Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/XL_8_rtR2oPekOb_tlaExHZlqOA.roa
File: XL_8_rtR2oPekOb_tlaExHZlqOA.roa (raw, json)
Hash identifier: CYLtgoQ0HnDBwSJ1FTbrqdgmeGFUH3rfj+WvD2zLoY0=
Subject key identifier: 5C:BF:FC:FE:BB:51:DA:83:DE:90:E6:FF:B6:56:84:C4:76:65:A8:E0
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8C42940E08D3192B6D8064EBA02ACF67
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/XL_8_rtR2oPekOb_tlaExHZlqOA.roa
Signing time: Sat 18 May 2024 15:12:04 +0000
ROA not before: Sat 18 May 2024 15:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8c:42:94:0e:08:d3:19:2b:6d:80:64:eb:a0:2a:cf:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 18 15:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cbffcfebb51da83de90e6ffb65684c47665a8e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:aa:ca:df:86:23:fe:83:71:94:7a:4a:44:b5:
5c:8f:bf:37:1a:96:e3:e3:92:59:b1:29:95:1c:24:
84:1e:f8:95:9e:7d:7b:d1:94:7a:75:4a:da:8f:16:
7e:7b:3f:f8:17:8e:7d:90:ec:e3:45:1e:8f:f5:ba:
9f:b0:a5:59:c5:d6:4f:dc:56:92:17:9a:7e:c0:bc:
9a:b5:72:48:81:21:be:2f:36:d7:5a:92:4e:48:d3:
f7:ee:2a:66:ed:91:01:43:5e:8d:b4:57:d1:9a:e9:
8f:7e:c4:a7:5a:62:f3:f0:1a:42:3f:ee:ba:17:52:
75:38:11:a9:bf:8d:c7:41:eb:c3:aa:c7:21:f0:5a:
31:d8:15:a1:ff:33:d5:13:b0:09:b9:30:60:66:6d:
cb:47:c5:03:4a:42:cd:b7:94:b0:e8:5f:a6:e1:86:
b2:80:e8:d9:e1:b1:4f:ed:ff:ab:3f:63:ea:db:13:
52:e5:d7:b4:c3:0b:27:d5:dd:9d:34:52:99:20:9d:
04:08:ee:cf:e7:ce:22:6c:ff:1f:9e:a8:21:91:03:
9f:c9:f8:14:e1:f9:61:47:bf:a1:fa:fe:1d:56:88:
f4:2f:8c:c9:74:a1:ae:5c:f0:83:05:3d:67:68:70:
b6:25:84:1f:b2:08:36:dd:33:20:83:2e:48:3f:07:
39:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BF:FC:FE:BB:51:DA:83:DE:90:E6:FF:B6:56:84:C4:76:65:A8:E0
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/XL_8_rtR2oPekOb_tlaExHZlqOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:76:ab:b7:db:5b:19:84:18:8b:28:94:f6:3a:56:56:40:26:
c4:e7:95:25:07:37:19:b9:60:67:a4:d5:ce:8c:8a:53:9d:b4:
88:1d:ba:ee:4f:6c:b4:f2:23:12:49:17:6d:be:e6:64:40:7f:
b0:4a:c0:8b:f8:ec:22:0f:b6:c3:bd:86:0d:ca:94:ad:a3:36:
63:2e:a1:9f:a2:fa:39:d9:e3:ff:93:c4:27:ff:85:bc:9c:8d:
82:94:a8:c4:74:22:8e:fe:22:38:00:5b:bb:76:5f:eb:c7:d8:
8b:72:6b:a7:08:31:4c:68:18:01:42:20:4f:d3:ed:ec:b9:61:
08:c5:fa:45:c2:5a:f8:c1:19:f8:74:fd:e2:37:88:23:bf:e8:
6b:ca:cf:f4:d2:46:f8:53:3b:73:8d:29:09:46:67:fc:2e:2a:
38:bc:2f:84:5b:d5:e2:9e:b6:65:7e:b6:2b:e8:1d:bb:4a:11:
03:7b:ab:4f:43:a0:05:2e:61:a3:dc:e6:bd:f0:05:86:26:e1:
6c:45:f4:c9:1a:dd:ad:68:c3:7a:c3:c2:08:62:f3:26:5d:19:
8c:0d:fe:82:05:2e:db:97:bb:bd:2d:2f:6c:41:ff:b4:e7:4f:
6c:34:c9:c8:db:05:38:62:37:10:c3:51:b8:ac:31:b5:c5:70:
5b:9a:9e:ed
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+MQpQOCNMZK22AZOugKs9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE4MTUxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2JmZmNmZWJiNTFkYTgzZGU5MGU2ZmZiNjU2ODRjNDc2NjVhOGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyarK34Yj/oNxlHpKRLVcj783Gpbj
45JZsSmVHCSEHviVnn170ZR6dUrajxZ+ez/4F459kOzjRR6P9bqfsKVZxdZP3FaS
F5p+wLyatXJIgSG+LzbXWpJOSNP37ipm7ZEBQ16NtFfRmumPfsSnWmLz8BpCP+66
F1J1OBGpv43HQevDqsch8Fox2BWh/zPVE7AJuTBgZm3LR8UDSkLNt5Sw6F+m4Yay
gOjZ4bFP7f+rP2Pq2xNS5de0wwsn1d2dNFKZIJ0ECO7P584ibP8fnqghkQOfyfgU
4flhR7+h+v4dVoj0L4zJdKGuXPCDBT1naHC2JYQfsgg23TMggy5IPwc5MQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFy//P67UdqD3pDm/7ZWhMR2ZajgMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvWExfOF9ydFIyb1Bla09iX3RsYUV4SFpscU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABp2q7fbWxmEGIsolPY6
VlZAJsTnlSUHNxm5YGek1c6MilOdtIgduu5PbLTyIxJJF22+5mRAf7BKwIv47CIP
tsO9hg3KlK2jNmMuoZ+i+jnZ4/+TxCf/hbycjYKUqMR0Io7+IjgAW7t2X+vH2Ity
a6cIMUxoGAFCIE/T7ey5YQjF+kXCWvjBGfh0/eI3iCO/6GvKz/TSRvhTO3ONKQlG
Z/wuKji8L4Rb1eKetmV+tivoHbtKEQN7q09DoAUuYaPc5r3wBYYm4WxF9Mka3a1o
w3rDwghi8yZdGYwN/oIFLtuXu70tL2xB/7TnT2w0ycjbBThiNxDDUbisMbXFcFua
nu0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org