Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/NFYchxto3rFRNtp34jOqM1N6iF0.roa
File: NFYchxto3rFRNtp34jOqM1N6iF0.roa (raw, json)
Hash identifier: aEbcle1veURemRTWth0acRcU1wSoK58DmXfdKKfTUXI=
Subject key identifier: 34:56:1C:87:1B:68:DE:B1:51:36:DA:77:E2:33:AA:33:53:7A:88:5D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F86E66F00121D5900240190E67CB370F7
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/NFYchxto3rFRNtp34jOqM1N6iF0.roa
Signing time: Fri 17 May 2024 14:13:19 +0000
ROA not before: Fri 17 May 2024 14:13:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:e6:6f:00:12:1d:59:00:24:01:90:e6:7c:b3:70:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 17 14:13:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34561c871b68deb15136da77e233aa33537a885d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f8:55:9f:95:06:9f:4c:58:51:ab:22:68:89:
b5:d2:52:d0:e1:2e:04:71:ed:c5:b7:d3:08:a0:a9:
e5:91:72:5b:f6:5e:49:88:21:47:c3:c5:bc:e4:a8:
43:13:3e:94:93:61:c3:56:71:3b:1a:f8:c6:6a:a4:
4b:3f:fb:a6:ee:cf:9b:27:2f:41:d6:98:17:9f:98:
66:2a:3d:bf:84:ae:c0:60:35:2f:30:d6:f5:ac:59:
e8:d9:77:8b:5b:7e:51:a2:21:55:c8:cd:02:e4:6d:
cd:9b:cb:83:15:75:af:12:e7:7b:22:ac:72:87:fb:
a3:85:ff:9c:fb:4f:2a:bc:4c:3b:e5:27:62:4f:7b:
96:a5:cd:b3:af:bf:02:c6:9b:06:a9:32:c8:9b:d7:
22:c7:b2:d1:d4:80:fc:fb:2f:66:21:56:10:de:5f:
f2:ae:db:16:44:96:66:cc:58:fb:3c:1b:8d:fe:84:
b6:0a:a5:bf:8a:7a:f8:8d:24:3a:64:94:6a:50:bb:
9e:e0:cd:d3:1f:5f:b2:2d:a7:0f:b8:22:ce:43:db:
41:d7:35:be:c8:51:26:2a:8c:ce:9c:e8:66:aa:32:
2d:2a:71:f6:a2:53:e1:8d:3a:e3:39:87:94:db:7a:
65:ee:98:11:95:69:dd:27:d3:b3:4b:fb:62:b9:9c:
e8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:56:1C:87:1B:68:DE:B1:51:36:DA:77:E2:33:AA:33:53:7A:88:5D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/NFYchxto3rFRNtp34jOqM1N6iF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:d8:c6:a2:d1:b1:70:13:c5:ce:a5:a4:b4:7f:c3:5c:a3:31:
00:31:9b:1e:19:0f:f4:80:e1:89:a1:36:73:d8:6c:ca:6b:dc:
3b:01:d0:f0:d6:98:99:2e:5a:47:5c:dc:ff:42:36:b4:82:3b:
e7:01:69:c5:fb:9d:6e:ba:da:1b:4c:24:99:bd:94:e4:b8:c7:
84:34:ff:4b:a1:f3:d5:38:26:2f:3e:40:85:f8:e6:c3:21:de:
5e:cb:86:ec:c6:17:c8:b4:1e:1f:30:88:dc:9d:40:2c:d6:cb:
c4:25:f3:0c:d8:9b:ec:92:6e:42:04:30:77:d5:a4:8a:59:b0:
c9:2c:ca:75:27:93:61:52:02:d6:c1:af:22:a9:ea:ae:01:92:
cd:ba:d6:2b:2a:bc:a4:4d:37:04:86:72:46:11:9e:7e:a3:9d:
00:15:40:66:bf:fc:44:14:99:8f:d6:73:f9:66:d6:bd:4c:34:
4f:05:d6:99:71:0c:dc:58:a3:bf:2b:ca:70:26:af:f7:c0:53:
57:bb:2a:9c:15:42:bc:34:1b:fa:8e:a6:46:82:5f:21:af:1b:
72:32:79:7d:30:4e:42:95:40:94:9b:84:a8:c8:b1:47:57:f1:
c5:c7:a9:16:f8:ca:06:7a:54:39:8e:1f:82:b4:9a:f3:e1:70:
0b:4b:aa:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+G5m8AEh1ZACQBkOZ8s3D3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE3MTQxMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDU2MWM4NzFiNjhkZWIxNTEzNmRhNzdlMjMzYWEzMzUzN2E4ODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/hVn5UGn0xYUasiaIm10lLQ4S4E
ce3Ft9MIoKnlkXJb9l5JiCFHw8W85KhDEz6Uk2HDVnE7GvjGaqRLP/um7s+bJy9B
1pgXn5hmKj2/hK7AYDUvMNb1rFno2XeLW35RoiFVyM0C5G3Nm8uDFXWvEud7Iqxy
h/ujhf+c+08qvEw75SdiT3uWpc2zr78CxpsGqTLIm9cix7LR1ID8+y9mIVYQ3l/y
rtsWRJZmzFj7PBuN/oS2CqW/inr4jSQ6ZJRqULue4M3TH1+yLacPuCLOQ9tB1zW+
yFEmKozOnOhmqjItKnH2olPhjTrjOYeU23pl7pgRlWndJ9OzS/tiuZzolQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDRWHIcbaN6xUTbad+IzqjNTeohdMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvTkZZY2h4dG8zckZSTnRwMzRqT3FNMU42aUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKjYxqLRsXATxc6lpLR/
w1yjMQAxmx4ZD/SA4YmhNnPYbMpr3DsB0PDWmJkuWkdc3P9CNrSCO+cBacX7nW66
2htMJJm9lOS4x4Q0/0uh89U4Ji8+QIX45sMh3l7LhuzGF8i0Hh8wiNydQCzWy8Ql
8wzYm+ySbkIEMHfVpIpZsMksynUnk2FSAtbBryKp6q4Bks261isqvKRNNwSGckYR
nn6jnQAVQGa//EQUmY/Wc/lm1r1MNE8F1plxDNxYo78rynAmr/fAU1e7KpwVQrw0
G/qOpkaCXyGvG3IyeX0wTkKVQJSbhKjIsUdX8cXHqRb4ygZ6VDmOH4K0mvPhcAtL
qnc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org