Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7z90Rxi0yqgyJj0zyT_A3cdBTlw.roa
File: 7z90Rxi0yqgyJj0zyT_A3cdBTlw.roa (raw, json)
Hash identifier: daWf0a/YsysPdsCnV8iB8hTbOiWC4KIILcmRRR5D4O8=
Subject key identifier: EF:3F:74:47:18:B4:CA:A8:32:26:3D:33:C9:3F:C0:DD:C7:41:4E:5C
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F37824A909264D9DA55A4B0B180C030A9
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7z90Rxi0yqgyJj0zyT_A3cdBTlw.roa
Signing time: Thu 02 May 2024 04:13:56 +0000
ROA not before: Thu 02 May 2024 04:13:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:37:82:4a:90:92:64:d9:da:55:a4:b0:b1:80:c0:30:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 2 04:13:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef3f744718b4caa832263d33c93fc0ddc7414e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:50:25:7d:97:58:a1:8e:47:b7:3f:4b:57:00:
82:46:62:80:e8:11:cc:0f:8e:64:ab:00:f3:63:66:
3d:12:96:0e:ae:c9:77:95:75:94:09:29:a1:ed:17:
71:e5:1b:7f:4d:6e:c3:96:d7:97:3f:a4:f5:81:ed:
1e:8b:7a:4b:92:f5:58:3b:9c:5f:cf:66:20:b4:6e:
23:96:f7:cb:27:9c:e0:fe:d5:56:48:1a:10:cd:a1:
1f:f4:6d:51:08:1a:4c:05:f6:4d:ea:d0:63:10:b8:
0e:f8:ac:97:c2:57:71:75:2e:fa:3a:30:ee:3f:ca:
73:4a:56:a9:3b:59:c5:8c:73:31:63:cc:09:e4:4e:
b8:46:8f:41:9d:2c:c3:6c:d5:31:2e:3d:81:7d:b8:
ca:35:db:fd:eb:01:65:5b:07:4f:88:41:3e:d6:e4:
b5:74:c2:ba:7a:ac:ca:6d:dd:3e:2e:36:b7:a0:08:
e1:71:42:ad:d1:79:c2:5a:3b:be:60:bd:85:ab:12:
25:db:4f:a8:4b:53:66:d4:8a:59:4a:89:fa:b4:e2:
ff:a6:b3:b2:91:ad:71:22:34:1b:f4:18:39:ed:6c:
54:1c:5b:db:2f:76:c1:fb:9d:d4:c4:1e:90:05:59:
54:3a:2f:4b:f2:77:d5:fb:70:34:ae:47:f0:3a:2d:
28:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:3F:74:47:18:B4:CA:A8:32:26:3D:33:C9:3F:C0:DD:C7:41:4E:5C
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7z90Rxi0yqgyJj0zyT_A3cdBTlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:94:17:6b:4b:10:59:25:dc:6f:25:65:d1:72:d0:8c:26:b6:
40:36:db:a1:a5:a8:0d:d5:57:aa:27:32:da:6d:37:df:70:bf:
30:4d:84:30:67:68:c6:13:9e:f3:65:63:15:a9:21:45:b0:e7:
86:22:2f:68:eb:4b:fa:56:c4:b4:e2:18:10:32:6d:1b:75:3e:
55:5e:9f:f7:57:4e:5f:ae:cf:2f:23:24:93:1b:00:cf:b9:ad:
b2:33:61:d1:02:e3:71:51:4f:6a:ce:e0:be:fd:b6:92:b9:3c:
d4:5f:10:68:1d:e5:08:1f:b4:95:0c:a2:d8:59:f0:a1:a6:58:
cf:a3:d5:cb:b0:e0:73:7a:45:1d:32:38:8f:85:97:60:c2:0b:
52:a8:eb:42:ab:53:7e:bd:76:41:c5:4e:43:5a:7a:fa:8d:66:
d6:23:98:63:56:35:0e:f4:95:c1:22:56:7c:43:73:f2:ce:30:
c7:79:9e:18:40:8e:3f:96:b3:20:99:23:09:fd:2c:99:d7:e7:
3d:ac:92:ec:93:62:94:17:02:f3:72:c6:44:8c:df:41:8f:13:
c8:5e:98:7f:15:de:cf:4a:53:6c:cd:c9:36:6d:ea:6b:a4:69:
0b:44:c0:cc:74:92:ea:07:9d:4b:22:6a:89:48:92:fa:62:4b:
15:62:d0:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY83gkqQkmTZ2lWksLGAwDCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAyMDQxMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjNmNzQ0NzE4YjRjYWE4MzIyNjNkMzNjOTNmYzBkZGM3NDE0ZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulAlfZdYoY5Htz9LVwCCRmKA6BHM
D45kqwDzY2Y9EpYOrsl3lXWUCSmh7Rdx5Rt/TW7DlteXP6T1ge0ei3pLkvVYO5xf
z2YgtG4jlvfLJ5zg/tVWSBoQzaEf9G1RCBpMBfZN6tBjELgO+KyXwldxdS76OjDu
P8pzSlapO1nFjHMxY8wJ5E64Ro9BnSzDbNUxLj2BfbjKNdv96wFlWwdPiEE+1uS1
dMK6eqzKbd0+Lja3oAjhcUKt0XnCWju+YL2FqxIl20+oS1Nm1IpZSon6tOL/prOy
ka1xIjQb9Bg57WxUHFvbL3bB+53UxB6QBVlUOi9L8nfV+3A0rkfwOi0omQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO8/dEcYtMqoMiY9M8k/wN3HQU5cMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvN3o5MFJ4aTB5cWd5SmowenlUX0EzY2RCVGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAByUF2tLEFkl3G8lZdFy
0IwmtkA226GlqA3VV6onMtptN99wvzBNhDBnaMYTnvNlYxWpIUWw54YiL2jrS/pW
xLTiGBAybRt1PlVen/dXTl+uzy8jJJMbAM+5rbIzYdEC43FRT2rO4L79tpK5PNRf
EGgd5QgftJUMothZ8KGmWM+j1cuw4HN6RR0yOI+Fl2DCC1Ko60KrU369dkHFTkNa
evqNZtYjmGNWNQ70lcEiVnxDc/LOMMd5nhhAjj+WsyCZIwn9LJnX5z2skuyTYpQX
AvNyxkSM30GPE8hemH8V3s9KU2zNyTZt6mukaQtEwMx0kuoHnUsiaolIkvpiSxVi
0MY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org