Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/JrRzwmh_NC1VZEnvb7-0X7dH0tg.roa
File: JrRzwmh_NC1VZEnvb7-0X7dH0tg.roa (raw, json)
Hash identifier: 33wWQIF6tWlstIqDZphK7/E0GP+WGhDTMA1F+H6B5HY=
Subject key identifier: 26:B4:73:C2:68:7F:34:2D:55:64:49:EF:6F:BF:B4:5F:B7:47:D2:D8
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F932063FC19050590917E5F752753374B
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/JrRzwmh_NC1VZEnvb7-0X7dH0tg.roa
Signing time: Sun 19 May 2024 23:12:04 +0000
ROA not before: Sun 19 May 2024 23:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:93:20:63:fc:19:05:05:90:91:7e:5f:75:27:53:37:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 19 23:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26b473c2687f342d556449ef6fbfb45fb747d2d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:03:8f:f4:7b:b2:9a:a0:c7:87:52:2c:0e:41:
d4:12:fe:c0:62:2c:a9:da:d7:bd:3b:53:79:dd:5d:
65:77:70:fd:3d:f8:0a:c4:98:5b:43:fb:d1:16:b4:
c9:54:30:c2:9b:d2:54:e9:4f:06:39:5e:2c:56:15:
d1:66:5f:d3:13:d2:bd:c4:ac:e5:92:43:d1:a0:bf:
77:a6:ee:6a:7a:5d:27:34:cf:4a:35:c2:3b:5c:ad:
6e:2f:9b:de:0d:00:7b:74:ee:39:6d:aa:f4:81:57:
dc:0a:10:30:87:7c:f7:05:a1:b4:63:35:9b:04:7a:
69:ad:48:46:28:dc:81:e7:15:50:ae:4e:3c:ef:2d:
68:63:33:58:10:e5:db:99:8a:0b:51:d7:39:a9:ab:
b5:2b:f9:e7:7f:5d:29:0b:38:e5:ed:f7:04:c1:5d:
1a:1a:a1:a2:d7:f9:ba:1a:17:ab:de:89:4a:60:5e:
42:c8:06:49:b3:9b:61:79:07:10:71:ba:c4:a7:06:
3c:f1:64:7b:34:3d:fd:18:7b:1b:5a:a1:f0:d6:08:
1f:e9:21:6c:28:69:af:05:85:27:54:53:21:a0:7b:
99:d1:6f:e0:57:ec:57:7c:83:cb:a9:8d:a9:8f:d2:
7f:b4:75:89:9f:41:da:20:9c:c2:d5:56:2a:ac:e3:
fe:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B4:73:C2:68:7F:34:2D:55:64:49:EF:6F:BF:B4:5F:B7:47:D2:D8
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/JrRzwmh_NC1VZEnvb7-0X7dH0tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
25:15:33:c9:f2:96:e3:62:6b:4b:66:05:20:36:9e:a7:c6:6b:
2e:a3:97:ea:4d:c8:55:1e:12:24:07:fa:55:09:9d:14:7f:28:
9d:2a:c5:8e:17:aa:0f:e9:e7:09:9c:82:b4:be:14:15:a4:fa:
ca:53:a3:dc:06:2e:f7:ad:9e:d4:78:78:58:55:6d:34:47:7f:
16:7e:c7:b6:a5:69:a9:d6:4a:67:78:49:fa:60:4e:19:2a:9e:
cd:6a:19:1c:24:f0:a9:89:48:7f:6f:98:99:11:63:32:84:a2:
fc:7e:a6:9d:3d:c2:c9:17:11:f3:e3:87:4e:10:0f:ce:2d:ef:
92:22:11:65:2b:12:a2:41:90:22:19:e4:d1:96:f5:1e:d3:40:
23:b5:07:b9:f0:96:48:1a:5e:5e:34:ad:7f:bb:49:f1:47:c6:
71:21:8e:a7:73:e4:d0:e7:9a:db:f6:3b:d4:39:38:fc:65:11:
d3:5b:6a:09:a8:a1:94:56:3f:e6:0b:42:f6:8e:b3:39:e9:a9:
c9:2a:9b:33:d1:44:80:33:ec:ec:aa:90:b6:a3:ad:2d:25:ee:
72:4f:f5:13:5f:3c:27:ec:3a:08:16:be:ab:12:91:6d:55:85:
0d:2b:83:42:fb:0a:4e:c6:3d:fc:7e:3e:99:74:0f:a0:23:2a:
01:da:d5:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+TIGP8GQUFkJF+X3UnUzdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE5MjMxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmI0NzNjMjY4N2YzNDJkNTU2NDQ5ZWY2ZmJmYjQ1ZmI3NDdkMmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAOP9HuymqDHh1IsDkHUEv7AYiyp
2te9O1N53V1ld3D9PfgKxJhbQ/vRFrTJVDDCm9JU6U8GOV4sVhXRZl/TE9K9xKzl
kkPRoL93pu5qel0nNM9KNcI7XK1uL5veDQB7dO45bar0gVfcChAwh3z3BaG0YzWb
BHpprUhGKNyB5xVQrk487y1oYzNYEOXbmYoLUdc5qau1K/nnf10pCzjl7fcEwV0a
GqGi1/m6Gher3olKYF5CyAZJs5theQcQcbrEpwY88WR7ND39GHsbWqHw1ggf6SFs
KGmvBYUnVFMhoHuZ0W/gV+xXfIPLqY2pj9J/tHWJn0HaIJzC1VYqrOP+5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCa0c8JofzQtVWRJ72+/tF+3R9LYMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvSnJSendtaF9OQzFWWkVudmI3LTBYN2RIMHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACUVM8nyluNia0tmBSA2
nqfGay6jl+pNyFUeEiQH+lUJnRR/KJ0qxY4Xqg/p5wmcgrS+FBWk+spTo9wGLvet
ntR4eFhVbTRHfxZ+x7alaanWSmd4SfpgThkqns1qGRwk8KmJSH9vmJkRYzKEovx+
pp09wskXEfPjh04QD84t75IiEWUrEqJBkCIZ5NGW9R7TQCO1B7nwlkgaXl40rX+7
SfFHxnEhjqdz5NDnmtv2O9Q5OPxlEdNbagmooZRWP+YLQvaOsznpqckqmzPRRIAz
7OyqkLajrS0l7nJP9RNfPCfsOggWvqsSkW1VhQ0rg0L7Ck7GPfx+Ppl0D6AjKgHa
1bQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org