Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2XiuP6al8IV8fwKSwKqNbd_pRSY.roa
File: 2XiuP6al8IV8fwKSwKqNbd_pRSY.roa (raw, json)
Hash identifier: 2RpHmJxdm+DUPpmBPQZf8OXkpUfms1/ePBwSlRrL2IQ=
Subject key identifier: D9:78:AE:3F:A6:A5:F0:85:7C:7F:02:92:C0:AA:8D:6D:DF:E9:45:26
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F920DBB68293D13290C4BC5B425362C90
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2XiuP6al8IV8fwKSwKqNbd_pRSY.roa
Signing time: Sun 19 May 2024 18:12:04 +0000
ROA not before: Sun 19 May 2024 18:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:92:0d:bb:68:29:3d:13:29:0c:4b:c5:b4:25:36:2c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 19 18:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d978ae3fa6a5f0857c7f0292c0aa8d6ddfe94526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d6:a1:c4:bc:63:88:c4:88:31:3c:fb:d8:d4:
a9:ee:6e:be:b8:c9:5a:f2:0d:76:23:8e:c4:06:87:
52:4b:56:17:ae:76:72:47:59:74:09:0c:da:e4:ae:
74:16:1b:01:e2:fa:73:34:06:a0:8c:bf:d6:4f:6f:
4c:66:bc:43:fb:86:c7:16:ab:1e:59:3b:3e:c1:87:
11:69:36:b4:35:72:c1:51:44:7c:52:15:78:45:5c:
46:4c:59:61:96:a8:6d:f6:bc:8f:18:c9:a6:c2:d2:
08:22:7a:b9:4a:3f:f1:53:84:a0:0b:0a:f7:d6:28:
fb:51:81:13:27:56:2d:f6:99:16:5f:7a:80:8a:ff:
94:77:41:6b:9f:e7:52:f7:71:22:46:54:11:33:df:
2c:41:de:ec:a3:83:df:7e:d2:2f:b1:cc:63:b2:e1:
53:bd:5e:07:78:74:b5:c7:a4:58:cf:1d:6b:ce:23:
fe:29:b7:62:cc:9a:31:eb:0d:18:1b:42:e9:3e:4c:
20:12:39:d0:8e:84:22:a8:84:c3:bc:1b:1c:b2:9e:
14:53:44:e2:35:06:7f:58:61:d9:07:15:58:45:a3:
0c:f7:ad:5f:a2:e8:43:63:4f:e9:69:6b:9a:02:04:
40:6a:b2:10:71:82:ee:b2:05:a2:6d:6e:2a:81:09:
ae:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:78:AE:3F:A6:A5:F0:85:7C:7F:02:92:C0:AA:8D:6D:DF:E9:45:26
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2XiuP6al8IV8fwKSwKqNbd_pRSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:c1:3d:44:c7:17:c9:b5:56:5c:79:b8:ff:1a:0a:1c:37:e0:
1f:30:d4:33:c6:e6:7e:59:22:98:99:ef:3a:16:e4:32:2c:05:
58:fc:0a:a8:c4:cd:d5:1d:43:b2:8a:42:09:09:19:e2:c5:df:
54:f0:40:63:9f:9e:e9:1b:13:82:81:9b:9f:e9:5d:84:85:3e:
33:e4:07:8a:53:74:fa:1d:e0:af:61:be:33:bd:8e:bb:f4:36:
a2:0d:68:f5:e2:5c:53:8f:4b:ad:2d:86:a6:31:1f:54:d3:1f:
c1:02:b3:58:7e:83:75:f4:86:a4:de:f5:f4:4d:fd:3c:ae:0e:
0f:48:cd:d8:0e:3d:bb:d3:66:f8:8b:41:bc:a6:f4:22:03:b5:
01:b3:85:a4:17:1d:63:c1:7b:6f:5b:60:05:6d:2e:b8:0d:c4:
96:33:e3:15:37:49:0f:4d:4d:7e:8a:62:93:15:e9:6a:83:2b:
78:5f:b6:1a:fa:43:d7:35:c6:d7:24:84:67:5d:0b:2e:3f:82:
0d:c2:3e:6a:db:81:68:05:e7:87:d4:30:0a:d7:e7:dd:53:bf:
16:57:ff:32:c1:6d:d5:cd:e0:32:34:e1:52:25:95:af:88:84:
1c:9b:e0:a9:18:9d:ab:df:98:13:5f:be:58:2e:7d:2a:c5:14:
76:18:dc:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+SDbtoKT0TKQxLxbQlNiyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE5MTgxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTc4YWUzZmE2YTVmMDg1N2M3ZjAyOTJjMGFhOGQ2ZGRmZTk0NTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztahxLxjiMSIMTz72NSp7m6+uMla
8g12I47EBodSS1YXrnZyR1l0CQza5K50FhsB4vpzNAagjL/WT29MZrxD+4bHFqse
WTs+wYcRaTa0NXLBUUR8UhV4RVxGTFlhlqht9ryPGMmmwtIIInq5Sj/xU4SgCwr3
1ij7UYETJ1Yt9pkWX3qAiv+Ud0Frn+dS93EiRlQRM98sQd7so4PfftIvscxjsuFT
vV4HeHS1x6RYzx1rziP+KbdizJox6w0YG0LpPkwgEjnQjoQiqITDvBscsp4UU0Ti
NQZ/WGHZBxVYRaMM961fouhDY0/paWuaAgRAarIQcYLusgWibW4qgQmu1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNl4rj+mpfCFfH8CksCqjW3f6UUmMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvMlhpdVA2YWw4SVY4ZndLU3dLcU5iZF9wUlNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEDBPUTHF8m1Vlx5uP8a
Chw34B8w1DPG5n5ZIpiZ7zoW5DIsBVj8CqjEzdUdQ7KKQgkJGeLF31TwQGOfnukb
E4KBm5/pXYSFPjPkB4pTdPod4K9hvjO9jrv0NqINaPXiXFOPS60thqYxH1TTH8EC
s1h+g3X0hqTe9fRN/TyuDg9IzdgOPbvTZviLQbym9CIDtQGzhaQXHWPBe29bYAVt
LrgNxJYz4xU3SQ9NTX6KYpMV6WqDK3hfthr6Q9c1xtckhGddCy4/gg3CPmrbgWgF
54fUMArX591TvxZX/zLBbdXN4DI04VIlla+IhByb4KkYnavfmBNfvlgufSrFFHYY
3AU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:58 2024 by rpki-client on console-ams.rpki-client.org