Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/dyM90rfL9KP3o64wrpGAL4acGSs.roa
File: dyM90rfL9KP3o64wrpGAL4acGSs.roa (raw, json)
Hash identifier: HdJZgo7No9bM0pTMIbhhho8LG/ACglj/hr9EQ+iVRWs=
Subject key identifier: 77:23:3D:D2:B7:CB:F4:A3:F7:A3:AE:30:AE:91:80:2F:86:9C:19:2B
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F7D749DD43382CC9A01B2913E7C83015C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/dyM90rfL9KP3o64wrpGAL4acGSs.roa
Signing time: Wed 15 May 2024 18:12:25 +0000
ROA not before: Wed 15 May 2024 18:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7d:74:9d:d4:33:82:cc:9a:01:b2:91:3e:7c:83:01:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 15 18:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77233dd2b7cbf4a3f7a3ae30ae91802f869c192b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f7:9f:69:15:72:eb:e3:84:5b:e0:f1:0b:39:
83:c8:bb:9f:38:05:23:55:9a:fe:8e:da:92:a8:ca:
35:74:d5:67:38:08:35:b4:7f:ec:6e:f9:2c:5c:7f:
bd:ec:85:5d:09:c8:f5:f7:23:05:21:df:7c:42:dc:
1d:c5:a0:9a:6e:a6:82:86:58:75:9a:18:a9:48:f8:
ff:49:3a:5c:07:17:16:02:6b:12:9a:ac:bf:38:55:
db:2f:94:47:1c:c0:08:2e:00:c8:4d:fe:c1:85:10:
8d:79:42:6c:8a:03:be:3a:ad:3c:83:94:2b:b4:52:
17:dd:77:60:72:82:57:8c:29:7d:dd:27:f2:ed:46:
41:d3:1c:e1:f5:bb:58:5d:8c:f7:53:f9:92:e6:dd:
a1:35:a0:1f:53:5e:b3:eb:ac:31:9b:05:98:99:62:
96:3a:43:39:e7:b5:c9:30:49:d8:49:36:ff:3f:74:
5c:55:2d:86:58:e1:f7:c1:f8:bd:c4:13:54:41:b5:
97:a8:ac:2f:d5:93:1f:16:d9:f1:1e:8b:4c:dd:9c:
51:f6:f4:de:3e:da:02:58:78:5e:ec:f7:2e:5f:18:
79:8a:5a:61:50:a5:b6:7b:e8:d0:41:57:2b:9e:b9:
21:1e:28:e4:be:ac:74:83:0d:f5:18:4c:b4:8e:51:
62:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:23:3D:D2:B7:CB:F4:A3:F7:A3:AE:30:AE:91:80:2F:86:9C:19:2B
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/dyM90rfL9KP3o64wrpGAL4acGSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:44:f2:18:1c:3f:6a:49:27:4a:83:bd:81:87:45:03:37:8a:
d2:ff:16:ce:63:0e:4d:42:69:1a:28:e1:5c:4c:e2:62:04:f9:
19:4f:5c:bd:80:61:b4:b5:20:4b:be:ef:ca:7b:6e:86:61:71:
6b:c0:a7:a9:5c:36:a9:67:bf:3c:e8:f2:f2:17:de:0f:f9:be:
bf:a5:dd:52:7a:9e:18:8d:a1:ea:dd:7c:fe:e8:80:94:58:e9:
1a:59:1f:ef:c3:16:46:0b:95:7b:27:57:0c:73:8b:39:ce:0b:
d5:c0:84:a5:e2:37:87:3e:c3:e6:be:6b:cd:b9:cd:36:7d:a2:
c4:bb:5a:25:29:90:19:8c:f4:5c:8f:5d:4a:49:e3:0b:74:84:
92:af:72:b4:8a:75:ad:44:2b:84:57:13:9d:f4:84:30:da:8f:
89:ba:a7:76:0b:30:71:82:0f:5b:af:32:d3:4a:ad:68:c5:6a:
ba:43:99:e4:db:ec:91:5e:09:af:92:2d:23:c5:c5:85:35:ae:
ab:56:c7:70:96:c1:8b:90:a5:49:c8:37:48:ed:76:53:40:ef:
19:2c:17:87:63:1d:44:3f:00:41:a6:82:ad:ed:6e:ba:e5:85:
af:91:b4:58:7a:db:13:f1:b0:59:98:83:17:c4:5c:c3:1f:9d:
f5:78:83:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY99dJ3UM4LMmgGykT58gwFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE1MTgxMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzIzM2RkMmI3Y2JmNGEzZjdhM2FlMzBhZTkxODAyZjg2OWMxOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvefaRVy6+OEW+DxCzmDyLufOAUj
VZr+jtqSqMo1dNVnOAg1tH/sbvksXH+97IVdCcj19yMFId98QtwdxaCabqaChlh1
mhipSPj/STpcBxcWAmsSmqy/OFXbL5RHHMAILgDITf7BhRCNeUJsigO+Oq08g5Qr
tFIX3XdgcoJXjCl93Sfy7UZB0xzh9btYXYz3U/mS5t2hNaAfU16z66wxmwWYmWKW
OkM557XJMEnYSTb/P3RcVS2GWOH3wfi9xBNUQbWXqKwv1ZMfFtnxHotM3ZxR9vTe
PtoCWHhe7PcuXxh5ilphUKW2e+jQQVcrnrkhHijkvqx0gw31GEy0jlFi/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHcjPdK3y/Sj96OuMK6RgC+GnBkrMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZHlNOTByZkw5S1AzbzY0d3JwR0FMNGFjR1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKtE8hgcP2pJJ0qDvYGH
RQM3itL/Fs5jDk1CaRoo4VxM4mIE+RlPXL2AYbS1IEu+78p7boZhcWvAp6lcNqln
vzzo8vIX3g/5vr+l3VJ6nhiNoerdfP7ogJRY6RpZH+/DFkYLlXsnVwxziznOC9XA
hKXiN4c+w+a+a825zTZ9osS7WiUpkBmM9FyPXUpJ4wt0hJKvcrSKda1EK4RXE530
hDDaj4m6p3YLMHGCD1uvMtNKrWjFarpDmeTb7JFeCa+SLSPFxYU1rqtWx3CWwYuQ
pUnIN0jtdlNA7xksF4djHUQ/AEGmgq3tbrrlha+RtFh62xPxsFmYgxfEXMMfnfV4
g28=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org