Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fQuWYM2mWu8C10j3LYaS2vZq3k0.roa
File: fQuWYM2mWu8C10j3LYaS2vZq3k0.roa (raw, json)
Hash identifier: ovZiW0EPaY3tyIGyprvYoyueUapcCQTQI4NelIoma3Y=
Subject key identifier: 7D:0B:96:60:CD:A6:5A:EF:02:D7:48:F7:2D:86:92:DA:F6:6A:DE:4D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F31EBCE5B7BB8D2614403C5E58C3FE2E1
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fQuWYM2mWu8C10j3LYaS2vZq3k0.roa
Signing time: Wed 01 May 2024 02:11:28 +0000
ROA not before: Wed 01 May 2024 02:11:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:31:eb:ce:5b:7b:b8:d2:61:44:03:c5:e5:8c:3f:e2:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 1 02:11:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d0b9660cda65aef02d748f72d8692daf66ade4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b7:d7:01:94:18:2a:51:9a:1a:5f:93:90:83:
83:e2:3e:85:7a:6d:72:b0:58:f0:39:d5:cf:84:62:
dd:6c:ce:a3:0f:47:11:8c:7b:e9:9c:66:17:ae:cf:
89:df:a1:06:17:2a:34:2f:15:a7:53:a5:09:14:16:
70:ac:25:6e:6f:2c:93:d6:4e:c0:dc:c9:55:8f:8a:
be:e8:56:a0:e0:7f:d3:dd:d0:d5:48:96:64:76:df:
24:75:17:4d:bc:40:ce:1f:70:2b:19:5f:15:cc:b9:
61:1c:db:44:33:42:41:86:bc:1f:cc:8f:ac:14:62:
60:ba:55:86:4b:b4:b9:68:ce:81:06:19:cd:b6:f4:
70:09:c9:09:9a:1a:61:a1:ef:ed:81:3f:f0:f6:09:
82:c2:26:79:74:05:6f:a4:b8:f4:7c:f1:19:5f:b4:
72:a6:a4:82:50:df:2b:e4:dc:ef:e9:04:95:0e:15:
74:3c:df:a3:95:2b:b3:ca:6b:9a:1b:20:f9:49:a4:
3d:4f:e6:1c:9d:70:6e:b5:c1:d2:05:94:82:1b:87:
cb:cc:38:0e:e7:52:48:6a:b9:bd:0f:29:87:02:8e:
f5:a8:98:d3:23:5d:f2:e1:c4:30:a7:35:3b:76:98:
14:9a:10:5d:d6:df:64:b3:e4:c8:ca:58:e7:c3:c7:
30:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:0B:96:60:CD:A6:5A:EF:02:D7:48:F7:2D:86:92:DA:F6:6A:DE:4D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fQuWYM2mWu8C10j3LYaS2vZq3k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:71:c2:84:ae:bb:08:8e:68:f9:b3:f3:f5:8b:79:ee:9c:0f:
70:c9:c5:f5:8a:40:4c:6a:ef:06:2a:a2:c4:55:d8:86:65:90:
a4:00:f7:39:4a:e5:c2:d8:ae:9f:ed:f4:72:fd:30:97:c1:58:
3b:02:48:b8:d4:9f:1e:7b:45:a3:b8:d8:74:19:a4:4d:c5:8c:
1a:6c:bb:d8:6d:6c:a6:d6:90:cf:9e:fa:82:96:56:f9:7a:86:
c2:f6:67:1d:4e:e9:46:0b:09:3c:79:bb:1f:64:bf:12:de:52:
d5:e5:35:4c:5f:95:42:6e:ea:f5:69:d5:b0:0e:64:61:34:87:
21:da:a7:45:56:95:1b:3a:fa:a7:36:65:d0:db:a8:90:14:11:
09:ba:f6:a7:51:3c:0b:09:6b:73:3b:14:a4:02:34:29:19:4c:
4b:e6:8f:2d:56:03:59:be:5a:a9:b3:d7:12:ec:54:c2:69:03:
11:16:5e:f5:75:08:37:39:fe:57:53:12:07:52:e9:56:6d:99:
dd:ff:00:61:1a:75:3e:cd:fc:94:29:78:7f:f5:04:87:2f:f2:
95:77:bb:65:ed:d5:40:1c:df:a6:cf:cf:0f:d2:4f:38:62:4a:
fe:34:5c:21:2e:03:4a:f6:69:80:ac:f5:5f:d4:df:e1:6d:e1:
d8:02:55:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8x685be7jSYUQDxeWMP+LhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAxMDIxMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDBiOTY2MGNkYTY1YWVmMDJkNzQ4ZjcyZDg2OTJkYWY2NmFkZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrfXAZQYKlGaGl+TkIOD4j6Fem1y
sFjwOdXPhGLdbM6jD0cRjHvpnGYXrs+J36EGFyo0LxWnU6UJFBZwrCVubyyT1k7A
3MlVj4q+6Fag4H/T3dDVSJZkdt8kdRdNvEDOH3ArGV8VzLlhHNtEM0JBhrwfzI+s
FGJgulWGS7S5aM6BBhnNtvRwCckJmhphoe/tgT/w9gmCwiZ5dAVvpLj0fPEZX7Ry
pqSCUN8r5Nzv6QSVDhV0PN+jlSuzymuaGyD5SaQ9T+YcnXButcHSBZSCG4fLzDgO
51JIarm9DymHAo71qJjTI13y4cQwpzU7dpgUmhBd1t9ks+TIyljnw8cw5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH0LlmDNplrvAtdI9y2Gktr2at5NMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZlF1V1lNMm1XdThDMTBqM0xZYVMydlpxM2swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADVxwoSuuwiOaPmz8/WL
ee6cD3DJxfWKQExq7wYqosRV2IZlkKQA9zlK5cLYrp/t9HL9MJfBWDsCSLjUnx57
RaO42HQZpE3FjBpsu9htbKbWkM+e+oKWVvl6hsL2Zx1O6UYLCTx5ux9kvxLeUtXl
NUxflUJu6vVp1bAOZGE0hyHap0VWlRs6+qc2ZdDbqJAUEQm69qdRPAsJa3M7FKQC
NCkZTEvmjy1WA1m+Wqmz1xLsVMJpAxEWXvV1CDc5/ldTEgdS6VZtmd3/AGEadT7N
/JQpeH/1BIcv8pV3u2Xt1UAc36bPzw/STzhiSv40XCEuA0r2aYCs9V/U3+Ft4dgC
VQA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org