Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/aozbYho0m7et8SLK0sMxG8bsEYk.roa
File: aozbYho0m7et8SLK0sMxG8bsEYk.roa (raw, json)
Hash identifier: ruYA1T+NAIH2+LziIk/BQO3binvyazVlSXcDX25Djo0=
Subject key identifier: 6A:8C:DB:62:1A:34:9B:B7:AD:F1:22:CA:D2:C3:31:1B:C6:EC:11:89
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F754C4CFE56729D364FD3168BCEFE50A6
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/aozbYho0m7et8SLK0sMxG8bsEYk.roa
Signing time: Tue 14 May 2024 04:11:25 +0000
ROA not before: Tue 14 May 2024 04:11:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:75:4c:4c:fe:56:72:9d:36:4f:d3:16:8b:ce:fe:50:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 14 04:11:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a8cdb621a349bb7adf122cad2c3311bc6ec1189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0f:08:6a:96:56:f3:3e:66:a3:90:87:9b:b6:
fc:c9:2f:c7:c5:eb:9f:fd:79:c8:35:ba:ed:9e:1f:
e8:b8:60:ea:47:41:70:bd:02:15:24:51:56:b7:7a:
5f:f4:15:ad:ca:89:94:f6:1a:a0:ab:d5:e3:62:c4:
af:39:f5:01:29:1a:88:61:78:0a:64:67:37:1b:cd:
48:d0:d6:43:94:75:04:15:5a:58:9d:d3:c3:4c:36:
01:88:b4:45:99:c4:90:25:08:43:c1:1e:9f:3d:21:
e1:20:df:57:d7:01:0c:15:0d:2b:a9:1c:72:e3:d1:
00:42:99:ac:3f:37:5c:59:1a:4e:a0:7b:b8:55:ae:
dc:4c:95:10:a8:34:11:d5:e0:98:25:43:bb:5f:b0:
9a:d4:36:27:e7:6b:8b:66:0c:e6:76:76:70:78:92:
00:ab:de:36:f9:6e:02:d8:0f:02:e2:04:a8:8e:e8:
e8:ec:e5:0f:4c:3a:b3:0e:07:59:fa:5d:2f:4c:d2:
c4:9d:1e:1c:83:0d:0a:5d:d3:92:89:c8:73:40:ef:
c0:f6:77:d7:1c:7a:f3:39:47:a1:9f:62:76:fa:8d:
cb:d4:6d:73:5e:90:93:96:67:d8:77:d1:ad:04:2d:
41:2f:d9:3e:fa:74:73:84:d6:b8:40:8f:31:41:10:
b9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:8C:DB:62:1A:34:9B:B7:AD:F1:22:CA:D2:C3:31:1B:C6:EC:11:89
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/aozbYho0m7et8SLK0sMxG8bsEYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
70:fc:61:1d:8d:19:77:9d:c6:b1:4d:21:c2:6e:92:25:40:eb:
49:b4:af:99:7b:94:b8:74:8f:ab:20:7c:40:58:f4:36:84:c8:
e2:fa:61:68:7d:da:b1:e0:6f:e4:9c:a3:d4:dc:e3:47:fd:fa:
c6:67:69:82:bd:71:3a:26:33:8f:04:69:45:e0:80:ac:cb:11:
26:06:ea:0c:f0:f8:3c:b6:92:09:a6:c7:3f:8e:57:3d:8a:8a:
bd:13:fa:da:9c:a3:55:79:8d:9b:9a:db:5d:97:8e:98:9a:36:
f2:2e:09:c5:2c:d1:c5:26:d8:ba:e2:72:d5:6a:e9:05:87:8a:
70:17:a9:22:80:5a:b8:b9:22:36:93:6a:20:79:47:c4:0e:b1:
8b:d0:3d:88:31:fb:39:3f:0a:7a:c5:cf:92:3c:72:01:0f:4c:
33:80:e3:ba:ee:6c:f4:55:a5:5e:19:e8:16:a5:dc:b3:14:2f:
ca:48:f7:8a:1e:3c:71:0b:0a:11:4a:d2:2a:e3:70:5f:df:d8:
11:6b:54:04:3b:34:73:c0:98:73:de:4c:32:f2:59:9e:21:84:
20:31:42:45:cf:0d:02:f5:e9:8b:bf:20:80:f3:ce:0d:d6:6d:
ab:99:6d:50:4c:85:1f:f7:12:c0:41:89:4f:32:ac:d6:19:00:
38:94:48:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY91TEz+VnKdNk/TFovO/lCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE0MDQxMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YThjZGI2MjFhMzQ5YmI3YWRmMTIyY2FkMmMzMzExYmM2ZWMxMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA8IapZW8z5mo5CHm7b8yS/Hxeuf
/XnINbrtnh/ouGDqR0FwvQIVJFFWt3pf9BWtyomU9hqgq9XjYsSvOfUBKRqIYXgK
ZGc3G81I0NZDlHUEFVpYndPDTDYBiLRFmcSQJQhDwR6fPSHhIN9X1wEMFQ0rqRxy
49EAQpmsPzdcWRpOoHu4Va7cTJUQqDQR1eCYJUO7X7Ca1DYn52uLZgzmdnZweJIA
q942+W4C2A8C4gSojujo7OUPTDqzDgdZ+l0vTNLEnR4cgw0KXdOSichzQO/A9nfX
HHrzOUehn2J2+o3L1G1zXpCTlmfYd9GtBC1BL9k++nRzhNa4QI8xQRC5FQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGqM22IaNJu3rfEiytLDMRvG7BGJMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvYW96YllobzBtN2V0OFNMSzBzTXhHOGJzRVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHD8YR2NGXedxrFNIcJu
kiVA60m0r5l7lLh0j6sgfEBY9DaEyOL6YWh92rHgb+Sco9Tc40f9+sZnaYK9cTom
M48EaUXggKzLESYG6gzw+Dy2kgmmxz+OVz2Kir0T+tqco1V5jZua212XjpiaNvIu
CcUs0cUm2LrictVq6QWHinAXqSKAWri5IjaTaiB5R8QOsYvQPYgx+zk/CnrFz5I8
cgEPTDOA47rubPRVpV4Z6Bal3LMUL8pI94oePHELChFK0irjcF/f2BFrVAQ7NHPA
mHPeTDLyWZ4hhCAxQkXPDQL16Yu/IIDzzg3WbauZbVBMhR/3EsBBiU8yrNYZADiU
SAk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org