Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/9hQy3KqxzNBcQ5tVtVI2mwO7V40.roa
File: 9hQy3KqxzNBcQ5tVtVI2mwO7V40.roa (raw, json)
Hash identifier: OKTRKwjwk0dfGRuim67cXAM0ggL6c00sZL6+rD5TIVI=
Subject key identifier: F6:14:32:DC:AA:B1:CC:D0:5C:43:9B:55:B5:52:36:9B:03:BB:57:8D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F10A39B821E51C0C5EBEC9ADD26C50660
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/9hQy3KqxzNBcQ5tVtVI2mwO7V40.roa
Signing time: Wed 24 Apr 2024 15:05:08 +0000
ROA not before: Wed 24 Apr 2024 15:05:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:10a2:bd02/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:a3:9b:82:1e:51:c0:c5:eb:ec:9a:dd:26:c5:06:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 24 15:05:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f61432dcaab1ccd05c439b55b552369b03bb578d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ef:e9:1c:96:6e:28:16:56:fa:ae:0f:1e:14:
2f:f7:77:7d:4d:de:8c:50:e6:bf:95:a1:0d:1f:4f:
d7:8b:48:cb:ff:57:2d:de:72:78:68:0f:04:70:93:
8e:de:3d:18:31:33:92:fe:1b:7a:77:1a:c5:ff:1b:
7f:6d:ef:0b:74:a3:9f:bb:a2:09:34:1f:9a:bf:2c:
7f:0d:a1:d1:c5:ab:06:9d:2e:2c:3e:0f:97:94:83:
66:ec:7d:74:0a:f2:98:8d:7d:80:d0:e4:0f:97:e6:
7f:e5:a9:48:17:2f:e0:77:78:4c:c9:c4:cb:2c:cf:
39:74:1a:ac:c4:de:36:6e:8c:5f:01:99:1b:9a:03:
94:9d:0d:5e:c6:93:06:0e:13:8f:5c:f7:ff:29:fe:
83:96:f9:56:4f:a6:d3:8e:3d:2b:3e:77:1d:77:0f:
ad:46:34:2f:36:3c:2d:94:4f:76:0f:3d:cb:a1:92:
87:83:92:2d:70:e5:a1:67:7c:cc:ba:48:7e:81:17:
9b:b0:20:81:8b:f7:d3:5f:4e:fc:bf:18:df:90:54:
b2:f3:c0:4d:fa:d7:16:22:c2:b9:81:00:3a:f7:93:
7f:b0:f2:c8:12:56:52:a3:12:e1:17:aa:92:c7:b2:
c6:93:9c:22:58:14:50:ce:ce:3c:d7:a6:63:14:83:
66:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:14:32:DC:AA:B1:CC:D0:5C:43:9B:55:B5:52:36:9B:03:BB:57:8D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/9hQy3KqxzNBcQ5tVtVI2mwO7V40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
2001:67c:64:ffff:0:18f:10a2:bd02/128
Signature Algorithm: sha256WithRSAEncryption
22:c5:34:8c:54:2d:fe:87:8e:86:6a:47:bc:be:f7:89:d7:b7:
af:83:93:95:bb:e7:dd:e1:6a:c3:5f:0e:b3:24:14:f6:87:9d:
9a:db:2f:aa:e3:73:b7:3c:46:ed:5f:fa:b6:ca:40:6f:98:37:
75:4f:c5:fa:01:99:3c:78:f0:7a:f2:f3:e5:af:bd:9f:a3:20:
1e:2e:e0:fb:b1:16:a2:d7:88:fe:82:9d:85:18:8d:b4:98:f7:
ad:6b:db:c0:63:0c:32:38:f4:17:e4:6c:10:08:1d:4f:a2:0f:
06:25:84:32:a3:a2:77:aa:50:db:2b:7f:2a:b1:df:f8:a3:c1:
84:04:f5:a5:48:db:d0:55:1b:78:66:9d:e4:2f:a0:16:e4:11:
a0:34:82:41:c4:46:15:87:ea:be:db:88:b0:3c:01:48:08:48:
93:fb:4a:45:e7:f8:7c:2e:9a:19:19:d5:9c:0b:7e:8c:06:b6:
1b:b6:e2:41:27:ac:84:b9:55:23:38:17:45:e2:e6:83:60:06:
4c:15:17:17:b3:9a:ad:65:95:08:30:33:83:23:10:1e:82:ba:
20:1a:cf:a6:02:12:f5:35:d4:f6:8f:cc:b6:e5:6c:8f:aa:6d:
78:1f:01:dd:fa:58:6a:8e:7d:97:8b:26:39:0b:54:fa:0c:22:
2f:f3:9a:a3
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY8Qo5uCHlHAxevsmt0mxQZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI0MTUwNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjE0MzJkY2FhYjFjY2QwNWM0MzliNTViNTUyMzY5YjAzYmI1NzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO/pHJZuKBZW+q4PHhQv93d9Td6M
UOa/laENH0/Xi0jL/1ct3nJ4aA8EcJOO3j0YMTOS/ht6dxrF/xt/be8LdKOfu6IJ
NB+avyx/DaHRxasGnS4sPg+XlINm7H10CvKYjX2A0OQPl+Z/5alIFy/gd3hMycTL
LM85dBqsxN42boxfAZkbmgOUnQ1expMGDhOPXPf/Kf6DlvlWT6bTjj0rPncddw+t
RjQvNjwtlE92Dz3LoZKHg5ItcOWhZ3zMukh+gRebsCCBi/fTX078vxjfkFSy88BN
+tcWIsK5gQA695N/sPLIElZSoxLhF6qSx7LGk5wiWBRQzs4816ZjFINmQwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPYUMtyqsczQXEObVbVSNpsDu1eNMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvOWhReTNLcXh6TkJjUTV0VnRWSTJtd083VjQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAMBAIAATAGAwQDwQAYMCwE
AgACMCYDEQAgAQZ8AGT//wAAAY8FQ55BAxEAIAEGfABk//8AAAGPEKK9AjANBgkq
hkiG9w0BAQsFAAOCAQEAIsU0jFQt/oeOhmpHvL73ide3r4OTlbvn3eFqw18OsyQU
9oedmtsvquNztzxG7V/6tspAb5g3dU/F+gGZPHjwevLz5a+9n6MgHi7g+7EWoteI
/oKdhRiNtJj3rWvbwGMMMjj0F+RsEAgdT6IPBiWEMqOid6pQ2yt/KrHf+KPBhAT1
pUjb0FUbeGad5C+gFuQRoDSCQcRGFYfqvtuIsDwBSAhIk/tKRef4fC6aGRnVnAt+
jAa2G7biQSeshLlVIzgXReLmg2AGTBUXF7OarWWVCDAzgyMQHoK6IBrPpgIS9TXU
9o/MtuVsj6pteB8B3fpYao59l4smOQtU+gwiL/Oaow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org