Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/b9h2lEziENMU6uCBHpWr-Mm3q-M.roa
File: b9h2lEziENMU6uCBHpWr-Mm3q-M.roa (raw, json)
Hash identifier: 4+3QkQzkXV5Aba0Pi2yjctGEHKALqK9cOJqsob2Dmd4=
Subject key identifier: 6F:D8:76:94:4C:E2:10:D3:14:EA:E0:81:1E:95:AB:F8:C9:B7:AB:E3
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5D7B5D46421C98BD39DCA2F9C0626808
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/b9h2lEziENMU6uCBHpWr-Mm3q-M.roa
Signing time: Thu 09 May 2024 13:11:56 +0000
ROA not before: Thu 09 May 2024 13:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5d:7b:5d:46:42:1c:98:bd:39:dc:a2:f9:c0:62:68:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 9 13:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fd876944ce210d314eae0811e95abf8c9b7abe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c5:1b:a8:b3:9e:c1:c2:6a:b4:0b:cc:17:ee:
da:62:70:f9:36:01:8d:27:32:66:cb:e5:46:21:07:
f5:f2:46:df:3c:71:32:9f:4e:bc:a5:75:62:b6:de:
c9:6d:86:13:2b:3f:45:23:49:34:53:53:25:e9:1d:
88:77:e0:f3:3d:5b:59:8e:c5:9b:39:6d:6c:03:6e:
95:19:28:12:da:bd:05:1f:c4:37:01:e6:62:40:ba:
3c:04:bc:5a:fb:4e:69:20:e2:79:d7:3d:54:a9:4b:
b9:de:d2:53:c3:27:0e:fe:00:bb:23:49:14:f2:eb:
68:66:ca:4f:a7:90:9b:65:7c:2a:59:da:be:f6:61:
26:7c:c3:81:c7:58:e9:d0:5e:f4:e9:f8:73:ff:12:
33:52:09:8c:7e:ae:d8:a1:2a:8e:0f:b2:5c:af:d7:
4c:12:a4:bb:9c:dc:f1:f7:f0:89:f8:6e:1e:51:a0:
51:9b:4c:bc:ec:b7:f4:64:4d:e2:88:84:ef:6c:5d:
a6:82:82:55:09:79:a8:df:e7:f9:b5:da:7b:8b:15:
0d:81:e6:f5:d2:7e:a2:64:ae:f0:79:83:cd:08:ff:
d5:7f:2a:c9:01:5e:33:47:65:79:0d:28:86:e1:74:
dd:f3:64:b5:dd:47:ff:52:46:8b:50:c2:b9:64:92:
8f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D8:76:94:4C:E2:10:D3:14:EA:E0:81:1E:95:AB:F8:C9:B7:AB:E3
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/b9h2lEziENMU6uCBHpWr-Mm3q-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:44:d2:45:9e:38:c9:5b:12:1c:1b:e7:16:a3:03:58:a6:92:
83:be:fe:17:32:10:27:ca:65:4f:d9:08:29:47:0e:5b:03:70:
3e:56:92:4a:24:07:92:18:a1:1f:18:46:46:8c:9f:22:ad:a0:
ca:8a:1b:58:6c:60:12:26:92:e8:7b:20:20:55:3e:d4:d0:bb:
84:8a:e7:e2:bf:9e:d3:c8:95:7e:e2:d2:91:13:9a:45:89:fe:
cb:8f:86:76:a8:c5:0b:61:26:19:22:cd:51:5a:22:a1:f1:74:
73:a8:1a:c0:f4:e8:36:ce:63:a4:23:4f:8f:d5:f9:e5:24:e9:
14:d9:0d:0b:de:4f:90:5d:5f:90:dc:27:5d:91:98:d4:e2:d5:
ab:70:2d:63:9e:c1:f8:52:fc:80:fe:d8:08:db:aa:7c:95:01:
e6:6c:45:25:48:03:e1:17:7a:44:d5:67:29:71:75:94:db:be:
e5:0f:42:43:56:1a:fa:25:08:2c:74:fb:1f:23:d5:86:5c:2d:
26:35:b6:fc:50:38:94:fe:c0:a6:14:a2:11:26:9a:65:6e:68:
0d:96:70:1a:bd:ac:89:ae:e0:82:89:c1:fa:98:ed:c5:71:04:
04:a1:cf:fd:08:04:44:41:54:47:70:fd:b0:85:ce:bf:ff:70:
5b:95:7f:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9de11GQhyYvTncovnAYmgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA5MTMxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQ4NzY5NDRjZTIxMGQzMTRlYWUwODExZTk1YWJmOGM5YjdhYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cUbqLOewcJqtAvMF+7aYnD5NgGN
JzJmy+VGIQf18kbfPHEyn068pXVitt7JbYYTKz9FI0k0U1Ml6R2Id+DzPVtZjsWb
OW1sA26VGSgS2r0FH8Q3AeZiQLo8BLxa+05pIOJ51z1UqUu53tJTwycO/gC7I0kU
8utoZspPp5CbZXwqWdq+9mEmfMOBx1jp0F706fhz/xIzUgmMfq7YoSqOD7Jcr9dM
EqS7nNzx9/CJ+G4eUaBRm0y87Lf0ZE3iiITvbF2mgoJVCXmo3+f5tdp7ixUNgeb1
0n6iZK7weYPNCP/VfyrJAV4zR2V5DSiG4XTd82S13Uf/UkaLUMK5ZJKPxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG/YdpRM4hDTFOrggR6Vq/jJt6vjMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvYjloMmxFemlFTk1VNnVDQkhwV3ItTW0zcS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACpE0kWeOMlbEhwb5xaj
A1imkoO+/hcyECfKZU/ZCClHDlsDcD5WkkokB5IYoR8YRkaMnyKtoMqKG1hsYBIm
kuh7ICBVPtTQu4SK5+K/ntPIlX7i0pETmkWJ/suPhnaoxQthJhkizVFaIqHxdHOo
GsD06DbOY6QjT4/V+eUk6RTZDQveT5BdX5DcJ12RmNTi1atwLWOewfhS/ID+2Ajb
qnyVAeZsRSVIA+EXekTVZylxdZTbvuUPQkNWGvolCCx0+x8j1YZcLSY1tvxQOJT+
wKYUohEmmmVuaA2WcBq9rImu4IKJwfqY7cVxBAShz/0IBERBVEdw/bCFzr//cFuV
fwg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org