Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3GUIOPZxKWX9jdk5hrOSCrF0zeU.roa
File: 3GUIOPZxKWX9jdk5hrOSCrF0zeU.roa (raw, json)
Hash identifier: s8Z85ab1baZqPoTZfVdlBtI4V3HduDfSbC4dGl16Pow=
Subject key identifier: DC:65:08:38:F6:71:29:65:FD:8D:D9:39:86:B3:92:0A:B1:74:CD:E5
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9DA4F5789809004401F7532E668E3CA9
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3GUIOPZxKWX9jdk5hrOSCrF0zeU.roa
Signing time: Wed 22 May 2024 00:13:04 +0000
ROA not before: Wed 22 May 2024 00:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9d:a4:f5:78:98:09:00:44:01:f7:53:2e:66:8e:3c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 22 00:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc650838f6712965fd8dd93986b3920ab174cde5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:80:28:98:92:da:ee:03:8a:b6:c4:bd:a5:87:
fc:7a:56:2d:42:86:e8:22:36:94:68:fc:e4:b1:25:
c4:8a:04:b7:ad:1c:f8:8f:fe:52:df:9a:6f:46:c4:
2d:75:a1:75:c4:a3:d2:cd:d2:c2:cc:48:7f:7b:83:
6a:6a:60:7f:a2:1f:96:e7:62:f5:e9:e4:e2:22:a9:
21:61:bc:5d:55:9a:2a:58:62:56:b7:ca:e6:90:f3:
66:76:b4:2b:8c:99:9e:0c:4f:2a:5b:0f:83:02:b7:
8d:bc:9b:12:3b:04:f4:4d:75:68:32:63:e9:58:c6:
e4:8e:96:4e:8f:ed:db:12:e2:e5:0d:28:20:8b:83:
f2:dc:41:13:cd:b8:d1:69:41:19:0e:0d:1a:35:f1:
5a:77:b7:9b:86:63:25:32:39:12:ec:07:a0:6a:fd:
c7:3a:e8:e9:ac:98:ea:f6:19:2b:d3:2b:dd:0a:d0:
a4:f6:62:52:5c:a3:34:08:91:7c:c4:1d:bc:88:b7:
ba:cb:78:9c:08:5c:b3:6a:40:fe:aa:22:80:ee:64:
27:f6:31:03:dc:98:5f:03:7f:4f:39:e4:3f:4b:48:
a8:73:87:f9:9e:c2:22:27:a9:14:da:7d:74:d9:96:
84:e5:8a:28:00:66:11:3c:e1:63:c5:a7:e8:f2:99:
9b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:65:08:38:F6:71:29:65:FD:8D:D9:39:86:B3:92:0A:B1:74:CD:E5
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3GUIOPZxKWX9jdk5hrOSCrF0zeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:09:d5:a6:ad:6b:70:23:1b:47:f5:c5:2c:e0:16:fa:c3:01:
70:fb:42:bc:c3:8a:3a:18:2e:1c:f5:a5:e8:89:e7:a2:dc:06:
19:d7:51:60:6a:02:8c:c5:74:1a:cf:77:70:b8:db:b7:36:90:
2e:83:6b:5b:6a:2b:21:a0:13:32:20:fc:1d:43:16:ce:c1:2d:
30:db:34:b3:2f:2e:e9:3e:66:18:5e:30:3a:25:66:e1:e9:9a:
08:61:11:1c:11:05:65:14:f9:bc:2c:02:bd:08:0c:7d:0b:e2:
85:3f:ea:a4:82:7a:ed:1d:7c:ba:c9:fe:93:da:2c:c0:39:13:
3c:70:7d:dc:9e:de:2b:bf:10:3b:2e:bf:67:17:aa:22:0f:7f:
5d:52:ad:53:0a:8e:cc:88:a0:69:82:61:1e:06:69:09:0c:e4:
1b:6c:8d:a3:f7:2a:5f:63:ba:c0:81:0e:3b:89:12:51:5c:a9:
50:16:dc:35:9a:70:4e:27:1a:7f:1a:fa:1a:97:46:87:64:c9:
77:f2:80:a0:d2:a4:40:ce:82:05:d7:1e:31:92:a2:57:70:dc:
af:49:66:ab:7d:3a:71:d7:60:a5:da:0e:1d:75:86:30:23:e1:
84:44:06:74:c5:32:42:ef:ca:e4:fb:bc:e9:fe:42:34:3e:0d:
78:57:ad:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+dpPV4mAkARAH3Uy5mjjypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIyMDAxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzY1MDgzOGY2NzEyOTY1ZmQ4ZGQ5Mzk4NmIzOTIwYWIxNzRjZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIAomJLa7gOKtsS9pYf8elYtQobo
IjaUaPzksSXEigS3rRz4j/5S35pvRsQtdaF1xKPSzdLCzEh/e4NqamB/oh+W52L1
6eTiIqkhYbxdVZoqWGJWt8rmkPNmdrQrjJmeDE8qWw+DAreNvJsSOwT0TXVoMmPp
WMbkjpZOj+3bEuLlDSggi4Py3EETzbjRaUEZDg0aNfFad7ebhmMlMjkS7Aegav3H
OujprJjq9hkr0yvdCtCk9mJSXKM0CJF8xB28iLe6y3icCFyzakD+qiKA7mQn9jED
3JhfA39POeQ/S0ioc4f5nsIiJ6kU2n102ZaE5YooAGYRPOFjxafo8pmbrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNxlCDj2cSll/Y3ZOYazkgqxdM3lMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvM0dVSU9QWnhLV1g5amRrNWhyT1NDckYwemVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABYJ1aata3AjG0f1xSzg
FvrDAXD7QrzDijoYLhz1peiJ56LcBhnXUWBqAozFdBrPd3C427c2kC6Da1tqKyGg
EzIg/B1DFs7BLTDbNLMvLuk+ZhheMDolZuHpmghhERwRBWUU+bwsAr0IDH0L4oU/
6qSCeu0dfLrJ/pPaLMA5Ezxwfdye3iu/EDsuv2cXqiIPf11SrVMKjsyIoGmCYR4G
aQkM5BtsjaP3Kl9jusCBDjuJElFcqVAW3DWacE4nGn8a+hqXRodkyXfygKDSpEDO
ggXXHjGSoldw3K9JZqt9OnHXYKXaDh11hjAj4YREBnTFMkLvyuT7vOn+QjQ+DXhX
rcA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org