Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/DzvSIP7kQvHCLacPHJ-MLZ7zoFM.roa
File: DzvSIP7kQvHCLacPHJ-MLZ7zoFM.roa (raw, json)
Hash identifier: ISQ9WAWfEvwjsu4lrEbl2Aurti+d4QMCNkNQz+O4QzI=
Subject key identifier: 0F:3B:D2:20:FE:E4:42:F1:C2:2D:A7:0F:1C:9F:8C:2D:9E:F3:A0:53
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F6FE913B807A568935683ADD347DEBF8C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/DzvSIP7kQvHCLacPHJ-MLZ7zoFM.roa
Signing time: Mon 13 May 2024 03:04:56 +0000
ROA not before: Mon 13 May 2024 03:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:6fe8:eacf/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6f:e9:13:b8:07:a5:68:93:56:83:ad:d3:47:de:bf:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 13 03:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f3bd220fee442f1c22da70f1c9f8c2d9ef3a053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:16:b6:68:d6:cc:cb:c1:02:19:ba:1b:3e:bb:
73:7e:46:6f:b2:3d:d3:02:88:fb:c1:ca:2a:63:ed:
dd:f1:eb:bb:99:53:06:52:0c:48:a9:8d:d1:28:dc:
a0:9c:1c:d1:54:65:7d:a2:50:7f:0a:f9:09:cb:94:
e0:b4:78:57:35:8b:7f:ad:a9:60:e8:50:d0:85:6f:
33:99:8e:be:af:4f:2f:50:8b:8e:ed:8e:3d:c7:ce:
67:b9:8a:2e:60:cb:73:38:dc:70:01:31:f1:4e:6c:
38:a9:ab:a2:3e:b0:91:85:56:12:59:ff:63:d3:e4:
76:dc:b9:3a:1f:9f:b5:d4:80:61:7d:82:ca:3d:70:
04:36:86:59:66:2c:04:5e:50:fc:57:25:eb:b5:e9:
b7:b6:ba:ff:46:9a:67:7a:52:b1:ce:4f:90:a6:ed:
6a:49:95:7f:b1:f7:5a:c6:8c:cb:c1:64:69:68:9b:
b8:93:37:b8:12:1e:76:07:05:4b:a3:00:e1:f9:50:
b2:c4:38:d0:7f:0a:bc:df:87:f9:5c:7a:38:49:42:
a1:76:0f:ad:1a:5e:33:05:ac:74:97:a2:09:00:67:
0d:a3:7d:ed:1e:cf:0f:45:d1:7e:16:82:d3:48:58:
bb:01:ed:82:0a:95:a2:e5:5b:d6:05:52:76:ac:a8:
f2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3B:D2:20:FE:E4:42:F1:C2:2D:A7:0F:1C:9F:8C:2D:9E:F3:A0:53
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/DzvSIP7kQvHCLacPHJ-MLZ7zoFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:23:b6:03:27:05:8c:cd:f4:c2:4a:bd:e0:f6:37:96:13:df:
7d:29:0c:ea:eb:fe:62:1e:ea:87:89:d9:8e:e0:d5:47:99:8f:
fa:00:85:cc:46:38:ed:e3:ac:39:77:20:8b:8a:46:07:05:b7:
9f:ec:d3:d9:3d:8e:37:78:38:fe:fa:73:63:18:f3:2d:05:7a:
a5:81:3b:2a:ce:7a:1a:dd:4f:1f:40:d6:83:d5:74:2b:d4:40:
61:6f:5f:05:d4:7d:c8:d0:0a:2a:32:2e:e7:1a:da:be:49:d8:
fd:f9:e0:11:65:11:63:f8:63:81:87:89:6a:60:a0:34:d3:7f:
dd:4f:bf:da:f6:c7:d2:fd:b3:14:a0:64:78:8c:26:10:3c:33:
ea:e6:52:32:32:3a:6e:a6:b5:1c:47:6b:a7:2a:3e:83:5a:4e:
41:1f:bd:12:d8:6c:5b:d4:d2:2b:46:a1:83:ed:bc:8c:19:54:
95:5e:df:b4:88:72:a4:4f:0c:a1:8e:f5:dd:c3:63:e1:e0:73:
b0:31:5f:55:fa:6a:c5:db:33:31:c0:e0:18:79:a1:a7:7c:91:
84:79:19:17:1d:b4:72:00:99:5e:c5:1d:42:f3:ca:95:ae:b5:
6d:76:f9:ca:7f:33:b2:f4:97:bc:bc:90:9f:40:29:5c:b9:c2:
07:5a:18:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9v6RO4B6Vok1aDrdNH3r+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEzMDMwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjNiZDIyMGZlZTQ0MmYxYzIyZGE3MGYxYzlmOGMyZDllZjNhMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxa2aNbMy8ECGbobPrtzfkZvsj3T
Aoj7wcoqY+3d8eu7mVMGUgxIqY3RKNygnBzRVGV9olB/CvkJy5TgtHhXNYt/ralg
6FDQhW8zmY6+r08vUIuO7Y49x85nuYouYMtzONxwATHxTmw4qauiPrCRhVYSWf9j
0+R23Lk6H5+11IBhfYLKPXAENoZZZiwEXlD8VyXrtem3trr/RppnelKxzk+Qpu1q
SZV/sfdaxozLwWRpaJu4kze4Eh52BwVLowDh+VCyxDjQfwq834f5XHo4SUKhdg+t
Gl4zBax0l6IJAGcNo33tHs8PRdF+FoLTSFi7Ae2CCpWi5VvWBVJ2rKjy3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA870iD+5ELxwi2nDxyfjC2e86BTMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvRHp2U0lQN2tRdkhDTGFjUEhKLU1MWjd6b0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEEjtgMnBYzN9MJKveD2
N5YT330pDOrr/mIe6oeJ2Y7g1UeZj/oAhcxGOO3jrDl3IIuKRgcFt5/s09k9jjd4
OP76c2MY8y0FeqWBOyrOehrdTx9A1oPVdCvUQGFvXwXUfcjQCioyLuca2r5J2P35
4BFlEWP4Y4GHiWpgoDTTf91Pv9r2x9L9sxSgZHiMJhA8M+rmUjIyOm6mtRxHa6cq
PoNaTkEfvRLYbFvU0itGoYPtvIwZVJVe37SIcqRPDKGO9d3DY+Hgc7AxX1X6asXb
MzHA4Bh5oad8kYR5GRcdtHIAmV7FHULzypWutW12+cp/M7L0l7y8kJ9AKVy5wgda
GFM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org