Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/gWtVjiqZdkfPPLmxd3Yjzct2x-U.roa
File: gWtVjiqZdkfPPLmxd3Yjzct2x-U.roa (raw, json)
Hash identifier: 7mKmEeXoJUuPhVSyhH+3pIuo8P0LD2rVaQx/+uS+xKA=
Subject key identifier: 81:6B:55:8E:2A:99:76:47:CF:3C:B9:B1:77:76:23:CD:CB:76:C7:E5
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F4B0828B03285C8C852BF20E3919A0326
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/gWtVjiqZdkfPPLmxd3Yjzct2x-U.roa
Signing time: Sun 05 May 2024 23:12:56 +0000
ROA not before: Sun 05 May 2024 23:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4b:08:28:b0:32:85:c8:c8:52:bf:20:e3:91:9a:03:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 5 23:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=816b558e2a997647cf3cb9b1777623cdcb76c7e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:76:96:79:81:d8:21:13:98:f1:05:b4:20:28:
27:d1:c2:7a:4a:49:f4:aa:a9:5d:6d:aa:3c:71:d8:
3b:9c:48:69:9e:1f:6d:6a:63:06:da:a0:22:a2:3a:
ca:8d:e1:4c:6b:5c:a3:b9:9f:4a:af:f7:ca:09:12:
31:8e:eb:5e:81:cf:2e:0b:f8:d0:70:0f:09:ce:6e:
6b:0d:af:1e:2b:e2:1d:7c:56:de:22:04:8c:fb:a5:
a7:14:32:75:b9:95:1e:51:18:76:25:3a:d7:48:af:
f9:4f:37:cc:e5:15:7b:37:a7:7a:7c:56:c0:d1:dc:
f6:d0:75:d0:2b:28:3d:5f:b7:f2:07:a1:d9:22:79:
d4:2a:1b:41:fc:5c:05:2b:75:dc:1a:b3:dd:7e:59:
13:42:c2:9d:13:13:6c:70:c0:3b:4d:15:1f:40:c4:
a5:04:a8:b3:d7:a1:6e:00:ad:39:87:42:d7:23:56:
63:d8:82:9e:57:d4:76:8d:34:d3:07:a5:6f:ed:55:
24:23:f1:71:01:5f:c2:f4:f1:ea:09:37:21:eb:ed:
74:1b:f3:a7:57:98:f1:ee:e3:c1:17:09:86:5a:25:
2a:c7:03:ce:0c:87:d5:63:b9:8f:80:d7:2b:25:7e:
63:36:38:82:5e:8a:6d:92:c6:f1:44:ee:a7:62:fb:
28:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:6B:55:8E:2A:99:76:47:CF:3C:B9:B1:77:76:23:CD:CB:76:C7:E5
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/gWtVjiqZdkfPPLmxd3Yjzct2x-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:1b:30:da:f9:7c:86:2c:9f:09:d3:db:6a:aa:59:79:f2:54:
3a:78:90:12:2e:e9:e1:1a:d0:9b:90:54:8f:79:d4:98:22:4d:
65:cb:92:e7:82:f8:6a:e8:fd:86:e5:1c:a3:66:5c:c3:54:b9:
76:f8:61:0b:0d:31:ec:4d:30:25:ff:cf:17:7d:7d:46:8d:71:
f1:96:07:ef:8b:ad:91:6c:7e:2e:ab:4f:13:79:6c:d2:8e:23:
80:5c:33:06:f8:b5:66:2f:2e:7a:fd:bb:e2:28:03:3d:16:c4:
96:9b:4e:af:ce:b8:e7:b2:c1:37:2e:e2:3a:fe:d1:2e:40:a0:
4d:12:70:96:34:c4:86:fe:c5:e6:d4:da:0c:a6:bf:c6:bf:d6:
fd:c5:d8:01:8e:1c:4d:c3:cb:c6:72:76:52:cc:6c:f5:0b:f8:
a3:38:96:e9:bc:eb:8a:ff:7d:07:49:54:39:99:c9:f9:a1:ed:
72:32:3e:24:40:ac:5f:93:2b:a5:7d:14:31:ae:6e:43:7c:e1:
95:95:95:d0:ba:dc:d8:38:4a:9b:a8:ad:e6:01:c2:97:61:be:
bf:82:5d:3a:75:ae:ac:c4:8f:db:d2:7f:41:a8:af:b0:89:f1:
90:a2:30:ea:7e:63:1b:59:1a:e7:b1:d0:fa:ef:d7:8e:2e:5b:
04:2b:69:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9LCCiwMoXIyFK/IOORmgMmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA1MjMxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTZiNTU4ZTJhOTk3NjQ3Y2YzY2I5YjE3Nzc2MjNjZGNiNzZjN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2naWeYHYIROY8QW0ICgn0cJ6Skn0
qqldbao8cdg7nEhpnh9tamMG2qAiojrKjeFMa1yjuZ9Kr/fKCRIxjutegc8uC/jQ
cA8Jzm5rDa8eK+IdfFbeIgSM+6WnFDJ1uZUeURh2JTrXSK/5TzfM5RV7N6d6fFbA
0dz20HXQKyg9X7fyB6HZInnUKhtB/FwFK3XcGrPdflkTQsKdExNscMA7TRUfQMSl
BKiz16FuAK05h0LXI1Zj2IKeV9R2jTTTB6Vv7VUkI/FxAV/C9PHqCTch6+10G/On
V5jx7uPBFwmGWiUqxwPODIfVY7mPgNcrJX5jNjiCXoptksbxRO6nYvsoDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIFrVY4qmXZHzzy5sXd2I83LdsflMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZ1d0VmppcVpka2ZQUExteGQzWWp6Y3QyeC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADUbMNr5fIYsnwnT22qq
WXnyVDp4kBIu6eEa0JuQVI951JgiTWXLkueC+Gro/YblHKNmXMNUuXb4YQsNMexN
MCX/zxd9fUaNcfGWB++LrZFsfi6rTxN5bNKOI4BcMwb4tWYvLnr9u+IoAz0WxJab
Tq/OuOeywTcu4jr+0S5AoE0ScJY0xIb+xebU2gymv8a/1v3F2AGOHE3Dy8ZydlLM
bPUL+KM4lum864r/fQdJVDmZyfmh7XIyPiRArF+TK6V9FDGubkN84ZWVldC63Ng4
SpuoreYBwpdhvr+CXTp1rqzEj9vSf0Gor7CJ8ZCiMOp+YxtZGuex0Prv144uWwQr
afY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org