Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cnIdNqGFFGV1kLWs4cl_J8cFhoA.roa
File: cnIdNqGFFGV1kLWs4cl_J8cFhoA.roa (raw, json)
Hash identifier: m35FVIT+lslSd5eTrUclRVoJ+QtyHP2r3hIdUIOzBG4=
Subject key identifier: 72:72:1D:36:A1:85:14:65:75:90:B5:AC:E1:C9:7F:27:C7:05:86:80
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F453A40FFB4620231A68A88A35144BEC9
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cnIdNqGFFGV1kLWs4cl_J8cFhoA.roa
Signing time: Sat 04 May 2024 20:09:56 +0000
ROA not before: Sat 04 May 2024 20:09:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:45:3a:40:ff:b4:62:02:31:a6:8a:88:a3:51:44:be:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 4 20:09:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72721d36a18514657590b5ace1c97f27c7058680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cb:b9:7f:fd:cb:97:75:db:fd:d8:5a:71:4b:
2d:b5:8c:a3:36:0b:46:3a:ff:a4:b9:20:51:a2:37:
b9:82:63:e3:f3:d5:0a:c4:e3:5f:7a:08:74:92:11:
2c:ef:69:fa:b6:61:07:0c:6f:bc:81:34:83:8b:16:
83:75:ee:f9:7d:63:28:07:a1:a5:00:20:f4:37:a1:
fe:fc:24:08:59:81:69:d6:cb:6a:a5:29:0a:4e:66:
4c:f9:49:3e:bb:92:56:c5:4a:8a:47:b7:6d:38:8d:
fb:0d:fb:c6:db:4a:b2:69:79:6c:de:ee:a7:82:0e:
1b:53:10:9c:56:a4:1b:4f:6c:c7:6b:0e:c4:a1:27:
fb:fb:74:08:fc:e4:aa:31:06:42:2d:21:1a:25:6b:
79:18:e0:6f:8e:61:83:da:21:39:4e:7a:42:ba:25:
99:b0:ed:15:35:4a:be:50:fc:08:d5:cb:03:61:82:
93:55:66:fd:09:85:43:f3:5b:20:db:f0:60:28:6a:
56:ed:eb:31:51:16:70:df:0a:c7:6b:95:69:1d:78:
87:c9:a1:39:dd:46:99:ee:d9:a6:84:b1:47:3f:bc:
b4:b1:e5:ab:35:93:15:cf:a8:dd:5f:fd:db:69:ce:
61:3a:dc:b9:45:29:d2:01:e4:22:7c:e3:91:d4:74:
b8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:72:1D:36:A1:85:14:65:75:90:B5:AC:E1:C9:7F:27:C7:05:86:80
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cnIdNqGFFGV1kLWs4cl_J8cFhoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:cf:4b:22:6c:b1:6b:f4:18:4b:2e:e1:9a:b5:a9:3c:b8:18:
27:b8:cf:05:01:35:86:c7:2f:3c:e7:46:23:b7:32:f6:ae:45:
7e:f4:d4:1b:0c:f7:61:2d:82:12:21:db:f0:bb:ec:96:24:6f:
4f:17:37:bc:01:88:09:59:32:ff:13:3c:79:13:16:6b:38:50:
95:3f:6f:10:c4:22:9d:b7:9d:85:59:cb:29:9a:fd:ae:d5:fa:
94:4d:e5:ff:9e:bf:22:4f:5f:c6:8d:f1:42:1f:40:4a:03:b0:
c2:73:0b:46:2d:c1:1b:df:05:15:67:3b:43:1e:f2:a1:86:e3:
0a:c8:87:24:3e:f7:65:96:ba:45:f8:2a:24:d8:50:c0:2f:83:
77:45:39:39:5e:fd:6c:f8:6a:b1:dc:28:48:20:ab:45:b5:12:
ce:9b:73:e6:7d:da:83:86:1c:88:68:41:19:f8:77:f5:05:c2:
f8:3b:6c:81:eb:74:8c:c1:c2:f2:06:25:34:e9:ef:f6:99:04:
17:18:92:e6:ce:50:a4:ef:07:99:76:57:5b:74:8c:d7:4d:3e:
9a:13:dc:a2:6e:21:7c:a8:a4:c2:4c:fc:78:96:69:7c:1e:8c:
75:af:a4:69:53:6c:27:a7:bf:59:e7:9c:57:fc:b1:b0:df:d2:
f5:a7:77:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9FOkD/tGICMaaKiKNRRL7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA0MjAwOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjcyMWQzNmExODUxNDY1NzU5MGI1YWNlMWM5N2YyN2M3MDU4NjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysu5f/3Ll3Xb/dhacUsttYyjNgtG
Ov+kuSBRoje5gmPj89UKxONfegh0khEs72n6tmEHDG+8gTSDixaDde75fWMoB6Gl
ACD0N6H+/CQIWYFp1stqpSkKTmZM+Uk+u5JWxUqKR7dtOI37DfvG20qyaXls3u6n
gg4bUxCcVqQbT2zHaw7EoSf7+3QI/OSqMQZCLSEaJWt5GOBvjmGD2iE5TnpCuiWZ
sO0VNUq+UPwI1csDYYKTVWb9CYVD81sg2/BgKGpW7esxURZw3wrHa5VpHXiHyaE5
3UaZ7tmmhLFHP7y0seWrNZMVz6jdX/3bac5hOty5RSnSAeQifOOR1HS4RwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHJyHTahhRRldZC1rOHJfyfHBYaAMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvY25JZE5xR0ZGR1Yxa0xXczRjbF9KOGNGaG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKbPSyJssWv0GEsu4Zq1
qTy4GCe4zwUBNYbHLzznRiO3MvauRX701BsM92EtghIh2/C77JYkb08XN7wBiAlZ
Mv8TPHkTFms4UJU/bxDEIp23nYVZyyma/a7V+pRN5f+evyJPX8aN8UIfQEoDsMJz
C0YtwRvfBRVnO0Me8qGG4wrIhyQ+92WWukX4KiTYUMAvg3dFOTle/Wz4arHcKEgg
q0W1Es6bc+Z92oOGHIhoQRn4d/UFwvg7bIHrdIzBwvIGJTTp7/aZBBcYkubOUKTv
B5l2V1t0jNdNPpoT3KJuIXyopMJM/HiWaXwejHWvpGlTbCenv1nnnFf8sbDf0vWn
d7I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org