Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/XWHjDOwT_l0fUm2W2t4UN5EJE8g.roa
File: XWHjDOwT_l0fUm2W2t4UN5EJE8g.roa (raw, json)
Hash identifier: hGyJ7FRoAG8bodRP88ONm1wU2d0O68yofbcL+/n+eGo=
Subject key identifier: 5D:61:E3:0C:EC:13:FE:5D:1F:52:6D:96:DA:DE:14:37:91:09:13:C8
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F833E88E5B85C18B9FEFCE163795A2CDF
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/XWHjDOwT_l0fUm2W2t4UN5EJE8g.roa
Signing time: Thu 16 May 2024 21:11:04 +0000
ROA not before: Thu 16 May 2024 21:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:83:3e:88:e5:b8:5c:18:b9:fe:fc:e1:63:79:5a:2c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 16 21:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d61e30cec13fe5d1f526d96dade1437910913c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:35:33:e4:e2:8c:40:e3:d3:d5:4b:98:af:01:
b2:4a:58:4b:b5:bb:c3:72:84:bf:5f:90:46:d8:10:
23:79:bb:b3:d4:6f:ca:9d:a6:5e:05:03:d7:92:af:
60:bd:63:e5:bd:05:78:2e:20:20:b1:5e:99:57:42:
c8:fd:9e:a0:bd:68:e8:9b:93:46:8d:5b:5e:d4:5a:
a9:27:e2:41:e8:4e:16:03:7a:90:b0:34:ad:1e:dc:
c9:ca:f1:54:57:30:d5:14:9f:01:6b:c8:ad:a0:b2:
fd:bb:ef:ed:62:e9:02:49:80:42:fd:5c:04:d4:34:
53:dc:18:a0:8a:25:c8:89:6a:7d:b3:57:bd:37:10:
81:af:b5:74:5d:3a:8f:39:71:b5:58:fe:f8:3e:26:
0d:b8:2e:e7:42:f1:a2:0e:1d:de:a5:13:28:8a:83:
45:0c:28:da:20:55:29:73:2f:36:42:43:df:0d:cb:
7b:a8:4f:4a:6d:47:01:51:56:e8:e8:4d:df:97:20:
47:ee:9e:27:01:17:3c:97:26:73:d2:55:09:37:3e:
91:ac:fc:4c:94:fc:ea:8c:98:3f:2b:53:80:47:98:
ca:3b:30:25:10:de:f5:4e:ec:5b:bd:ad:54:bd:4d:
35:59:e8:29:5a:b6:a7:e1:76:7c:8f:46:46:8f:a0:
ba:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:61:E3:0C:EC:13:FE:5D:1F:52:6D:96:DA:DE:14:37:91:09:13:C8
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/XWHjDOwT_l0fUm2W2t4UN5EJE8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:ef:23:80:fb:cf:3a:bb:ea:82:94:ca:21:39:a5:c5:5c:f7:
22:71:aa:c3:95:0c:92:95:1a:47:d1:14:55:47:16:56:f4:42:
28:0b:e4:dc:bc:12:6e:7d:22:b0:bf:fe:80:93:2e:83:15:50:
18:02:35:3d:01:7a:83:76:a4:97:dd:ab:f7:4c:0f:b5:ee:36:
47:10:30:40:5b:18:6b:a3:5f:01:26:88:71:01:94:d8:bc:c6:
da:ff:47:c6:d6:72:52:7e:be:a5:b2:14:6a:0e:b2:f6:61:22:
b3:8d:74:c1:67:02:da:05:e9:42:46:57:df:24:b3:5b:cc:96:
b1:99:17:82:c2:85:3c:9e:ff:70:91:ad:be:83:08:73:63:fb:
07:2f:39:07:f9:12:2e:b4:04:a1:bb:86:df:28:bd:ae:fb:df:
16:3d:ae:37:7d:bb:5d:c8:65:3d:3f:5a:9c:8b:c7:83:84:e6:
80:77:3c:a1:33:56:d0:ce:8a:d1:4f:68:23:8f:04:55:6f:26:
cd:74:2f:6c:ec:4f:b4:87:33:82:ec:81:d0:6c:81:fa:c7:38:
86:74:59:71:cd:78:0b:4c:9c:4f:08:3d:b5:2f:8f:2d:a6:27:
46:8d:47:62:49:1b:87:72:7b:0d:a5:b3:5d:c1:10:aa:00:e6:
04:be:c8:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+DPojluFwYuf784WN5WizfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE2MjExMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDYxZTMwY2VjMTNmZTVkMWY1MjZkOTZkYWRlMTQzNzkxMDkxM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DUz5OKMQOPT1UuYrwGySlhLtbvD
coS/X5BG2BAjebuz1G/KnaZeBQPXkq9gvWPlvQV4LiAgsV6ZV0LI/Z6gvWjom5NG
jVte1FqpJ+JB6E4WA3qQsDStHtzJyvFUVzDVFJ8Ba8itoLL9u+/tYukCSYBC/VwE
1DRT3BigiiXIiWp9s1e9NxCBr7V0XTqPOXG1WP74PiYNuC7nQvGiDh3epRMoioNF
DCjaIFUpcy82QkPfDct7qE9KbUcBUVbo6E3flyBH7p4nARc8lyZz0lUJNz6RrPxM
lPzqjJg/K1OAR5jKOzAlEN71Tuxbva1UvU01WegpWran4XZ8j0ZGj6C6DQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF1h4wzsE/5dH1JtltreFDeRCRPIMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvWFdIakRPd1RfbDBmVW0yVzJ0NFVONUVKRThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHzvI4D7zzq76oKUyiE5
pcVc9yJxqsOVDJKVGkfRFFVHFlb0QigL5Ny8Em59IrC//oCTLoMVUBgCNT0BeoN2
pJfdq/dMD7XuNkcQMEBbGGujXwEmiHEBlNi8xtr/R8bWclJ+vqWyFGoOsvZhIrON
dMFnAtoF6UJGV98ks1vMlrGZF4LChTye/3CRrb6DCHNj+wcvOQf5Ei60BKG7ht8o
va773xY9rjd9u13IZT0/WpyLx4OE5oB3PKEzVtDOitFPaCOPBFVvJs10L2zsT7SH
M4LsgdBsgfrHOIZ0WXHNeAtMnE8IPbUvjy2mJ0aNR2JJG4dyew2ls13BEKoA5gS+
yC8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org