Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2wKIoXOIILv2xkRg1iO_Ys5Qg14.roa
File: 2wKIoXOIILv2xkRg1iO_Ys5Qg14.roa (raw, json)
Hash identifier: pyNcI2hEx+/sT0LkA74i/6DDdSTjExon+2W8i+mFNXs=
Subject key identifier: DB:02:88:A1:73:88:20:BB:F6:C6:44:60:D6:23:BF:62:CE:50:83:5E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F74717D28CE8A66DFDC9A123E5F7782D1
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2wKIoXOIILv2xkRg1iO_Ys5Qg14.roa
Signing time: Tue 14 May 2024 00:12:25 +0000
ROA not before: Tue 14 May 2024 00:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:74:71:7d:28:ce:8a:66:df:dc:9a:12:3e:5f:77:82:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 14 00:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db0288a1738820bbf6c64460d623bf62ce50835e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:23:ed:d9:25:d2:c4:5d:ad:28:fb:2c:4c:46:
a3:01:4f:c1:72:8b:5b:03:cb:5a:34:5e:08:b2:17:
9a:f8:00:e5:ea:20:1f:b8:81:7b:6b:05:c8:6b:0e:
9f:39:5f:04:ea:9e:ef:c6:90:80:0b:a2:1a:5f:f8:
83:df:05:ec:fe:66:ea:06:54:8a:a7:c9:64:99:d8:
2f:4e:3c:82:ec:af:e1:2c:08:63:10:e5:96:f8:24:
ab:b4:dc:70:02:36:d7:09:c8:4a:51:8e:d1:51:0a:
ed:f6:c0:e5:77:8f:a1:5d:40:2e:b9:79:6d:86:6f:
93:a0:67:6e:08:04:e0:d0:d7:30:39:5b:6c:8b:e4:
bc:ec:85:ee:e7:56:21:4e:96:f0:9e:7c:4b:71:36:
73:8f:08:a6:9a:02:f6:3c:f2:3d:6f:42:6a:bc:5a:
77:af:43:c9:8d:15:97:34:30:c9:a6:bb:be:3f:97:
2c:6c:a7:80:af:cd:61:fc:82:4e:cc:d3:38:ec:c6:
f4:c7:0c:5b:cf:37:3b:17:9e:df:6a:cc:aa:ec:5c:
76:8e:ac:82:fa:02:59:49:b8:79:28:1c:1d:12:92:
cc:51:90:8f:4b:4b:67:dc:ef:ec:79:e3:e3:3e:4a:
57:9e:f7:b3:d3:d0:1d:87:b7:be:cf:53:fa:8b:4c:
26:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:02:88:A1:73:88:20:BB:F6:C6:44:60:D6:23:BF:62:CE:50:83:5E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2wKIoXOIILv2xkRg1iO_Ys5Qg14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:9d:7b:06:70:6a:ed:be:65:cf:80:d4:d1:41:07:56:53:ed:
8e:40:8d:18:68:db:51:39:53:ac:93:86:1f:dc:a4:14:7e:ac:
e8:75:3d:b8:36:e5:60:58:88:85:d8:c7:e7:b9:dd:2b:97:fa:
0c:25:a8:ff:8d:9a:7a:ca:de:ca:46:c6:b4:32:e1:de:78:14:
81:29:5f:ad:7d:5d:3a:f2:ec:b7:f1:69:39:ed:ea:77:e1:98:
2a:a2:a4:c7:46:74:a8:35:24:2e:fb:29:86:cc:07:c2:28:9e:
9a:3f:59:f3:d2:28:62:b2:38:c3:5c:36:c9:fc:fa:a0:12:7a:
5c:bb:81:fb:1d:f1:61:7a:83:f2:f9:f7:6f:3f:38:d3:6e:a8:
9d:f9:1e:3c:7a:d4:89:b9:c0:da:5e:fb:3e:69:be:74:2e:ff:
9d:9b:f6:50:13:96:bb:48:35:5f:fc:b2:03:94:e0:48:39:a9:
93:9f:82:ef:26:c1:98:60:eb:22:a0:78:80:92:f2:cd:96:9b:
f9:d9:16:a2:00:c4:b8:e1:ae:21:a5:8e:c5:32:c2:59:cc:13:
c6:8f:5e:c2:a8:cc:58:ce:d6:b3:47:2b:1d:8f:87:10:40:4f:
52:50:da:a0:6c:64:4d:d8:3a:17:7e:20:06:17:26:c9:11:39:
07:29:2a:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY90cX0ozopm39yaEj5fd4LRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE0MDAxMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjAyODhhMTczODgyMGJiZjZjNjQ0NjBkNjIzYmY2MmNlNTA4MzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiPt2SXSxF2tKPssTEajAU/Bcotb
A8taNF4Ishea+ADl6iAfuIF7awXIaw6fOV8E6p7vxpCAC6IaX/iD3wXs/mbqBlSK
p8lkmdgvTjyC7K/hLAhjEOWW+CSrtNxwAjbXCchKUY7RUQrt9sDld4+hXUAuuXlt
hm+ToGduCATg0NcwOVtsi+S87IXu51YhTpbwnnxLcTZzjwimmgL2PPI9b0JqvFp3
r0PJjRWXNDDJpru+P5csbKeAr81h/IJOzNM47Mb0xwxbzzc7F57fasyq7Fx2jqyC
+gJZSbh5KBwdEpLMUZCPS0tn3O/seePjPkpXnvez09Adh7e+z1P6i0wmxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNsCiKFziCC79sZEYNYjv2LOUINeMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvMndLSW9YT0lJTHYyeGtSZzFpT19ZczVRZzE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABydewZwau2+Zc+A1NFB
B1ZT7Y5AjRho21E5U6yThh/cpBR+rOh1Pbg25WBYiIXYx+e53SuX+gwlqP+NmnrK
3spGxrQy4d54FIEpX619XTry7LfxaTnt6nfhmCqipMdGdKg1JC77KYbMB8Ionpo/
WfPSKGKyOMNcNsn8+qASely7gfsd8WF6g/L5928/ONNuqJ35Hjx61Im5wNpe+z5p
vnQu/52b9lATlrtINV/8sgOU4Eg5qZOfgu8mwZhg6yKgeICS8s2Wm/nZFqIAxLjh
riGljsUywlnME8aPXsKozFjO1rNHKx2PhxBAT1JQ2qBsZE3YOhd+IAYXJskROQcp
KmY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org