Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cbLyG3UE7teQyUoD4_500gZjMN0.roa
File: cbLyG3UE7teQyUoD4_500gZjMN0.roa (raw, json)
Hash identifier: UfHdhQdPiocsYsVI4AaEE4XG1pTmoVqqFeXrnD5yEjY=
Subject key identifier: 71:B2:F2:1B:75:04:EE:D7:90:C9:4A:03:E3:FE:74:D2:06:63:30:DD
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5AB22BC64786A26B02F4BA67E99E2335
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cbLyG3UE7teQyUoD4_500gZjMN0.roa
Signing time: Thu 09 May 2024 00:12:56 +0000
ROA not before: Thu 09 May 2024 00:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5a:b2:2b:c6:47:86:a2:6b:02:f4:ba:67:e9:9e:23:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 9 00:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71b2f21b7504eed790c94a03e3fe74d2066330dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c8:d3:79:00:97:36:6c:31:ff:80:5c:71:8f:
36:91:5a:ef:4e:bf:78:4b:9b:d0:5d:5d:74:7a:66:
78:0b:11:75:ec:c1:1b:92:cb:f0:b2:bc:f1:e7:7d:
8a:be:62:0c:39:c7:49:9f:ab:eb:1e:7d:21:42:24:
8b:09:b7:ae:7a:62:2b:49:e7:f1:c2:3d:3c:bf:b7:
2c:86:77:da:00:38:65:c9:66:1f:15:a4:66:35:30:
39:cb:8d:8f:2b:31:a5:c5:a4:97:2a:b9:92:04:94:
f1:bc:67:cd:b9:ed:3a:ea:97:6f:3d:65:50:8d:57:
17:86:01:02:a9:3e:68:b7:48:98:69:fe:31:97:1b:
df:17:15:9f:8e:e4:f0:88:e6:c0:97:c5:ee:aa:55:
31:bc:3a:0e:2d:35:cb:94:95:15:3f:a7:25:65:67:
52:95:cc:a7:ca:3d:68:56:e4:6f:12:e5:89:0b:4f:
ab:e2:39:b9:55:d8:9d:e2:35:dc:a4:88:5d:19:da:
ce:f0:9a:69:f3:fd:33:46:40:a3:22:9e:84:07:b2:
2f:4f:3f:3b:92:1d:7c:6b:3b:34:94:2e:60:c5:6f:
48:4a:f0:6e:5d:67:53:cb:12:b9:de:d3:5b:4d:e1:
d0:43:9f:86:d1:96:3c:5f:82:5d:9d:07:86:5f:ce:
42:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B2:F2:1B:75:04:EE:D7:90:C9:4A:03:E3:FE:74:D2:06:63:30:DD
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cbLyG3UE7teQyUoD4_500gZjMN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:26:ef:e9:08:ad:4b:dc:6f:2c:1c:4c:ac:21:a7:f8:4a:2d:
7a:e3:e9:e9:2f:1f:9d:dc:d6:68:4c:0f:38:7b:72:fd:5f:b1:
90:62:fb:e2:fb:d8:cd:1e:49:f0:05:52:99:54:ac:01:05:63:
7a:65:d2:87:77:a5:16:38:86:74:1e:e9:52:82:55:ef:ab:fd:
07:89:83:90:4c:47:63:6a:f6:dc:38:b3:f4:28:b7:60:66:e5:
f3:21:7f:c5:0b:72:1a:89:c1:da:59:f4:e9:0d:9f:8a:cb:dd:
c6:76:ca:41:80:d1:8e:79:21:cb:9d:5c:c9:69:bf:fc:58:37:
9a:f8:d5:f8:86:53:58:d8:76:63:e3:97:22:3c:2d:2c:e0:14:
ce:4c:37:80:8c:6a:81:14:e2:a2:37:f7:ba:f4:7e:4f:4c:47:
d8:b2:3a:02:03:09:c2:35:82:a5:9e:b1:65:2d:22:c0:eb:ac:
e0:82:e4:c8:4e:f0:ff:23:c6:a8:6d:85:68:c8:13:64:1b:13:
29:f6:40:00:77:f1:94:07:68:a2:75:b1:00:0e:94:65:96:81:
b6:9c:dc:50:1e:69:d0:f3:43:41:32:39:6c:b2:9d:a6:1c:5d:
32:40:48:cb:93:6b:49:f2:fc:4b:d7:a9:d0:6d:88:08:22:c9:
84:0d:df:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9asivGR4aiawL0umfpniM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA5MDAxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWIyZjIxYjc1MDRlZWQ3OTBjOTRhMDNlM2ZlNzRkMjA2NjMzMGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MjTeQCXNmwx/4BccY82kVrvTr94
S5vQXV10emZ4CxF17MEbksvwsrzx532KvmIMOcdJn6vrHn0hQiSLCbeuemIrSefx
wj08v7cshnfaADhlyWYfFaRmNTA5y42PKzGlxaSXKrmSBJTxvGfNue066pdvPWVQ
jVcXhgECqT5ot0iYaf4xlxvfFxWfjuTwiObAl8XuqlUxvDoOLTXLlJUVP6clZWdS
lcynyj1oVuRvEuWJC0+r4jm5Vdid4jXcpIhdGdrO8Jpp8/0zRkCjIp6EB7IvTz87
kh18azs0lC5gxW9ISvBuXWdTyxK53tNbTeHQQ5+G0ZY8X4JdnQeGX85CiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHGy8ht1BO7XkMlKA+P+dNIGYzDdMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvY2JMeUczVUU3dGVReVVvRDRfNTAwZ1pqTU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKUm7+kIrUvcbywcTKwh
p/hKLXrj6ekvH53c1mhMDzh7cv1fsZBi++L72M0eSfAFUplUrAEFY3pl0od3pRY4
hnQe6VKCVe+r/QeJg5BMR2Nq9tw4s/Qot2Bm5fMhf8ULchqJwdpZ9OkNn4rL3cZ2
ykGA0Y55IcudXMlpv/xYN5r41fiGU1jYdmPjlyI8LSzgFM5MN4CMaoEU4qI397r0
fk9MR9iyOgIDCcI1gqWesWUtIsDrrOCC5MhO8P8jxqhthWjIE2QbEyn2QAB38ZQH
aKJ1sQAOlGWWgbac3FAeadDzQ0EyOWyynaYcXTJASMuTa0ny/EvXqdBtiAgiyYQN
3zk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org