbe5zbowmno3A2FpWesFc+tnJeIWYJA
0N6CbASqzJdAK4VSzL02gBayGh3JEPZpU7SGG1EIcdiaRzb+vyNawrohRhdQAKbT
DpfiqOOKlk9hwpMsH1WIQ09jp0ak0aQ0Z2VL+thv8wuK+38FJa3/p2A03pSa0ibZ
DsUpcSOPpqRKRhdg/LzlOx7l8STeWvgbPBqzqro8jNeCM6Q2CxbJqVn66hTxFW4F
QYg=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net