Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/NYJYDfGOHGm-vO_XFeBu8slaLiI.roa
File: NYJYDfGOHGm-vO_XFeBu8slaLiI.roa (raw, json)
Hash identifier: PN5R+ukl8HFfcd/SP5RuGUlHy5kIXWI9rfGGewm6dVs=
Subject key identifier: 35:82:58:0D:F1:8E:1C:69:BE:BC:EF:D7:15:E0:6E:F2:C9:5A:2E:22
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F4BE2F809E1449197D44BECE59400102C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/NYJYDfGOHGm-vO_XFeBu8slaLiI.roa
Signing time: Mon 06 May 2024 03:11:56 +0000
ROA not before: Mon 06 May 2024 03:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4b:e2:f8:09:e1:44:91:97:d4:4b:ec:e5:94:00:10:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 6 03:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3582580df18e1c69bebcefd715e06ef2c95a2e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e4:44:90:ef:05:1c:02:a1:df:b4:42:fe:7a:
8e:de:4e:b0:3e:aa:22:0b:9f:3b:7a:9f:94:80:ce:
34:57:2a:1a:14:ba:a2:6a:66:1b:11:5f:aa:a1:42:
9b:51:ad:04:87:d4:86:2b:98:00:d9:af:cb:fc:59:
ce:28:db:55:bb:6d:b0:22:28:d4:af:2f:f3:f0:cf:
c3:6b:61:47:10:a2:c6:86:43:3a:df:e6:fa:13:63:
66:ae:0c:b8:d6:0b:87:5a:1f:75:c9:94:7c:c3:3a:
31:3a:5f:b1:5e:9a:dd:ab:23:c6:02:73:54:9b:86:
c0:ea:69:ed:a5:61:7c:74:cd:1b:6b:e4:5e:6e:53:
1c:ef:9f:b5:f2:80:d4:cf:a7:f5:9d:8b:71:59:8f:
1c:32:4c:6f:8a:5a:c6:9a:de:97:c3:02:e9:a0:11:
3e:0e:c5:96:c7:99:1b:60:ae:02:92:a0:de:4d:18:
8d:f1:bc:36:6b:23:ca:8a:96:e1:c0:53:66:4b:3e:
2c:bf:2d:d5:9c:c1:65:f0:06:d3:31:14:a4:12:5c:
7f:61:47:54:cf:78:fe:35:2a:d6:31:f9:ad:4a:14:
f8:7d:a7:f8:0f:68:1e:22:c1:aa:f9:8a:5c:c2:22:
5a:5d:67:7a:be:4a:fe:61:e6:ae:58:fb:7c:7c:15:
ab:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:82:58:0D:F1:8E:1C:69:BE:BC:EF:D7:15:E0:6E:F2:C9:5A:2E:22
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/NYJYDfGOHGm-vO_XFeBu8slaLiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d0:2b:a1:bb:96:3c:a3:cb:54:30:ad:bd:d9:29:85:be:50:6f:
51:55:81:d4:69:fa:65:ee:2e:74:62:d5:4d:0e:35:88:0c:d3:
c2:49:1e:c9:03:e2:03:0d:62:cf:d1:c0:f9:b5:8e:67:8f:7b:
99:4d:93:6f:f2:41:86:a7:02:a1:db:b4:47:20:88:3f:bd:85:
c2:8b:1e:d9:53:21:75:7d:09:b6:c9:e8:94:a5:81:1a:1a:8b:
17:5a:d3:50:7b:9f:b3:24:c1:2f:1a:d8:f5:05:e1:3c:d9:85:
60:27:23:4e:58:0d:0e:07:09:54:d0:40:fe:b9:01:df:a6:37:
e9:58:da:80:b0:a0:c2:b9:b3:70:5f:46:21:46:af:fc:5e:10:
ec:81:36:f4:0a:36:08:32:e2:9e:37:f0:64:3a:6a:3a:ff:f2:
98:a8:7e:80:5e:e9:ac:d9:75:d8:44:65:ec:36:75:44:1c:1e:
5c:98:76:aa:f3:36:1b:7a:54:7f:b2:e8:7b:40:15:34:48:39:
4d:74:2a:33:26:e5:dd:58:06:47:e4:08:6e:24:3d:d2:38:4c:
22:48:3b:62:31:1d:97:8b:0f:00:3e:6a:ce:f5:80:b1:90:a9:
d3:eb:0d:86:17:9b:97:34:bd:3f:bb:9d:63:38:86:c4:73:98:
0f:24:30:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9L4vgJ4USRl9RL7OWUABAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA2MDMxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTgyNTgwZGYxOGUxYzY5YmViY2VmZDcxNWUwNmVmMmM5NWEyZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uREkO8FHAKh37RC/nqO3k6wPqoi
C587ep+UgM40VyoaFLqiamYbEV+qoUKbUa0Eh9SGK5gA2a/L/FnOKNtVu22wIijU
ry/z8M/Da2FHEKLGhkM63+b6E2Nmrgy41guHWh91yZR8wzoxOl+xXprdqyPGAnNU
m4bA6mntpWF8dM0ba+ReblMc75+18oDUz6f1nYtxWY8cMkxvilrGmt6XwwLpoBE+
DsWWx5kbYK4CkqDeTRiN8bw2ayPKipbhwFNmSz4svy3VnMFl8AbTMRSkElx/YUdU
z3j+NSrWMfmtShT4faf4D2geIsGq+YpcwiJaXWd6vkr+YeauWPt8fBWrDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDWCWA3xjhxpvrzv1xXgbvLJWi4iMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvTllKWURmR09IR20tdk9fWEZlQnU4c2xhTGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANArobuWPKPLVDCtvdkp
hb5Qb1FVgdRp+mXuLnRi1U0ONYgM08JJHskD4gMNYs/RwPm1jmePe5lNk2/yQYan
AqHbtEcgiD+9hcKLHtlTIXV9CbbJ6JSlgRoaixda01B7n7MkwS8a2PUF4TzZhWAn
I05YDQ4HCVTQQP65Ad+mN+lY2oCwoMK5s3BfRiFGr/xeEOyBNvQKNggy4p438GQ6
ajr/8piofoBe6azZddhEZew2dUQcHlyYdqrzNht6VH+y6HtAFTRIOU10KjMm5d1Y
BkfkCG4kPdI4TCJIO2IxHZeLDwA+as71gLGQqdPrDYYXm5c0vT+7nWM4hsRzmA8k
MFc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org