Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7T1A99XZIM_w_yC36ukzeLJpCXc.roa
File: 7T1A99XZIM_w_yC36ukzeLJpCXc.roa (raw, json)
Hash identifier: s5czdFu+NAlCXIedjr2aCfHTJ0QIek/SFDVIBcx+T7A=
Subject key identifier: ED:3D:40:F7:D5:D9:20:CF:F0:FF:20:B7:EA:E9:33:78:B2:69:09:77
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F3A15783BEA370E9F55CF05E6DDA29318
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7T1A99XZIM_w_yC36ukzeLJpCXc.roa
Signing time: Thu 02 May 2024 16:13:56 +0000
ROA not before: Thu 02 May 2024 16:13:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3a:15:78:3b:ea:37:0e:9f:55:cf:05:e6:dd:a2:93:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 2 16:13:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed3d40f7d5d920cff0ff20b7eae93378b2690977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5e:4b:60:5f:47:17:e9:20:0d:07:a2:91:e2:
a7:05:02:aa:29:3a:fc:bc:3f:76:d6:97:67:41:08:
e7:bd:32:92:9c:42:06:73:66:85:78:59:5e:03:2b:
65:17:c0:eb:50:74:66:b8:b2:5b:34:3a:74:b6:c1:
22:d9:a4:8f:87:33:a3:b6:69:a7:ec:12:a7:0c:1b:
7e:0a:ea:8c:2e:dc:93:b1:8b:c1:50:f9:d9:97:8e:
48:76:8c:8c:8d:63:cb:99:b6:eb:6a:66:bf:7b:1f:
01:b8:e0:1f:43:a5:85:97:0f:b8:f4:7e:5c:53:a1:
f7:46:a3:7f:90:31:e0:6b:7f:a4:ef:05:f7:bd:58:
4b:f3:4a:40:32:43:2e:56:b5:25:5b:6f:18:2c:32:
c6:09:87:01:d5:a4:41:ad:6b:d5:5d:a7:25:08:7d:
75:15:71:cd:35:2d:74:ae:e2:ec:45:16:4c:04:ac:
2d:5b:0d:89:a8:7d:46:64:85:e7:8a:c1:62:60:ab:
c2:b2:b7:05:ea:8c:3b:33:ff:1d:cc:ab:51:2b:8f:
e4:ea:d7:eb:f8:21:3d:a1:92:05:c9:1c:8f:96:b9:
31:34:5f:03:7b:98:a7:85:dd:0a:65:c0:53:76:a1:
93:7d:e6:eb:85:75:79:ca:f2:1b:a9:6b:00:7a:00:
6f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:3D:40:F7:D5:D9:20:CF:F0:FF:20:B7:EA:E9:33:78:B2:69:09:77
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7T1A99XZIM_w_yC36ukzeLJpCXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:3c:8e:ed:74:61:f1:c3:35:bc:35:f1:37:5c:d7:8a:b1:68:
f1:5d:b5:94:61:85:9a:ee:bd:69:2e:b7:fb:9b:dd:27:f6:be:
ec:11:90:32:14:3a:6d:ac:d6:4a:91:d3:8e:38:28:c3:a8:f7:
ec:b8:ae:ec:83:16:8f:f5:29:f8:85:6e:e1:f3:90:03:fd:ad:
4a:d4:3e:85:db:e9:6b:ad:c3:37:16:e2:ad:bc:24:57:e2:82:
cf:29:fa:01:56:e9:97:97:85:de:58:40:ee:97:c5:7f:13:bd:
d1:64:5f:22:bf:2b:9d:e3:2f:30:0a:8d:6d:5a:47:7b:73:b6:
ad:f2:d4:18:c7:18:c6:4d:7c:c3:c0:97:89:58:c8:56:09:73:
fc:92:25:ca:1e:44:c7:46:df:3b:9d:e7:7a:aa:47:b6:4f:68:
0c:0e:10:19:44:18:56:4a:fe:4f:89:44:ba:ad:99:63:c8:db:
55:32:ac:44:7c:56:14:a2:3e:b0:13:8f:79:fb:0c:69:3c:78:
a5:73:1a:7b:46:46:f6:52:7f:75:f1:ce:f3:b2:85:ab:89:18:
d7:aa:39:ff:58:bb:f2:1d:53:98:a5:93:72:75:3e:b2:b8:fc:
50:30:0e:66:c3:d4:9d:1d:4a:b0:c5:3f:33:50:0b:3d:45:34:
69:fa:ed:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY86FXg76jcOn1XPBebdopMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAyMTYxMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDNkNDBmN2Q1ZDkyMGNmZjBmZjIwYjdlYWU5MzM3OGIyNjkwOTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr15LYF9HF+kgDQeikeKnBQKqKTr8
vD921pdnQQjnvTKSnEIGc2aFeFleAytlF8DrUHRmuLJbNDp0tsEi2aSPhzOjtmmn
7BKnDBt+CuqMLtyTsYvBUPnZl45IdoyMjWPLmbbrama/ex8BuOAfQ6WFlw+49H5c
U6H3RqN/kDHga3+k7wX3vVhL80pAMkMuVrUlW28YLDLGCYcB1aRBrWvVXaclCH11
FXHNNS10ruLsRRZMBKwtWw2JqH1GZIXnisFiYKvCsrcF6ow7M/8dzKtRK4/k6tfr
+CE9oZIFyRyPlrkxNF8De5inhd0KZcBTdqGTfebrhXV5yvIbqWsAegBvnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO09QPfV2SDP8P8gt+rpM3iyaQl3MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvN1QxQTk5WFpJTV93X3lDMzZ1a3plTEpwQ1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFo8ju10YfHDNbw18Tdc
14qxaPFdtZRhhZruvWkut/ub3Sf2vuwRkDIUOm2s1kqR0444KMOo9+y4ruyDFo/1
KfiFbuHzkAP9rUrUPoXb6WutwzcW4q28JFfigs8p+gFW6ZeXhd5YQO6XxX8TvdFk
XyK/K53jLzAKjW1aR3tztq3y1BjHGMZNfMPAl4lYyFYJc/ySJcoeRMdG3zud53qq
R7ZPaAwOEBlEGFZK/k+JRLqtmWPI21UyrER8VhSiPrATj3n7DGk8eKVzGntGRvZS
f3XxzvOyhauJGNeqOf9Yu/IdU5ilk3J1PrK4/FAwDmbD1J0dSrDFPzNQCz1FNGn6
7Ro=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:58 2024 by rpki-client on console-ams.rpki-client.org