Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3kYjGHBRH-45TfseA4cv831znVk.roa
File: 3kYjGHBRH-45TfseA4cv831znVk.roa (raw, json)
Hash identifier: 78dPQWn2aLZ6tXzmte3NOFMjzFZjL9dsOGXI6xHNC8w=
Subject key identifier: DE:46:23:18:70:51:1F:EE:39:4D:FB:1E:03:87:2F:F3:7D:73:9D:59
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5C9FA2784982690AF0BA0E41F7853A01
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3kYjGHBRH-45TfseA4cv831znVk.roa
Signing time: Thu 09 May 2024 09:11:56 +0000
ROA not before: Thu 09 May 2024 09:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:9f:a2:78:49:82:69:0a:f0:ba:0e:41:f7:85:3a:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 9 09:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de46231870511fee394dfb1e03872ff37d739d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a3:fe:5c:53:33:f9:cc:00:ce:57:b0:b4:98:
b2:cf:2f:ff:7f:b0:3b:b2:47:71:0f:69:fd:c8:48:
91:73:27:96:03:10:e9:d3:50:83:c9:ec:0b:f4:5c:
d5:00:cc:b0:88:61:92:2c:94:ec:1b:d2:e3:9f:4c:
4a:b7:73:f0:8b:9c:af:23:e4:4e:37:ab:d1:90:ac:
e1:9a:f2:d1:4a:9d:78:b0:76:47:80:45:f0:c1:fc:
51:a9:af:aa:4e:5f:13:76:6f:5c:5d:10:46:5c:a9:
06:97:4b:02:39:24:4c:68:af:e1:64:69:a9:8b:83:
59:c5:bd:ab:71:4c:f9:11:8e:60:a7:43:43:e3:a1:
aa:c1:53:4b:c9:40:fa:d7:d7:97:53:a8:f7:71:ab:
32:64:eb:ab:ff:fd:89:36:55:22:1c:d8:5a:a2:a6:
f6:ee:ca:44:fb:70:05:a1:5d:09:13:4d:f1:b1:09:
ee:f4:e2:3a:fd:c3:5c:ac:f2:60:3f:87:cb:a2:df:
56:87:62:db:23:8e:aa:9b:c9:fb:c7:9d:92:ee:04:
bf:49:e9:81:96:68:c4:46:d7:b3:c9:48:2e:39:1d:
b7:dd:87:43:e9:4d:00:1f:0c:6d:17:14:7c:7d:32:
de:ac:dd:2b:00:78:bc:79:7e:d1:36:35:87:1e:4f:
63:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:46:23:18:70:51:1F:EE:39:4D:FB:1E:03:87:2F:F3:7D:73:9D:59
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3kYjGHBRH-45TfseA4cv831znVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:34:6d:c3:d2:16:8e:ae:65:69:f9:49:af:1c:eb:e8:70:2f:
2d:59:de:06:8b:7d:a7:0d:27:19:b7:d7:9d:91:e7:6e:10:18:
07:70:59:c9:2f:44:f9:4d:4e:91:67:c6:0e:87:4f:2d:71:2c:
e4:dd:f6:20:66:47:33:d2:3b:97:6e:c3:34:b8:3b:a4:85:0c:
f0:24:02:b2:05:72:b5:9c:32:fa:a8:09:a5:0e:99:b3:3d:47:
96:b3:9b:dc:20:49:fb:98:a9:0c:54:a2:04:ad:49:95:6d:5e:
54:81:db:cc:ef:cc:2d:6b:28:a8:e6:4d:83:f2:2f:12:6f:fe:
de:b2:1b:61:86:cb:1d:3d:68:66:84:3b:88:9a:a2:43:94:ab:
d5:11:6a:d2:ff:f7:74:30:64:7c:18:12:c0:90:64:8a:93:98:
34:32:ca:eb:e0:33:53:96:28:0d:d1:57:2f:ec:1c:11:47:bd:
26:c2:e6:d7:df:12:dc:0c:77:3e:01:c4:32:0d:f0:16:20:8b:
ab:6b:2f:34:4b:dc:de:39:2f:63:24:9d:21:d5:dc:a1:0e:3d:
44:02:af:68:96:36:c2:f9:fc:44:8a:04:a7:d3:e8:6a:a7:9a:
07:e2:0d:7d:82:c9:92:24:7c:c9:6b:8c:f8:40:19:eb:7d:51:
a4:39:74:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9cn6J4SYJpCvC6DkH3hToBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA5MDkxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTQ2MjMxODcwNTExZmVlMzk0ZGZiMWUwMzg3MmZmMzdkNzM5ZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaP+XFMz+cwAzlewtJiyzy//f7A7
skdxD2n9yEiRcyeWAxDp01CDyewL9FzVAMywiGGSLJTsG9Ljn0xKt3Pwi5yvI+RO
N6vRkKzhmvLRSp14sHZHgEXwwfxRqa+qTl8Tdm9cXRBGXKkGl0sCOSRMaK/hZGmp
i4NZxb2rcUz5EY5gp0ND46GqwVNLyUD619eXU6j3casyZOur//2JNlUiHNhaoqb2
7spE+3AFoV0JE03xsQnu9OI6/cNcrPJgP4fLot9Wh2LbI46qm8n7x52S7gS/SemB
lmjERtezyUguOR233YdD6U0AHwxtFxR8fTLerN0rAHi8eX7RNjWHHk9jPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN5GIxhwUR/uOU37HgOHL/N9c51ZMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvM2tZakdIQlJILTQ1VGZzZUE0Y3Y4MzF6blZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHg0bcPSFo6uZWn5Sa8c
6+hwLy1Z3gaLfacNJxm3152R524QGAdwWckvRPlNTpFnxg6HTy1xLOTd9iBmRzPS
O5duwzS4O6SFDPAkArIFcrWcMvqoCaUOmbM9R5azm9wgSfuYqQxUogStSZVtXlSB
28zvzC1rKKjmTYPyLxJv/t6yG2GGyx09aGaEO4iaokOUq9URatL/93QwZHwYEsCQ
ZIqTmDQyyuvgM1OWKA3RVy/sHBFHvSbC5tffEtwMdz4BxDIN8BYgi6trLzRL3N45
L2MknSHV3KEOPUQCr2iWNsL5/ESKBKfT6GqnmgfiDX2CyZIkfMlrjPhAGet9UaQ5
dCM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:58 2024 by rpki-client on console-ams.rpki-client.org