Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/5pvD6XsyI-B0xhF3bsx6K4cbx_s.roa
File: 5pvD6XsyI-B0xhF3bsx6K4cbx_s.roa (raw, json)
Hash identifier: RRia9swOQUr9VWXr20cdOy+65nhcNDiRPqCEjdQiWJE=
Subject key identifier: E6:9B:C3:E9:7B:32:23:E0:74:C6:11:77:6E:CC:7A:2B:87:1B:C7:FB
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F75F2032007A240978203885C968636D4
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/5pvD6XsyI-B0xhF3bsx6K4cbx_s.roa
Signing time: Tue 14 May 2024 07:12:25 +0000
ROA not before: Tue 14 May 2024 07:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:75:f2:03:20:07:a2:40:97:82:03:88:5c:96:86:36:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 14 07:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e69bc3e97b3223e074c611776ecc7a2b871bc7fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:77:bb:c7:df:78:62:79:5c:ae:bb:15:fe:2a:
ad:70:65:91:f7:1f:46:ab:59:93:d3:cc:8e:a9:6b:
e0:2b:a4:8f:21:51:bf:f9:c4:d5:04:4d:f7:2d:dc:
2a:40:4b:d2:37:c2:2b:97:b2:76:e8:38:d9:b4:6b:
7b:eb:fa:e6:e2:81:88:7a:4b:fe:73:8c:6b:1e:9c:
44:17:4c:ea:65:e9:1d:db:63:d8:a8:23:0e:45:67:
18:80:60:2c:a7:ce:89:f4:3f:61:3b:00:83:d6:9d:
37:9e:46:16:7a:3a:3a:8b:13:c2:19:4d:8b:62:1c:
c0:7e:ce:e3:ae:9a:6f:6b:76:1d:2c:2c:c4:39:c0:
70:cd:df:08:96:01:74:31:ab:da:e3:f9:59:f0:bf:
81:ba:67:61:bf:7a:04:cf:af:90:30:b9:e6:21:8d:
d7:bb:da:57:30:8e:72:30:f4:a6:b9:f8:f7:98:57:
c6:7a:d2:b8:28:57:6c:c3:94:7e:3a:02:54:4a:c7:
63:30:fe:ab:a9:40:2b:a3:12:30:fa:a2:ba:03:5a:
c9:59:b3:46:b8:4b:31:15:f6:84:ce:5d:6d:81:4b:
fa:ce:20:47:f5:38:e3:2f:ae:f6:3d:66:92:c2:13:
81:d7:63:08:d2:b5:16:aa:de:28:53:47:fa:ec:b1:
96:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:9B:C3:E9:7B:32:23:E0:74:C6:11:77:6E:CC:7A:2B:87:1B:C7:FB
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/5pvD6XsyI-B0xhF3bsx6K4cbx_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:61:f8:b3:52:f4:a0:cb:11:7a:5b:f2:07:19:2f:5b:31:ef:
34:a9:b3:4b:e5:70:4a:d4:8e:28:12:2a:4f:d4:06:07:c4:0d:
78:d6:a0:56:0e:df:4f:77:58:81:e5:a6:62:3a:27:0b:97:8f:
fe:02:aa:65:59:b6:6c:11:df:b2:95:b2:a8:26:ea:d5:c6:68:
af:24:1c:2c:cf:71:99:33:d7:81:e8:7e:0f:b5:f5:98:8f:dd:
81:46:b4:f6:7d:f8:03:b6:de:59:9c:eb:de:12:42:d3:25:f5:
bd:cd:b2:5d:4f:f9:b3:cc:ca:b4:30:a8:63:f6:ed:50:06:a5:
c6:d7:0a:76:0c:6d:f5:38:15:d7:b9:aa:cd:3b:0f:a6:f4:88:
19:0a:de:72:4c:21:5f:95:10:ca:06:cb:2d:a6:a3:b6:bf:d7:
c0:bd:ca:61:d1:68:15:e5:3f:3c:9f:be:29:53:b7:f8:0d:8a:
04:73:82:88:b7:1b:c8:3d:44:07:02:83:f1:1a:43:63:ef:f6:
55:86:1c:e6:d2:a9:80:ec:57:68:b0:6f:8f:81:f7:1e:5f:ff:
c9:d9:ca:3d:3c:ac:c0:cf:85:ef:4c:b9:a0:52:2e:10:53:05:
15:c5:6b:6a:df:d2:8e:f4:0e:e5:d7:15:cb:ec:59:5b:a4:92:
32:79:65:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY918gMgB6JAl4IDiFyWhjbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE0MDcxMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjliYzNlOTdiMzIyM2UwNzRjNjExNzc2ZWNjN2EyYjg3MWJjN2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3e7x994YnlcrrsV/iqtcGWR9x9G
q1mT08yOqWvgK6SPIVG/+cTVBE33LdwqQEvSN8Irl7J26DjZtGt76/rm4oGIekv+
c4xrHpxEF0zqZekd22PYqCMORWcYgGAsp86J9D9hOwCD1p03nkYWejo6ixPCGU2L
YhzAfs7jrppva3YdLCzEOcBwzd8IlgF0Mava4/lZ8L+Bumdhv3oEz6+QMLnmIY3X
u9pXMI5yMPSmufj3mFfGetK4KFdsw5R+OgJUSsdjMP6rqUAroxIw+qK6A1rJWbNG
uEsxFfaEzl1tgUv6ziBH9TjjL672PWaSwhOB12MI0rUWqt4oU0f67LGW6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOabw+l7MiPgdMYRd27MeiuHG8f7MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvNXB2RDZYc3lJLUIweGhGM2JzeDZLNGNieF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADph+LNS9KDLEXpb8gcZ
L1sx7zSps0vlcErUjigSKk/UBgfEDXjWoFYO3093WIHlpmI6JwuXj/4CqmVZtmwR
37KVsqgm6tXGaK8kHCzPcZkz14Hofg+19ZiP3YFGtPZ9+AO23lmc694SQtMl9b3N
sl1P+bPMyrQwqGP27VAGpcbXCnYMbfU4Fde5qs07D6b0iBkK3nJMIV+VEMoGyy2m
o7a/18C9ymHRaBXlPzyfvilTt/gNigRzgoi3G8g9RAcCg/EaQ2Pv9lWGHObSqYDs
V2iwb4+B9x5f/8nZyj08rMDPhe9MuaBSLhBTBRXFa2rf0o70DuXXFcvsWVukkjJ5
Zck=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org