Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/JCr3iWv5wMcxPenktdkmQyMmPMs.roa
File: JCr3iWv5wMcxPenktdkmQyMmPMs.roa (raw, json)
Hash identifier: U8Opjaqgj8bdNw63uunlKiO23mKu5TmvXuBPGqaj9z0=
Subject key identifier: 24:2A:F7:89:6B:F9:C0:C7:31:3D:E9:E4:B5:D9:26:43:23:26:3C:CB
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F7393EE2FDE0B069FB246CB20BA5C4FD5
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/JCr3iWv5wMcxPenktdkmQyMmPMs.roa
Signing time: Mon 13 May 2024 20:10:25 +0000
ROA not before: Mon 13 May 2024 20:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:73:93:ee:2f:de:0b:06:9f:b2:46:cb:20:ba:5c:4f:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 13 20:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=242af7896bf9c0c7313de9e4b5d9264323263ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:53:8c:fb:a1:5c:e0:68:94:b4:0e:4e:fd:50:
98:ab:89:53:d4:21:e3:fd:9b:f0:29:97:99:ad:b3:
64:e2:2e:75:b4:ef:af:48:5b:9a:a2:f5:b4:87:84:
40:24:c9:dd:7c:cb:d3:30:d0:7b:bf:20:fe:4f:1b:
89:7f:d8:10:b3:90:57:4c:94:96:2d:65:9b:92:4c:
01:72:ee:2b:58:55:b6:8a:91:55:b6:05:87:ee:dd:
97:bc:4f:c3:db:6c:3f:b6:2b:86:fd:d1:3d:dc:62:
1d:e5:2b:0a:f1:9b:39:37:69:c1:76:c5:93:6d:81:
6d:93:08:41:ae:26:e9:7c:59:2d:5d:fe:20:91:b4:
74:eb:57:2d:69:87:4d:b6:bd:c7:c9:4c:bf:81:76:
00:8a:4b:be:9f:0d:da:ca:cc:91:fe:5a:9a:be:60:
96:af:3d:bc:5e:a0:34:b7:6a:1e:d9:b3:9c:ee:cb:
95:17:a1:91:1d:26:ca:86:ec:7c:6f:fd:55:be:18:
26:f0:5a:82:e4:01:42:5f:31:d5:29:53:91:d2:8d:
e7:a5:00:a3:02:1d:11:e1:c1:d8:f1:bb:eb:d9:c7:
c3:2c:e5:d8:c6:38:63:75:6a:57:97:84:4c:f4:a9:
67:77:38:61:ca:ef:44:92:89:d8:50:44:b6:08:27:
c6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:2A:F7:89:6B:F9:C0:C7:31:3D:E9:E4:B5:D9:26:43:23:26:3C:CB
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/JCr3iWv5wMcxPenktdkmQyMmPMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:14:5b:51:c9:aa:fb:18:3a:1e:99:c7:49:90:fa:e2:8d:ef:
d7:05:86:57:2b:09:1a:c2:b4:2b:72:93:86:a6:bc:c9:9a:97:
05:b9:28:20:a8:ba:2a:bf:a1:6e:62:4f:aa:70:0e:a6:fb:50:
6f:22:e7:12:3c:fe:46:b3:b7:aa:da:15:2c:86:a8:84:56:d6:
01:81:f0:ef:05:25:b7:ac:27:7b:52:01:3a:7b:23:00:ac:7d:
f6:01:d4:78:e2:80:d7:13:28:a2:f1:cd:ca:20:f2:ff:2f:be:
dc:85:56:4a:f5:aa:ac:2a:ea:b4:7d:dc:c6:0a:ec:7a:f2:eb:
ab:78:67:f0:59:f1:ff:72:af:7b:a0:54:47:f9:aa:31:0f:c4:
ae:b7:19:24:96:e0:43:53:bd:eb:e3:9e:9e:4a:f9:b9:0f:a6:
da:aa:a5:de:0a:2e:0b:ca:cf:c6:1d:ff:57:a3:e6:f4:59:49:
24:32:2f:65:58:18:16:e8:ff:f7:a9:a5:8a:15:06:ff:06:df:
51:b2:1a:a2:63:c8:7c:99:56:23:16:d6:44:2a:8c:3f:f4:6e:
f2:9c:5d:5d:72:37:ef:5b:e7:aa:13:73:9b:0c:62:ab:d5:e1:
52:43:26:9b:8c:54:8e:b1:4f:fa:7c:1b:6c:b6:69:9d:ac:f4:
56:24:2e:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9zk+4v3gsGn7JGyyC6XE/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEzMjAxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDJhZjc4OTZiZjljMGM3MzEzZGU5ZTRiNWQ5MjY0MzIzMjYzY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVOM+6Fc4GiUtA5O/VCYq4lT1CHj
/ZvwKZeZrbNk4i51tO+vSFuaovW0h4RAJMndfMvTMNB7vyD+TxuJf9gQs5BXTJSW
LWWbkkwBcu4rWFW2ipFVtgWH7t2XvE/D22w/tiuG/dE93GId5SsK8Zs5N2nBdsWT
bYFtkwhBribpfFktXf4gkbR061ctaYdNtr3HyUy/gXYAiku+nw3aysyR/lqavmCW
rz28XqA0t2oe2bOc7suVF6GRHSbKhux8b/1Vvhgm8FqC5AFCXzHVKVOR0o3npQCj
Ah0R4cHY8bvr2cfDLOXYxjhjdWpXl4RM9Klndzhhyu9EkonYUES2CCfGgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCQq94lr+cDHMT3p5LXZJkMjJjzLMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvSkNyM2lXdjV3TWN4UGVua3Rka21ReU1tUE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGQUW1HJqvsYOh6Zx0mQ
+uKN79cFhlcrCRrCtCtyk4amvMmalwW5KCCouiq/oW5iT6pwDqb7UG8i5xI8/kaz
t6raFSyGqIRW1gGB8O8FJbesJ3tSATp7IwCsffYB1HjigNcTKKLxzcog8v8vvtyF
Vkr1qqwq6rR93MYK7Hry66t4Z/BZ8f9yr3ugVEf5qjEPxK63GSSW4ENTvevjnp5K
+bkPptqqpd4KLgvKz8Yd/1ej5vRZSSQyL2VYGBbo//eppYoVBv8G31GyGqJjyHyZ
ViMW1kQqjD/0bvKcXV1yN+9b56oTc5sMYqvV4VJDJpuMVI6xT/p8G2y2aZ2s9FYk
Lss=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org