Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/S9op1h__EaPdnZFD3Hay_YPv57E.roa
File: S9op1h__EaPdnZFD3Hay_YPv57E.roa (raw, json)
Hash identifier: rOo23x2+ley/5umiPgpMs4N2cKsGidyjMl3bAkCZdT4=
Subject key identifier: 4B:DA:29:D6:1F:FF:11:A3:DD:9D:91:43:DC:76:B2:FD:83:EF:E7:B1
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F47298DA5C93ACFDFAD9349AC9C4BF4CB
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/S9op1h__EaPdnZFD3Hay_YPv57E.roa
Signing time: Sun 05 May 2024 05:10:56 +0000
ROA not before: Sun 05 May 2024 05:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:47:29:8d:a5:c9:3a:cf:df:ad:93:49:ac:9c:4b:f4:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 5 05:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bda29d61fff11a3dd9d9143dc76b2fd83efe7b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:08:6b:37:6b:c8:e5:cd:8b:53:9e:05:03:03:
79:bb:86:55:04:19:40:9c:0e:fb:2d:f0:2d:3f:58:
44:51:d4:b4:37:e0:b8:ac:a3:d6:cd:55:fd:33:07:
13:c7:e0:24:eb:a4:0d:37:cf:c9:ea:b1:5b:2b:c0:
f5:f4:6b:45:91:ce:fc:58:3c:8f:9d:cd:61:71:00:
72:fa:a0:8c:d9:ea:88:ea:ca:8d:b8:5d:95:00:a7:
01:57:49:f5:23:0f:81:66:c5:14:b7:7c:72:fa:0b:
36:8a:06:b1:a5:63:c3:9c:fa:08:d2:d0:d8:da:d3:
47:92:8a:1e:c8:88:47:9f:9e:11:ad:d0:0c:a7:01:
38:de:a8:9a:ab:ce:91:4e:d0:33:e9:d6:62:03:31:
2b:fe:41:e0:f0:aa:84:e6:be:3d:86:ff:f9:3f:4d:
32:14:cc:e9:2f:c3:4c:7b:e3:35:b0:60:7e:d7:54:
42:d7:c8:e1:75:7a:20:ef:99:12:d6:83:23:09:ee:
0d:b9:a7:36:41:a4:bc:64:23:5f:76:f6:c0:ce:88:
5c:1d:e8:e3:ec:86:3d:bb:48:ba:1b:48:f4:ae:3c:
43:83:7e:48:db:ff:38:53:8c:d8:24:34:91:31:ed:
80:6a:3e:5e:a7:62:d6:83:fc:67:48:8b:00:cc:4d:
c7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DA:29:D6:1F:FF:11:A3:DD:9D:91:43:DC:76:B2:FD:83:EF:E7:B1
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/S9op1h__EaPdnZFD3Hay_YPv57E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:2d:90:62:b7:17:c1:f9:03:53:17:cf:35:fe:41:3e:15:74:
2a:eb:13:f0:03:77:d9:94:2e:ae:92:6b:08:4a:78:8b:6a:79:
c9:70:c3:6e:e9:05:3f:0b:d4:46:3f:bf:dd:97:99:5c:29:53:
3d:46:82:18:fc:19:75:2e:dd:30:8b:a3:ce:6a:b7:52:c5:db:
67:ca:4a:e4:23:7d:7c:ab:c8:7c:ed:c7:04:45:6a:8c:a9:0c:
56:c2:52:9b:38:db:5a:da:91:e1:10:3b:a9:da:9f:8f:91:52:
0d:25:05:5d:ba:09:7d:e7:bb:ab:bd:0a:1e:c0:2d:13:c6:f5:
60:f3:ca:75:18:a7:bc:0c:28:12:2f:4f:4d:77:c1:76:45:9f:
4e:f5:d9:4b:a4:84:ae:6d:f9:95:86:74:b7:07:a4:12:ed:26:
eb:ca:f6:83:5e:da:78:ee:13:94:66:8e:ed:41:42:bc:e8:23:
1d:66:46:de:4a:3a:1a:52:19:52:41:e3:a2:25:af:84:ee:86:
1e:dd:ae:a7:c2:97:1e:fc:11:30:9f:65:57:3d:af:f3:93:98:
71:e6:04:b5:7a:d2:23:dc:05:67:ac:f5:a2:6f:4a:a1:e5:dd:
cc:e4:8f:90:2a:8b:6b:8e:c2:6c:fc:a9:6a:ba:ee:c0:a9:38:
34:06:6f:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9HKY2lyTrP362TSaycS/TLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA1MDUxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmRhMjlkNjFmZmYxMWEzZGQ5ZDkxNDNkYzc2YjJmZDgzZWZlN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAhrN2vI5c2LU54FAwN5u4ZVBBlA
nA77LfAtP1hEUdS0N+C4rKPWzVX9MwcTx+Ak66QNN8/J6rFbK8D19GtFkc78WDyP
nc1hcQBy+qCM2eqI6sqNuF2VAKcBV0n1Iw+BZsUUt3xy+gs2igaxpWPDnPoI0tDY
2tNHkooeyIhHn54RrdAMpwE43qiaq86RTtAz6dZiAzEr/kHg8KqE5r49hv/5P00y
FMzpL8NMe+M1sGB+11RC18jhdXog75kS1oMjCe4Nuac2QaS8ZCNfdvbAzohcHejj
7IY9u0i6G0j0rjxDg35I2/84U4zYJDSRMe2Aaj5ep2LWg/xnSIsAzE3HrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEvaKdYf/xGj3Z2RQ9x2sv2D7+exMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUzlvcDFoX19FYVBkblpGRDNIYXlfWVB2NTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFEtkGK3F8H5A1MXzzX+
QT4VdCrrE/ADd9mULq6SawhKeItqeclww27pBT8L1EY/v92XmVwpUz1Gghj8GXUu
3TCLo85qt1LF22fKSuQjfXyryHztxwRFaoypDFbCUps421rakeEQO6nan4+RUg0l
BV26CX3nu6u9Ch7ALRPG9WDzynUYp7wMKBIvT013wXZFn0712UukhK5t+ZWGdLcH
pBLtJuvK9oNe2njuE5Rmju1BQrzoIx1mRt5KOhpSGVJB46Ilr4Tuhh7drqfClx78
ETCfZVc9r/OTmHHmBLV60iPcBWes9aJvSqHl3czkj5Aqi2uOwmz8qWq67sCpODQG
b74=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org