Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/hrU8pvkBir2reQCUkixHYtCj0IY.roa
File: hrU8pvkBir2reQCUkixHYtCj0IY.roa (raw, json)
Hash identifier: mzXg/QVnUzoZeQg9/IDCIEEWO5qWaoGUAn7HaPh+f6s=
Subject key identifier: 86:B5:3C:A6:F9:01:8A:BD:AB:79:00:94:92:2C:47:62:D0:A3:D0:86
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F249EF0662AF590BAC21B51910A1113DD
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/hrU8pvkBir2reQCUkixHYtCj0IY.roa
Signing time: Sun 28 Apr 2024 12:12:27 +0000
ROA not before: Sun 28 Apr 2024 12:12:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:24:9e:f0:66:2a:f5:90:ba:c2:1b:51:91:0a:11:13:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 28 12:12:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86b53ca6f9018abdab790094922c4762d0a3d086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e0:60:ef:5f:f8:2a:df:a5:d7:04:40:10:e8:
de:34:fa:89:8a:9e:99:ac:e5:12:69:b5:57:54:c8:
22:6f:a9:98:14:4e:7b:b1:36:60:ac:8c:e7:1c:85:
77:2e:e1:1b:40:b8:15:3e:3c:44:0c:0c:9a:59:ca:
8c:c1:3c:90:34:df:c6:66:0d:9e:93:aa:7d:e7:2c:
3d:7e:58:01:be:51:c5:9b:6e:04:3f:d2:09:e1:d1:
f9:bf:99:1d:b7:74:af:c2:5c:f7:ba:f2:47:69:28:
f5:01:28:80:1e:fe:85:cc:a7:58:f2:60:7b:32:8a:
1a:36:82:98:97:82:45:99:a5:20:18:a2:1e:6f:af:
b0:94:a1:62:57:e7:b9:09:24:90:a0:88:ad:c3:52:
84:cb:d3:5a:77:13:c8:96:77:f8:1a:91:d5:89:14:
52:4b:80:22:c5:10:4d:bc:44:29:25:11:1b:a0:fc:
e8:84:6d:47:5b:62:1f:90:18:6c:93:ce:2d:7d:59:
5c:79:82:6c:21:59:c5:ad:22:65:bd:c1:27:6d:6a:
12:bf:ed:7d:67:27:63:29:fc:8c:8d:45:ff:b8:f4:
ae:1b:68:9f:b6:ef:3b:1c:c3:86:70:b2:bd:66:48:
35:33:7f:35:fe:8f:c9:3e:f6:24:ed:4a:fc:52:a8:
f0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B5:3C:A6:F9:01:8A:BD:AB:79:00:94:92:2C:47:62:D0:A3:D0:86
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/hrU8pvkBir2reQCUkixHYtCj0IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
91:aa:7d:6b:07:88:ff:ba:1b:12:ce:8a:d0:58:71:a9:b1:0b:
b5:43:e4:ca:3d:b1:72:a7:1b:52:ad:14:ba:62:9e:48:36:88:
93:e8:0c:b0:13:85:a9:d1:d6:9f:39:2d:f6:08:52:4b:64:82:
c7:cf:e1:c4:b7:a7:8e:32:4e:fa:06:5c:5f:7a:60:75:51:3b:
bd:7a:48:cf:4c:fe:55:d0:81:8c:64:70:1b:95:4c:49:5a:fd:
ae:24:d4:cc:82:94:36:8d:a3:4c:db:87:93:7a:75:8b:12:76:
a9:93:48:56:95:37:bc:0b:b1:18:d1:b1:c0:a2:dc:41:8a:37:
10:b3:20:ae:73:41:d6:a9:b7:c6:5b:7a:1b:cb:a2:86:5e:08:
b9:31:98:ed:e2:b3:ec:2e:d6:0d:85:fd:30:c4:00:70:b4:8e:
f7:83:fa:41:95:b3:1a:06:b3:9c:bf:df:cf:7c:91:f8:39:7f:
1e:e2:a9:e5:50:02:b3:a0:e5:90:d8:d4:b4:54:53:b0:45:03:
83:07:f9:30:df:69:fb:04:ad:a5:47:0e:30:db:55:d1:af:50:
10:20:ca:27:ad:2d:2c:65:4c:b7:ea:63:c3:b8:93:8d:4c:8a:
8c:49:2f:4d:fe:3e:31:f4:1b:4c:47:b8:69:55:b7:c3:11:0d:
84:1f:17:a3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8knvBmKvWQusIbUZEKERPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI4MTIxMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmI1M2NhNmY5MDE4YWJkYWI3OTAwOTQ5MjJjNDc2MmQwYTNkMDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOBg71/4Kt+l1wRAEOjeNPqJip6Z
rOUSabVXVMgib6mYFE57sTZgrIznHIV3LuEbQLgVPjxEDAyaWcqMwTyQNN/GZg2e
k6p95yw9flgBvlHFm24EP9IJ4dH5v5kdt3Svwlz3uvJHaSj1ASiAHv6FzKdY8mB7
MooaNoKYl4JFmaUgGKIeb6+wlKFiV+e5CSSQoIitw1KEy9NadxPIlnf4GpHViRRS
S4AixRBNvEQpJREboPzohG1HW2IfkBhsk84tfVlceYJsIVnFrSJlvcEnbWoSv+19
ZydjKfyMjUX/uPSuG2iftu87HMOGcLK9Zkg1M381/o/JPvYk7Ur8UqjwUwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIa1PKb5AYq9q3kAlJIsR2LQo9CGMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvaHJVOHB2a0JpcjJyZVFDVWtpeEhZdENqMElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQCRqn1r
B4j/uhsSzorQWHGpsQu1Q+TKPbFypxtSrRS6Yp5INoiT6AywE4Wp0dafOS32CFJL
ZILHz+HEt6eOMk76BlxfemB1UTu9ekjPTP5V0IGMZHAblUxJWv2uJNTMgpQ2jaNM
24eTenWLEnapk0hWlTe8C7EY0bHAotxBijcQsyCuc0HWqbfGW3oby6KGXgi5MZjt
4rPsLtYNhf0wxABwtI73g/pBlbMaBrOcv9/PfJH4OX8e4qnlUAKzoOWQ2NS0VFOw
RQODB/kw32n7BK2lRw4w21XRr1AQIMonrS0sZUy36mPDuJONTIqMSS9N/j4x9BtM
R7hpVbfDEQ2EHxej
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org