Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/G5s_Yx4z0FrRQqEESeO_urAgzG0.roa
File: G5s_Yx4z0FrRQqEESeO_urAgzG0.roa (raw, json)
Hash identifier: RpHLbHUCIvsC87Ca5FNsaYBozpwtvoV2sZa3VNjf0qA=
Subject key identifier: 1B:9B:3F:63:1E:33:D0:5A:D1:42:A1:04:49:E3:BF:BA:B0:20:CC:6D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9845D6323CA6850189404618E2960C9C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/G5s_Yx4z0FrRQqEESeO_urAgzG0.roa
Signing time: Mon 20 May 2024 23:11:04 +0000
ROA not before: Mon 20 May 2024 23:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:98:45:d6:32:3c:a6:85:01:89:40:46:18:e2:96:0c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 20 23:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b9b3f631e33d05ad142a10449e3bfbab020cc6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:60:29:d5:c4:5f:f1:78:7f:18:6a:2e:d8:ec:
3f:4a:b8:33:16:ce:8c:d2:3d:ec:d7:6d:82:b7:0f:
e7:0f:13:34:ae:4f:ee:04:58:27:e0:b1:81:e8:54:
33:3d:fe:53:62:8a:b4:14:82:2e:6f:75:8e:3a:85:
80:78:f2:61:a0:1f:9b:e4:cd:c0:01:64:1b:54:6a:
38:1e:34:dc:24:b2:d5:95:0e:6d:31:16:ba:60:61:
0e:64:ba:45:d6:e2:96:32:d0:86:c0:dc:25:95:d3:
6d:95:21:85:d1:7b:14:cb:c4:d4:53:12:ae:e1:87:
37:48:b3:5c:54:49:8c:bf:ff:34:ba:dc:b3:89:0d:
49:79:47:b5:3f:35:fd:6f:3e:23:e0:34:6f:89:95:
da:ff:d4:1b:b3:6f:d0:60:d7:e2:5a:60:92:39:c5:
30:2c:02:b1:25:aa:bc:7f:e4:38:42:3f:cd:c9:e2:
60:22:1e:e9:41:da:f7:69:c9:f4:d0:db:96:c9:76:
7a:c6:ed:d6:e7:a5:c6:2e:cf:47:a0:69:b3:8c:8b:
c1:d2:91:f6:4e:8c:90:70:59:7d:26:cf:bd:f9:5f:
28:56:3f:8f:30:1a:ac:15:17:e0:8b:9b:48:52:4a:
85:b9:48:8f:83:73:19:fb:e7:f9:d7:ed:bf:1b:17:
6d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:9B:3F:63:1E:33:D0:5A:D1:42:A1:04:49:E3:BF:BA:B0:20:CC:6D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/G5s_Yx4z0FrRQqEESeO_urAgzG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:8d:bd:02:1e:83:56:30:db:d4:c0:9a:c3:dc:2f:19:1e:0b:
45:fc:06:04:30:59:03:6c:8e:75:2e:66:e9:e5:c9:89:82:6d:
ee:44:3c:fa:44:8d:f5:b2:2a:db:67:e8:4c:b4:8b:3e:6d:4a:
ca:ef:0d:2f:b4:83:25:3b:0b:7a:2b:62:8d:81:42:ef:1c:14:
76:2c:f2:6b:33:fd:26:0f:bd:72:5c:c2:e4:e5:35:8f:f5:a1:
3f:2f:68:d0:9f:fa:78:d7:d6:11:26:c9:51:ae:74:41:32:f8:
d5:1c:77:42:80:99:35:2a:05:32:8b:59:98:b2:40:83:33:2d:
07:46:6b:2f:46:f7:52:13:a6:f9:23:48:dd:d8:35:e7:c1:c7:
99:ad:d0:60:42:e2:6c:aa:9c:bc:20:42:e9:df:56:81:2b:fd:
15:42:9b:91:52:5a:04:f9:b5:ca:95:91:b9:38:d4:1e:a5:74:
b2:ed:b7:62:d1:b6:c6:59:88:33:74:16:91:87:b1:a3:8b:b7:
8d:3e:92:95:8d:4a:b0:6d:6b:0d:99:50:92:5c:b9:0d:b5:68:
35:c9:00:71:1b:b3:16:3c:f9:f2:65:4a:80:05:c4:f6:15:15:
77:23:3b:ab:e0:cb:b3:86:31:84:aa:34:74:ca:99:db:2b:1f:
a5:79:16:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+YRdYyPKaFAYlARhjilgycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIwMjMxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjliM2Y2MzFlMzNkMDVhZDE0MmExMDQ0OWUzYmZiYWIwMjBjYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2Ap1cRf8Xh/GGou2Ow/SrgzFs6M
0j3s122Ctw/nDxM0rk/uBFgn4LGB6FQzPf5TYoq0FIIub3WOOoWAePJhoB+b5M3A
AWQbVGo4HjTcJLLVlQ5tMRa6YGEOZLpF1uKWMtCGwNwlldNtlSGF0XsUy8TUUxKu
4Yc3SLNcVEmMv/80utyziQ1JeUe1PzX9bz4j4DRviZXa/9Qbs2/QYNfiWmCSOcUw
LAKxJaq8f+Q4Qj/NyeJgIh7pQdr3acn00NuWyXZ6xu3W56XGLs9HoGmzjIvB0pH2
ToyQcFl9Js+9+V8oVj+PMBqsFRfgi5tIUkqFuUiPg3MZ++f51+2/GxdtmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBubP2MeM9Ba0UKhBEnjv7qwIMxtMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvRzVzX1l4NHowRnJSUXFFRVNlT191ckFnekcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHSNvQIeg1Yw29TAmsPc
LxkeC0X8BgQwWQNsjnUuZunlyYmCbe5EPPpEjfWyKttn6Ey0iz5tSsrvDS+0gyU7
C3orYo2BQu8cFHYs8msz/SYPvXJcwuTlNY/1oT8vaNCf+njX1hEmyVGudEEy+NUc
d0KAmTUqBTKLWZiyQIMzLQdGay9G91ITpvkjSN3YNefBx5mt0GBC4myqnLwgQunf
VoEr/RVCm5FSWgT5tcqVkbk41B6ldLLtt2LRtsZZiDN0FpGHsaOLt40+kpWNSrBt
aw2ZUJJcuQ21aDXJAHEbsxY8+fJlSoAFxPYVFXcjO6vgy7OGMYSqNHTKmdsrH6V5
FgQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org