Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/PYZSbJuzoHXFosuU2HHNht1vYY4.roa
File: PYZSbJuzoHXFosuU2HHNht1vYY4.roa (raw, json)
Hash identifier: uTfC0883/ic96Af13OkO75zM9DHM3ihkh0Zf8jgdPSM=
Subject key identifier: 3D:86:52:6C:9B:B3:A0:75:C5:A2:CB:94:D8:71:CD:86:DD:6F:61:8E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F13055A32B5C1FED4CC88F4A0F3F8A0CC
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/PYZSbJuzoHXFosuU2HHNht1vYY4.roa
Signing time: Thu 25 Apr 2024 02:11:08 +0000
ROA not before: Thu 25 Apr 2024 02:11:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:13:05:5a:32:b5:c1:fe:d4:cc:88:f4:a0:f3:f8:a0:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 25 02:11:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d86526c9bb3a075c5a2cb94d871cd86dd6f618e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a5:ec:9f:bf:88:27:97:2a:bc:30:c1:05:e0:
cc:69:ae:e5:e1:28:94:7d:97:29:5e:5a:1a:f9:54:
8f:4f:57:a7:5e:0b:6c:8c:2b:c5:f0:27:33:3e:2d:
5f:33:6b:94:aa:6d:44:f0:9c:c9:db:50:5b:65:7f:
a1:fd:e1:f2:fb:c5:b5:44:29:ca:22:c1:80:78:55:
a5:9c:86:e9:36:8f:b7:24:0e:0f:e9:06:a7:08:5e:
04:8b:75:da:e1:a2:51:5b:24:5e:b1:6e:62:2e:bb:
fe:7a:25:8d:69:b0:e5:d9:30:53:90:f9:a6:26:37:
d0:15:bf:55:98:42:c0:17:09:31:45:f2:6f:14:7f:
12:5f:50:84:cc:a9:e2:35:43:1e:33:03:87:03:52:
15:28:0d:da:f7:27:1c:c9:fb:46:b2:b0:36:40:b5:
84:8b:9e:86:1b:c9:16:da:ed:dd:d1:0e:0b:b9:3c:
9f:f2:01:9e:40:9b:45:44:97:88:fd:7c:07:40:7a:
0f:07:7b:fd:fe:91:f0:43:b5:f6:e9:f4:5c:47:a3:
d3:4e:d9:77:5e:41:39:6d:27:b1:0b:bf:0d:48:9c:
4d:d1:30:e0:55:62:b4:a2:eb:a6:1e:8c:ca:21:17:
f2:9c:90:99:65:6b:59:7c:9a:b1:0f:ec:d5:30:91:
15:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:86:52:6C:9B:B3:A0:75:C5:A2:CB:94:D8:71:CD:86:DD:6F:61:8E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/PYZSbJuzoHXFosuU2HHNht1vYY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
99:32:77:47:b5:98:e8:31:4f:c1:27:e0:81:d2:5f:d5:39:33:
2b:a9:2e:31:4c:55:29:d6:df:53:ea:5b:60:b1:08:0c:cc:07:
7e:82:37:70:5b:52:53:81:1f:ba:ae:29:06:f0:7c:6d:f8:56:
59:d5:da:e9:c7:20:0e:14:f5:e0:03:29:82:94:62:c9:4f:20:
b3:4f:2d:69:44:b5:10:fa:fe:19:91:16:31:47:e7:db:d3:0b:
ae:9b:fc:7a:18:29:4e:4c:bb:e5:6e:ba:9a:1b:11:ce:72:0d:
84:db:88:d6:40:a1:65:aa:12:4c:85:fe:11:dc:d3:c7:df:09:
57:15:fc:21:e5:1c:98:d2:c1:eb:75:b6:21:eb:9c:56:89:6c:
31:9d:3c:a0:90:6f:37:30:77:be:31:32:24:e6:8c:ca:95:1a:
18:8a:ff:5c:c3:a7:36:b5:fb:23:e9:d9:34:4b:61:25:06:b5:
45:8d:b9:03:81:6c:e3:ef:90:0d:be:d7:cb:a3:ce:b8:b2:5c:
ea:d8:5f:27:3d:28:c8:00:2c:0c:c6:26:72:7e:9e:d4:42:ae:
84:6d:04:e1:14:5f:fc:75:d8:2f:16:e1:95:06:b6:17:d6:39:
e7:c4:24:cc:93:a6:22:24:a6:11:8c:5e:2b:18:91:0e:31:66:
0c:68:04:ea
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8TBVoytcH+1MyI9KDz+KDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI1MDIxMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDg2NTI2YzliYjNhMDc1YzVhMmNiOTRkODcxY2Q4NmRkNmY2MThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqXsn7+IJ5cqvDDBBeDMaa7l4SiU
fZcpXloa+VSPT1enXgtsjCvF8CczPi1fM2uUqm1E8JzJ21BbZX+h/eHy+8W1RCnK
IsGAeFWlnIbpNo+3JA4P6QanCF4Ei3Xa4aJRWyResW5iLrv+eiWNabDl2TBTkPmm
JjfQFb9VmELAFwkxRfJvFH8SX1CEzKniNUMeMwOHA1IVKA3a9yccyftGsrA2QLWE
i56GG8kW2u3d0Q4LuTyf8gGeQJtFRJeI/XwHQHoPB3v9/pHwQ7X26fRcR6PTTtl3
XkE5bSexC78NSJxN0TDgVWK0ouumHozKIRfynJCZZWtZfJqxD+zVMJEVMwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD2GUmybs6B1xaLLlNhxzYbdb2GOMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUFlaU2JKdXpvSFhGb3N1VTJISE5odDF2WVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQCZMndH
tZjoMU/BJ+CB0l/VOTMrqS4xTFUp1t9T6ltgsQgMzAd+gjdwW1JTgR+6rikG8Hxt
+FZZ1drpxyAOFPXgAymClGLJTyCzTy1pRLUQ+v4ZkRYxR+fb0wuum/x6GClOTLvl
brqaGxHOcg2E24jWQKFlqhJMhf4R3NPH3wlXFfwh5RyY0sHrdbYh65xWiWwxnTyg
kG83MHe+MTIk5ozKlRoYiv9cw6c2tfsj6dk0S2ElBrVFjbkDgWzj75ANvtfLo864
slzq2F8nPSjIACwMxiZyfp7UQq6EbQThFF/8ddgvFuGVBrYX1jnnxCTMk6YiJKYR
jF4rGJEOMWYMaATq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org