Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/CQe4ryGy0Ij5c1T9TIK5CI3MGg8.roa
File: CQe4ryGy0Ij5c1T9TIK5CI3MGg8.roa (raw, json)
Hash identifier: V16nWfbbBmA+4ozIharsQndIiYuCE4EmeTlnFouujRA=
Subject key identifier: 09:07:B8:AF:21:B2:D0:88:F9:73:54:FD:4C:82:B9:08:8D:CC:1A:0F
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F841B2CF3A730E6C30C1EAC7C9DDFF4E3
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/CQe4ryGy0Ij5c1T9TIK5CI3MGg8.roa
Signing time: Fri 17 May 2024 01:12:04 +0000
ROA not before: Fri 17 May 2024 01:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:84:1b:2c:f3:a7:30:e6:c3:0c:1e:ac:7c:9d:df:f4:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 17 01:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0907b8af21b2d088f97354fd4c82b9088dcc1a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:65:f8:b4:46:65:8c:a6:8e:60:99:6a:2e:85:
ba:83:ab:fe:4e:e5:6a:1d:c8:c1:c7:2a:dc:48:3f:
a8:30:a4:90:f8:07:dc:79:78:68:b1:42:a9:a4:22:
af:d8:d4:47:eb:a9:ba:21:51:b3:26:86:2b:d8:ee:
fc:4b:28:80:e7:3a:db:47:65:3e:40:20:ad:ec:7f:
d9:60:f7:3e:d7:73:8d:c3:a0:bb:b8:6f:c2:23:dc:
b9:29:de:f5:d7:60:33:2b:b0:c4:4a:a2:1c:20:58:
fb:39:bb:94:0b:bc:c9:e1:5b:45:61:b8:23:a8:40:
f3:d0:3f:ec:f6:f6:f4:00:c9:53:c2:06:ad:76:bb:
0e:2e:51:33:1c:3f:17:15:44:e8:4a:f9:14:37:d3:
e2:a7:81:38:fb:2f:8b:b4:aa:e8:e3:b1:58:06:6a:
5e:bd:01:43:7e:aa:4c:fb:89:06:9d:e9:66:7f:31:
24:cf:c4:ec:af:d6:65:ae:f5:a8:f4:09:7f:81:7c:
e6:fb:c1:67:81:78:5a:df:45:c9:61:ee:54:42:7b:
70:51:40:ab:d4:f0:b6:b6:b6:91:36:ac:8d:ea:0e:
1d:06:ad:45:ad:aa:3e:b6:7e:e4:32:e9:ca:7d:bf:
6e:09:67:3e:14:c2:76:8d:03:96:3b:90:b9:fa:44:
aa:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:07:B8:AF:21:B2:D0:88:F9:73:54:FD:4C:82:B9:08:8D:CC:1A:0F
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/CQe4ryGy0Ij5c1T9TIK5CI3MGg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:28:d2:e0:eb:c2:dc:8f:d7:87:d3:bf:ef:8f:4a:8b:fb:18:
ba:88:82:5d:85:bf:5a:40:2e:5c:ee:3b:3d:3c:78:79:67:c6:
c1:97:c5:dc:e8:d6:f6:0f:1d:b1:2b:29:76:5d:95:05:4d:ff:
79:4b:06:49:e3:a3:3a:61:0a:da:de:cd:e5:86:62:05:66:1f:
e8:c8:6f:b5:7c:c5:6a:21:90:03:fa:af:19:65:ef:23:2c:a1:
aa:6f:b7:2a:d4:1f:53:0d:66:5b:6c:7d:2d:63:6d:19:e6:7c:
e5:12:42:ec:6e:9a:f9:bd:68:05:52:a1:61:b2:83:36:fd:fe:
4f:ff:4a:4a:df:fe:3e:35:b1:51:70:b9:73:0e:53:8d:0c:19:
ed:d4:f3:fe:a2:b3:a4:01:1f:c5:31:fa:28:b7:f5:5a:56:e4:
65:2d:65:65:4e:cd:d3:be:ca:ad:12:50:94:51:4e:f5:03:04:
81:e9:83:98:31:cf:26:2f:d7:c4:26:b2:be:2a:52:e9:30:52:
89:57:06:a9:1f:45:4e:0e:dd:2a:24:e6:6f:61:94:78:5a:cb:
46:c2:50:36:7e:cb:b0:57:77:d6:1c:e6:d3:31:e0:f8:89:ef:
72:72:3a:4b:68:d8:b0:80:82:91:1e:b6:aa:94:ae:1c:6b:f8:
52:16:63:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+EGyzzpzDmwwwerHyd3/TjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE3MDExMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA3YjhhZjIxYjJkMDg4Zjk3MzU0ZmQ0YzgyYjkwODhkY2MxYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWX4tEZljKaOYJlqLoW6g6v+TuVq
HcjBxyrcSD+oMKSQ+AfceXhosUKppCKv2NRH66m6IVGzJoYr2O78SyiA5zrbR2U+
QCCt7H/ZYPc+13ONw6C7uG/CI9y5Kd7112AzK7DESqIcIFj7ObuUC7zJ4VtFYbgj
qEDz0D/s9vb0AMlTwgatdrsOLlEzHD8XFUToSvkUN9Pip4E4+y+LtKro47FYBmpe
vQFDfqpM+4kGnelmfzEkz8Tsr9ZlrvWo9Al/gXzm+8FngXha30XJYe5UQntwUUCr
1PC2traRNqyN6g4dBq1Frao+tn7kMunKfb9uCWc+FMJ2jQOWO5C5+kSqFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAkHuK8hstCI+XNU/UyCuQiNzBoPMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvQ1FlNHJ5R3kwSWo1YzFUOVRJSzVDSTNNR2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAIo0uDrwtyP14fTv++P
Sov7GLqIgl2Fv1pALlzuOz08eHlnxsGXxdzo1vYPHbErKXZdlQVN/3lLBknjozph
CtrezeWGYgVmH+jIb7V8xWohkAP6rxll7yMsoapvtyrUH1MNZltsfS1jbRnmfOUS
Quxumvm9aAVSoWGygzb9/k//Skrf/j41sVFwuXMOU40MGe3U8/6is6QBH8Ux+ii3
9VpW5GUtZWVOzdO+yq0SUJRRTvUDBIHpg5gxzyYv18Qmsr4qUukwUolXBqkfRU4O
3Sok5m9hlHhay0bCUDZ+y7BXd9Yc5tMx4PiJ73JyOkto2LCAgpEetqqUrhxr+FIW
Y2Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org