Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cTKjOrmIFxKl-jSxmcGpY6yfOgU.roa
File: cTKjOrmIFxKl-jSxmcGpY6yfOgU.roa (raw, json)
Hash identifier: DfpxluXHFhPALoWBAfIlCi+eBnsOQbSFZw6hbeHDpT0=
Subject key identifier: 71:32:A3:3A:B9:88:17:12:A5:FA:34:B1:99:C1:A9:63:AC:9F:3A:05
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F84521B93DCBF41196D902D94C27596D1
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cTKjOrmIFxKl-jSxmcGpY6yfOgU.roa
Signing time: Fri 17 May 2024 02:12:04 +0000
ROA not before: Fri 17 May 2024 02:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:84:52:1b:93:dc:bf:41:19:6d:90:2d:94:c2:75:96:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 17 02:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7132a33ab9881712a5fa34b199c1a963ac9f3a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c2:f1:c3:b7:9f:de:8e:f7:67:fe:47:ba:e4:
38:f2:00:44:71:39:42:59:dc:46:62:de:6b:c0:f3:
9f:b3:ef:30:25:1e:14:0f:b6:8e:78:d3:9f:77:45:
72:7c:7b:ad:57:81:e9:1a:ef:e3:a3:d6:8f:63:69:
d5:15:65:3a:61:cc:c9:46:6f:bd:dc:85:09:38:93:
79:9e:54:83:3d:1d:63:a9:22:33:bf:cf:cc:f5:65:
08:ce:fd:00:cd:a8:cd:c6:06:d3:04:2a:4f:0d:c2:
c3:67:8f:24:84:2d:22:5f:08:22:e9:23:4b:b2:e8:
00:40:76:7d:46:85:dc:6e:08:dd:8f:03:f0:6e:b7:
d0:73:54:23:a7:51:0b:36:5c:45:f9:1b:52:49:0c:
15:17:6f:43:f1:3d:9b:ec:70:dc:dc:b6:8b:9f:62:
b8:27:d2:d3:6c:48:9c:af:3b:60:36:8b:e6:c1:a3:
28:36:9e:3f:7e:3c:fb:cb:16:78:98:79:f6:91:aa:
ef:7c:a8:49:18:c0:63:41:44:06:38:ad:16:e4:da:
cb:d7:ba:73:d3:17:20:a8:41:e4:ee:a6:65:ed:26:
9d:44:31:cb:5d:51:c9:2d:fd:9f:9f:16:d5:cc:a3:
43:30:ba:1c:4b:63:91:ff:a0:c2:65:6a:90:3a:23:
85:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:32:A3:3A:B9:88:17:12:A5:FA:34:B1:99:C1:A9:63:AC:9F:3A:05
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cTKjOrmIFxKl-jSxmcGpY6yfOgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:ef:58:b7:be:eb:92:bb:4b:d7:8d:b3:0b:d3:25:60:48:e1:
44:1d:46:42:8a:0d:1d:4c:30:96:80:d2:4f:a5:6a:f9:fa:8e:
f4:7b:8b:b5:8e:87:a2:dc:1c:5c:f9:a0:6a:04:e3:7f:7b:77:
1a:1e:3a:9c:6a:31:d0:32:10:39:7f:a2:d0:d2:47:31:8a:ee:
71:76:ab:39:68:01:57:0e:bb:f7:14:c1:61:af:f8:6b:3e:db:
8c:cd:89:c7:e2:47:04:b4:b4:ad:5e:71:89:45:41:92:10:89:
b8:fc:03:22:b7:45:5d:db:0d:1c:05:ee:89:71:7a:42:9e:0e:
41:a4:63:83:11:65:48:17:5c:7f:a2:09:8d:21:c0:5a:29:bd:
2d:34:19:f5:7d:be:3e:1b:45:d2:68:0f:79:ce:dd:79:31:ba:
c5:c9:ca:68:73:f6:5c:56:2e:86:2f:e2:03:9a:49:4c:9a:54:
d3:d2:46:55:91:4f:ba:79:b7:7d:6f:f8:a4:96:b2:78:26:cd:
d4:fd:5c:36:8d:00:a8:35:32:11:ff:96:7e:2e:f5:45:0a:5c:
f6:7e:36:dd:cc:e9:6b:6c:25:d2:eb:88:59:e4:96:21:45:82:
3d:8e:19:df:91:82:92:71:c4:14:a8:2e:08:41:07:c2:84:de:
f9:9c:f3:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+EUhuT3L9BGW2QLZTCdZbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE3MDIxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTMyYTMzYWI5ODgxNzEyYTVmYTM0YjE5OWMxYTk2M2FjOWYzYTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MLxw7ef3o73Z/5HuuQ48gBEcTlC
WdxGYt5rwPOfs+8wJR4UD7aOeNOfd0VyfHutV4HpGu/jo9aPY2nVFWU6YczJRm+9
3IUJOJN5nlSDPR1jqSIzv8/M9WUIzv0AzajNxgbTBCpPDcLDZ48khC0iXwgi6SNL
sugAQHZ9RoXcbgjdjwPwbrfQc1Qjp1ELNlxF+RtSSQwVF29D8T2b7HDc3LaLn2K4
J9LTbEicrztgNovmwaMoNp4/fjz7yxZ4mHn2karvfKhJGMBjQUQGOK0W5NrL17pz
0xcgqEHk7qZl7SadRDHLXVHJLf2fnxbVzKNDMLocS2OR/6DCZWqQOiOFeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHEyozq5iBcSpfo0sZnBqWOsnzoFMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvY1RLak9ybUlGeEtsLWpTeG1jR3BZNnlmT2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJXvWLe+65K7S9eNswvT
JWBI4UQdRkKKDR1MMJaA0k+lavn6jvR7i7WOh6LcHFz5oGoE4397dxoeOpxqMdAy
EDl/otDSRzGK7nF2qzloAVcOu/cUwWGv+Gs+24zNicfiRwS0tK1ecYlFQZIQibj8
AyK3RV3bDRwF7olxekKeDkGkY4MRZUgXXH+iCY0hwFopvS00GfV9vj4bRdJoD3nO
3XkxusXJymhz9lxWLoYv4gOaSUyaVNPSRlWRT7p5t31v+KSWsngmzdT9XDaNAKg1
MhH/ln4u9UUKXPZ+Nt3M6WtsJdLriFnkliFFgj2OGd+RgpJxxBSoLghBB8KE3vmc
88g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org