Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/9NUu6Gs_WI333sVbvJErkI-LviU.roa
File: 9NUu6Gs_WI333sVbvJErkI-LviU.roa (raw, json)
Hash identifier: Z6LNyQBMVYnZvoDr+ZPIyjVLpSx83T1C8FIdwtcibvE=
Subject key identifier: F4:D5:2E:E8:6B:3F:58:8D:F7:DE:C5:5B:BC:91:2B:90:8F:8B:BE:25
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F408481FC086B0F3886AD9CE4AE89E078
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/9NUu6Gs_WI333sVbvJErkI-LviU.roa
Signing time: Fri 03 May 2024 22:12:56 +0000
ROA not before: Fri 03 May 2024 22:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:40:84:81:fc:08:6b:0f:38:86:ad:9c:e4:ae:89:e0:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 3 22:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4d52ee86b3f588df7dec55bbc912b908f8bbe25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:62:18:02:91:7a:da:4e:be:8f:fc:0d:ee:e4:
80:96:9e:d5:fc:45:1c:dc:27:d4:85:72:f0:3f:98:
f7:f1:7d:14:dd:7b:ec:9c:13:07:a4:a7:52:d3:aa:
9d:93:35:d3:bf:1f:ee:d6:04:c5:ae:46:78:51:f7:
f4:77:6f:c3:ad:ca:1f:e1:c6:fb:7a:b8:00:da:37:
13:4c:1a:27:4e:de:a6:0e:2d:0d:e3:68:42:33:a5:
51:ed:6d:0a:57:09:46:cf:04:2f:62:cf:62:d2:8c:
fa:04:3e:2e:cd:54:52:a0:6c:cb:7b:72:01:16:47:
10:1a:58:54:56:b9:63:00:b6:85:49:13:1a:b4:62:
46:2d:19:f3:bb:be:f6:8e:bf:46:2e:3d:63:0b:ba:
92:fd:4d:12:91:33:61:f7:49:9f:3b:cd:86:52:24:
78:ab:1a:00:84:4f:79:4a:79:4c:df:f1:31:dc:09:
70:aa:a2:5b:45:c6:02:b6:dd:17:79:8c:93:59:8c:
3c:6b:8c:39:54:78:71:30:ae:3d:15:77:a9:ae:07:
0e:dc:d7:39:61:f3:08:d7:51:07:6a:9b:1f:5f:42:
ec:a9:1f:ac:1e:dc:9e:fb:60:3e:13:c1:43:9e:ef:
45:5d:2b:54:50:13:e4:15:1b:37:ab:aa:f2:44:4d:
16:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D5:2E:E8:6B:3F:58:8D:F7:DE:C5:5B:BC:91:2B:90:8F:8B:BE:25
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/9NUu6Gs_WI333sVbvJErkI-LviU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:71:74:97:31:f9:15:f7:1c:5e:6c:98:e2:24:ec:a6:9a:d3:
be:45:31:c2:0f:63:9f:59:e8:18:06:e7:5e:96:d0:92:f5:db:
b8:c8:87:cb:59:e6:65:5a:1b:cf:5d:cd:87:61:e1:46:21:8c:
06:f0:15:e4:85:d3:c3:22:d0:20:94:c3:fa:4b:ea:bd:b5:93:
9e:1d:d6:ff:eb:f4:da:5a:d3:60:cb:d8:f1:6d:2c:b0:f7:58:
a3:f8:86:e5:4e:0e:5a:00:71:e1:ee:fa:b0:1e:77:3c:4a:07:
df:7d:55:66:84:15:04:de:54:04:ed:78:b3:6c:9b:17:84:58:
cc:4b:0c:44:1f:16:70:ec:c6:2d:c5:ad:87:e9:93:3c:41:78:
99:22:7a:65:21:fe:6f:58:8c:42:81:60:f3:32:f2:7b:30:26:
f1:83:b6:d9:fd:e4:79:8e:54:87:36:55:1c:d5:9b:c4:e2:89:
88:02:0b:16:41:db:5a:91:75:63:70:7c:b1:eb:45:1a:bf:1e:
85:93:bf:28:f9:f5:5e:cb:e0:c5:1b:94:3a:06:2a:57:fc:12:
87:c3:87:a8:a2:3c:99:05:3c:4e:9f:0b:0e:4e:3b:01:da:84:
4a:7e:4f:46:ec:2a:db:54:fb:60:ef:8f:5e:d0:37:3f:59:af:
7c:02:fb:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9AhIH8CGsPOIatnOSuieB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAzMjIxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQ1MmVlODZiM2Y1ODhkZjdkZWM1NWJiYzkxMmI5MDhmOGJiZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWIYApF62k6+j/wN7uSAlp7V/EUc
3CfUhXLwP5j38X0U3XvsnBMHpKdS06qdkzXTvx/u1gTFrkZ4Uff0d2/Drcof4cb7
ergA2jcTTBonTt6mDi0N42hCM6VR7W0KVwlGzwQvYs9i0oz6BD4uzVRSoGzLe3IB
FkcQGlhUVrljALaFSRMatGJGLRnzu772jr9GLj1jC7qS/U0SkTNh90mfO82GUiR4
qxoAhE95SnlM3/Ex3AlwqqJbRcYCtt0XeYyTWYw8a4w5VHhxMK49FXeprgcO3Nc5
YfMI11EHapsfX0LsqR+sHtye+2A+E8FDnu9FXStUUBPkFRs3q6ryRE0WmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPTVLuhrP1iN997FW7yRK5CPi74lMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvOU5VdTZHc19XSTMzM3NWYnZKRXJrSS1MdmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFNxdJcx+RX3HF5smOIk
7Kaa075FMcIPY59Z6BgG516W0JL127jIh8tZ5mVaG89dzYdh4UYhjAbwFeSF08Mi
0CCUw/pL6r21k54d1v/r9Npa02DL2PFtLLD3WKP4huVODloAceHu+rAedzxKB999
VWaEFQTeVATteLNsmxeEWMxLDEQfFnDsxi3FrYfpkzxBeJkiemUh/m9YjEKBYPMy
8nswJvGDttn95HmOVIc2VRzVm8TiiYgCCxZB21qRdWNwfLHrRRq/HoWTvyj59V7L
4MUblDoGKlf8EofDh6iiPJkFPE6fCw5OOwHahEp+T0bsKttU+2Dvj17QNz9Zr3wC
+1A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org