Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/eQs8kuFFKIO1PPxR_jBoOhF_GQQ.roa
File: eQs8kuFFKIO1PPxR_jBoOhF_GQQ.roa (raw, json)
Hash identifier: rFOP/ctEVBEq0NqKGOEDE41ait5/OHMX5OPVxYBCrh0=
Subject key identifier: 79:0B:3C:92:E1:45:28:83:B5:3C:FC:51:FE:30:68:3A:11:7F:19:04
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018EFDFD21E01DEA7133D1E793A2963BC2FE
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/eQs8kuFFKIO1PPxR_jBoOhF_GQQ.roa
Signing time: Sun 21 Apr 2024 00:10:08 +0000
ROA not before: Sun 21 Apr 2024 00:10:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fd:fd:21:e0:1d:ea:71:33:d1:e7:93:a2:96:3b:c2:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 21 00:10:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=790b3c92e1452883b53cfc51fe30683a117f1904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f2:eb:1b:06:44:15:b5:12:a4:da:97:e5:b6:
48:7d:26:2c:9e:3d:18:ed:60:68:3a:08:8c:4f:95:
a8:20:fd:56:18:3f:c2:ba:28:57:92:e6:f0:4d:5e:
0c:fa:bc:80:0c:38:5b:d5:f4:88:19:4c:3a:d5:08:
6e:4a:af:5f:92:75:62:fe:41:53:23:54:ab:9a:23:
d9:ac:72:fb:71:bf:fa:d6:ee:3f:df:79:b8:22:b2:
0d:64:5f:da:d4:d2:2a:e6:ea:b1:cd:a6:0d:57:ad:
3d:9e:79:eb:a1:77:0d:9a:a2:08:70:70:22:c3:3a:
34:1b:dc:8f:95:e5:08:9d:28:ee:e4:bf:4f:f0:d7:
bd:84:7e:f1:b6:b0:34:44:9e:ad:62:ff:32:b6:8b:
3e:6d:10:90:e3:86:f0:f1:6e:66:7a:96:41:58:a4:
90:24:7d:74:c6:fd:bf:35:1d:2b:15:e5:ca:da:5f:
ed:a7:81:93:d6:ef:b0:05:40:e7:70:1d:a9:7d:ae:
22:ef:6b:a2:d2:9f:17:71:77:7a:28:c3:5a:78:27:
00:bb:a7:f4:ec:cb:32:7e:14:51:51:39:4a:ba:a1:
d5:f3:fa:92:05:cb:bf:e1:97:e2:63:bc:96:44:65:
90:ad:9b:10:89:5e:06:2b:0c:50:b1:ff:c4:2c:d4:
b6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:0B:3C:92:E1:45:28:83:B5:3C:FC:51:FE:30:68:3A:11:7F:19:04
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/eQs8kuFFKIO1PPxR_jBoOhF_GQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
Signature Algorithm: sha256WithRSAEncryption
30:8b:54:88:6b:4a:2d:e9:ea:18:f1:08:aa:9e:0b:41:5c:0d:
50:3d:54:b8:bd:83:09:e0:fd:f2:2e:17:ee:d7:8d:ed:a2:25:
c2:b0:ad:5b:09:ac:26:e7:1b:55:75:f5:6a:45:23:19:0b:bf:
dd:e3:61:d4:8c:14:77:0b:04:ea:e9:4b:37:7a:79:ac:6e:ce:
0a:97:7b:8f:a3:f0:d9:96:60:05:6c:83:ab:b6:f4:44:97:6d:
ea:8e:d5:ed:78:47:48:49:6f:10:e3:d1:ba:6e:bc:b8:d2:14:
11:e1:f6:ed:35:23:68:41:77:76:e8:80:9a:59:90:30:3d:19:
27:5a:ff:ea:4e:22:23:39:7d:67:30:22:6a:40:07:e1:b7:bd:
02:64:67:b7:dd:0e:f1:93:9e:87:bf:40:d9:c2:8c:98:eb:7f:
cf:fe:fa:dc:35:50:45:20:ce:05:d0:07:dc:5c:74:96:5b:0a:
24:58:ae:f5:c9:e6:28:51:44:63:d2:5c:5b:a3:89:44:0b:01:
6d:37:17:4a:41:9e:fc:91:51:c3:73:85:1d:09:73:ac:cf:e6:
ca:07:a1:15:c1:1f:e9:9f:87:88:a0:94:3f:cf:91:fb:1c:22:
34:75:3a:55:c8:78:d0:6e:03:b2:6f:42:37:92:9b:b4:7d:56:
be:17:1b:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY79/SHgHepxM9Hnk6KWO8L+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDIxMDAxMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTBiM2M5MmUxNDUyODgzYjUzY2ZjNTFmZTMwNjgzYTExN2YxOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfLrGwZEFbUSpNqX5bZIfSYsnj0Y
7WBoOgiMT5WoIP1WGD/CuihXkubwTV4M+ryADDhb1fSIGUw61QhuSq9fknVi/kFT
I1SrmiPZrHL7cb/61u4/33m4IrINZF/a1NIq5uqxzaYNV609nnnroXcNmqIIcHAi
wzo0G9yPleUInSju5L9P8Ne9hH7xtrA0RJ6tYv8ytos+bRCQ44bw8W5mepZBWKSQ
JH10xv2/NR0rFeXK2l/tp4GT1u+wBUDncB2pfa4i72ui0p8XcXd6KMNaeCcAu6f0
7MsyfhRRUTlKuqHV8/qSBcu/4ZfiY7yWRGWQrZsQiV4GKwxQsf/ELNS2zwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHkLPJLhRSiDtTz8Uf4waDoRfxkEMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZVFzOGt1RkZLSU8xUFB4Ul9qQm9PaEZfR1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwQAYMA0G
CSqGSIb3DQEBCwUAA4IBAQAwi1SIa0ot6eoY8QiqngtBXA1QPVS4vYMJ4P3yLhfu
143toiXCsK1bCawm5xtVdfVqRSMZC7/d42HUjBR3CwTq6Us3enmsbs4Kl3uPo/DZ
lmAFbIOrtvREl23qjtXteEdISW8Q49G6bry40hQR4fbtNSNoQXd26ICaWZAwPRkn
Wv/qTiIjOX1nMCJqQAfht70CZGe33Q7xk56Hv0DZwoyY63/P/vrcNVBFIM4F0Afc
XHSWWwokWK71yeYoUURj0lxbo4lECwFtNxdKQZ78kVHDc4UdCXOsz+bKB6EVwR/p
n4eIoJQ/z5H7HCI0dTpVyHjQbgOyb0I3kpu0fVa+Fxvc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org