Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/1qyaECDw0m2DxvyTDXCFWVSinJU.roa
File: 1qyaECDw0m2DxvyTDXCFWVSinJU.roa (raw, json)
Hash identifier: vokWSPNl5ggfRav/Zx2BqfGHUfEKe2dAw3+aRvw7jKw=
Subject key identifier: D6:AC:9A:10:20:F0:D2:6D:83:C6:FC:93:0D:70:85:59:54:A2:9C:95
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8489F44A3D6DF41211268A5333EF7542
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/1qyaECDw0m2DxvyTDXCFWVSinJU.roa
Signing time: Fri 17 May 2024 03:13:04 +0000
ROA not before: Fri 17 May 2024 03:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:84:89:f4:4a:3d:6d:f4:12:11:26:8a:53:33:ef:75:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 17 03:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6ac9a1020f0d26d83c6fc930d70855954a29c95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1b:87:67:d9:60:10:7d:72:6b:24:0a:be:ab:
ba:98:ea:4d:c5:26:3e:a8:3d:ab:11:f3:3f:da:32:
ba:f3:b9:22:fc:f7:c5:6d:3f:08:40:41:20:7b:5c:
7b:01:6b:b4:aa:f6:fb:7b:77:09:65:77:23:d6:aa:
24:6d:76:5e:72:72:8a:7d:39:13:15:69:82:91:a6:
5c:c4:0b:55:cb:26:fd:cb:ab:e9:28:c8:17:60:1b:
1f:3e:65:5c:06:b5:7d:6c:96:aa:f8:84:72:4a:e6:
7e:e9:79:25:f8:91:d5:4a:4e:a1:af:6c:f8:47:c0:
aa:19:f3:e3:88:a8:15:ff:4c:36:da:38:15:18:59:
78:4c:dd:29:bc:1c:d6:b3:68:5b:77:1f:31:9c:5a:
78:74:c1:f8:9b:73:a3:f1:1d:57:9f:ad:b3:da:e5:
ed:af:2d:d8:78:35:97:c7:7f:2b:2b:1e:5a:e7:22:
a8:d5:4c:1e:67:d4:36:30:a1:0c:25:a9:1d:6e:e3:
8d:cc:03:df:c7:c4:e6:a9:1c:57:cf:60:9e:b4:95:
71:44:93:ee:cb:05:31:63:af:12:4c:95:ef:6e:15:
97:c5:a5:a1:15:6b:3a:e6:97:65:eb:4a:40:a1:c6:
4b:34:0e:84:ae:48:9d:da:43:7d:70:4c:0c:d0:a4:
ce:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AC:9A:10:20:F0:D2:6D:83:C6:FC:93:0D:70:85:59:54:A2:9C:95
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/1qyaECDw0m2DxvyTDXCFWVSinJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cb:13:12:e2:ea:83:c8:43:b7:89:3e:26:be:ce:b8:1a:5c:c5:
12:76:28:19:da:96:0f:51:8a:8f:30:db:45:b6:1e:ed:72:92:
b0:08:35:2f:07:c4:7a:c0:5e:c5:d0:dc:0c:43:d2:90:2e:00:
b0:e3:09:e1:72:cf:b5:b8:d9:5a:a5:51:b2:97:ca:28:93:83:
c7:36:bf:b0:e2:0d:dc:ca:b7:18:55:0f:5d:08:f7:42:c4:f4:
ef:1a:fe:0f:3e:d1:b8:5a:66:5e:25:29:8d:86:c4:60:2b:ce:
4f:eb:7c:62:6c:b6:a5:14:bd:53:b6:72:e5:f6:6d:a9:dc:10:
fb:6d:cc:d5:ac:61:b5:2d:5e:9f:5a:ca:72:e2:50:ed:f2:3c:
33:c4:6d:f8:a8:b9:2d:13:e0:ee:d3:1c:53:86:59:c5:55:25:
17:5b:71:53:b6:20:64:3e:95:2f:ca:42:e8:71:03:03:7d:78:
8d:3c:b9:18:53:f1:b0:b6:e9:16:ad:72:0a:32:f0:40:9b:33:
17:70:56:bd:0c:c0:cd:75:e5:a8:3f:8a:2d:d1:2a:7d:35:3a:
6d:a2:dd:c1:ae:78:01:c1:35:e3:ac:a9:18:a3:07:50:5b:bf:
93:d1:d5:e1:5c:76:6e:c5:e9:46:9f:b8:44:4a:71:4e:dd:1d:
1b:97:9d:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+EifRKPW30EhEmilMz73VCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE3MDMxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmFjOWExMDIwZjBkMjZkODNjNmZjOTMwZDcwODU1OTU0YTI5Yzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshuHZ9lgEH1yayQKvqu6mOpNxSY+
qD2rEfM/2jK687ki/PfFbT8IQEEge1x7AWu0qvb7e3cJZXcj1qokbXZecnKKfTkT
FWmCkaZcxAtVyyb9y6vpKMgXYBsfPmVcBrV9bJaq+IRySuZ+6Xkl+JHVSk6hr2z4
R8CqGfPjiKgV/0w22jgVGFl4TN0pvBzWs2hbdx8xnFp4dMH4m3Oj8R1Xn62z2uXt
ry3YeDWXx38rKx5a5yKo1UweZ9Q2MKEMJakdbuONzAPfx8TmqRxXz2CetJVxRJPu
ywUxY68STJXvbhWXxaWhFWs65pdl60pAocZLNA6Erkid2kN9cEwM0KTOxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNasmhAg8NJtg8b8kw1whVlUopyVMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvMXF5YUVDRHcwbTJEeHZ5VERYQ0ZXVlNpbkpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMsTEuLqg8hDt4k+Jr7O
uBpcxRJ2KBnalg9Rio8w20W2Hu1ykrAINS8HxHrAXsXQ3AxD0pAuALDjCeFyz7W4
2VqlUbKXyiiTg8c2v7DiDdzKtxhVD10I90LE9O8a/g8+0bhaZl4lKY2GxGArzk/r
fGJstqUUvVO2cuX2bancEPttzNWsYbUtXp9aynLiUO3yPDPEbfiouS0T4O7THFOG
WcVVJRdbcVO2IGQ+lS/KQuhxAwN9eI08uRhT8bC26Ratcgoy8ECbMxdwVr0MwM11
5ag/ii3RKn01Om2i3cGueAHBNeOsqRijB1Bbv5PR1eFcdm7F6UafuERKcU7dHRuX
nTE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org