Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2cX5-2mxaB9Z0e0aBGpz7wKMdYA.roa
File: 2cX5-2mxaB9Z0e0aBGpz7wKMdYA.roa (raw, json)
Hash identifier: v9Lh6CWK88oF4DkKvb4gaf+Je3cUWsfw1aITde5yfxk=
Subject key identifier: D9:C5:F9:FB:69:B1:68:1F:59:D1:ED:1A:04:6A:73:EF:02:8C:75:80
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F554D8D79AFB21463DC0ADE0A09F3346E
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2cX5-2mxaB9Z0e0aBGpz7wKMdYA.roa
Signing time: Tue 07 May 2024 23:04:56 +0000
ROA not before: Tue 07 May 2024 23:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:554d:202/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:55:4d:8d:79:af:b2:14:63:dc:0a:de:0a:09:f3:34:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 7 23:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9c5f9fb69b1681f59d1ed1a046a73ef028c7580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a9:c9:9c:8b:73:43:9e:48:f7:bc:1f:35:15:
da:f1:95:be:28:0c:2c:02:7b:da:c1:4e:62:b1:7c:
2d:6d:3e:74:42:67:97:95:47:ec:67:3a:9d:86:99:
c6:1e:35:e1:1c:9b:a3:83:0e:e0:c6:b1:fb:8f:5e:
46:98:b0:66:17:5d:ed:43:8f:da:f8:1b:7f:f3:e5:
5b:a2:6d:22:e6:45:8e:04:31:ba:e0:3b:02:bd:73:
30:e2:35:78:f9:30:29:aa:f1:9c:93:31:a7:3a:95:
da:37:f6:e0:8d:e5:02:cd:83:a2:e9:0c:f7:d4:52:
af:7c:b8:15:e1:0e:5c:2a:ed:89:71:8c:5f:44:29:
14:93:4c:18:37:0a:9f:e4:e2:44:57:9d:2f:24:39:
24:37:ac:eb:3c:d8:98:c5:08:95:c9:4b:51:6f:ae:
9d:a1:5b:6d:14:20:f0:76:3d:ac:3e:33:b8:6e:92:
bb:c2:dd:a5:eb:31:be:4d:0a:e7:9e:f8:96:34:6e:
8a:f7:b7:16:78:03:55:91:d7:90:e9:c1:43:5d:ee:
f3:b4:6b:1e:19:bd:21:35:c6:03:87:c8:7f:fd:a3:
94:bc:91:6c:28:c8:69:37:2c:83:86:67:87:35:16:
4a:64:45:3b:46:62:2f:ce:37:3d:51:e6:c2:50:27:
57:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C5:F9:FB:69:B1:68:1F:59:D1:ED:1A:04:6A:73:EF:02:8C:75:80
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2cX5-2mxaB9Z0e0aBGpz7wKMdYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:a8:23:7a:82:3f:3e:ca:6a:85:11:52:30:9a:0a:4a:55:e0:
99:9b:38:15:01:a3:a1:c2:14:fd:6f:25:41:71:c5:ef:7a:c1:
59:ac:95:a1:dd:6d:7c:78:88:cb:8b:00:8e:89:b5:27:c0:9e:
ad:e8:fa:d9:ae:31:49:b4:e5:ba:a1:84:74:b6:dd:c5:c8:5f:
4f:37:c1:3e:e3:4b:d1:df:77:b1:a4:e2:96:c3:73:a3:a0:d0:
7f:f3:b5:ef:30:60:e1:68:46:27:4d:ce:b8:10:09:e3:10:f2:
09:54:9a:e9:01:85:b3:a1:a3:69:cc:08:a1:da:0f:5a:60:6f:
7b:8c:11:fe:ee:79:06:9e:3c:e2:d7:f1:b1:be:54:74:80:9c:
59:b2:8d:af:61:2a:42:b2:b4:f3:0c:2e:8b:30:0a:fb:14:df:
cd:45:0c:f4:2f:58:74:e5:25:23:fd:38:66:18:0a:99:b1:a4:
14:bd:d2:c9:37:63:af:64:f4:1d:6b:ef:bb:41:73:a4:93:ef:
c9:b6:9c:5d:84:9e:1c:e9:89:13:3c:2c:dc:c2:35:42:bc:5f:
2c:05:d9:dd:03:93:9b:5a:1c:5a:e8:d8:95:8a:07:8f:fd:dc:
38:f1:eb:6a:fe:ae:8e:70:64:ee:f6:0e:1a:5e:19:19:85:73:
48:42:70:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9VTY15r7IUY9wK3goJ8zRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA3MjMwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWM1ZjlmYjY5YjE2ODFmNTlkMWVkMWEwNDZhNzNlZjAyOGM3NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6nJnItzQ55I97wfNRXa8ZW+KAws
AnvawU5isXwtbT50QmeXlUfsZzqdhpnGHjXhHJujgw7gxrH7j15GmLBmF13tQ4/a
+Bt/8+Vbom0i5kWOBDG64DsCvXMw4jV4+TApqvGckzGnOpXaN/bgjeUCzYOi6Qz3
1FKvfLgV4Q5cKu2JcYxfRCkUk0wYNwqf5OJEV50vJDkkN6zrPNiYxQiVyUtRb66d
oVttFCDwdj2sPjO4bpK7wt2l6zG+TQrnnviWNG6K97cWeANVkdeQ6cFDXe7ztGse
Gb0hNcYDh8h//aOUvJFsKMhpNyyDhmeHNRZKZEU7RmIvzjc9UebCUCdXDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNnF+ftpsWgfWdHtGgRqc+8CjHWAMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvMmNYNS0ybXhhQjlaMGUwYUJHcHo3d0tNZFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH2oI3qCPz7KaoURUjCa
CkpV4JmbOBUBo6HCFP1vJUFxxe96wVmslaHdbXx4iMuLAI6JtSfAnq3o+tmuMUm0
5bqhhHS23cXIX083wT7jS9Hfd7Gk4pbDc6Og0H/zte8wYOFoRidNzrgQCeMQ8glU
mukBhbOho2nMCKHaD1pgb3uMEf7ueQaePOLX8bG+VHSAnFmyja9hKkKytPMMLosw
CvsU381FDPQvWHTlJSP9OGYYCpmxpBS90sk3Y69k9B1r77tBc6ST78m2nF2Enhzp
iRM8LNzCNUK8XywF2d0Dk5taHFro2JWKB4/93Djx62r+ro5wZO72DhpeGRmFc0hC
cAo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:58 2024 by rpki-client on console-ams.rpki-client.org