Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/i8VtyOL2EsuYmvzajhFjA7IWES4.roa
File: i8VtyOL2EsuYmvzajhFjA7IWES4.roa (raw, json)
Hash identifier: k1eTJih0xg6hFjaYtLoeb34oxwah9g50t7cptcxdvgs=
Subject key identifier: 8B:C5:6D:C8:E2:F6:12:CB:98:9A:FC:DA:8E:11:63:03:B2:16:11:2E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8F0D9B39D7AAE069C301CF5FD9A6D584
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/i8VtyOL2EsuYmvzajhFjA7IWES4.roa
Signing time: Sun 19 May 2024 04:13:04 +0000
ROA not before: Sun 19 May 2024 04:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8f:0d:9b:39:d7:aa:e0:69:c3:01:cf:5f:d9:a6:d5:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 19 04:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bc56dc8e2f612cb989afcda8e116303b216112e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ff:c3:3a:f7:37:c4:2a:3c:aa:58:5f:d2:5c:
d5:35:bb:1a:4d:78:9e:7d:6e:5c:7f:f9:2d:3e:04:
71:c9:80:d5:39:5b:21:16:33:aa:65:47:d8:4b:07:
a2:bb:a9:d5:95:cf:e6:8f:ad:52:45:18:f8:56:0a:
38:80:95:b1:77:d8:c2:23:8c:c3:9d:e3:5e:5c:2e:
be:c3:c0:b2:b3:ef:39:87:ae:15:fa:fb:c8:cb:3c:
44:c0:e3:15:af:ff:c1:9d:1e:2b:75:c7:61:56:45:
c4:bf:b7:45:6b:66:a3:8a:f3:3b:c9:de:35:4c:c7:
3e:b4:21:1e:67:6e:29:88:9a:7e:e5:8c:33:c3:ed:
21:5a:e1:1c:ea:8b:10:7e:a1:ba:7d:15:3b:83:c6:
81:0b:e0:e3:be:fc:17:e7:91:3e:36:cc:75:9f:32:
f9:1b:7a:41:9d:dd:e3:76:b4:d2:81:60:60:03:6b:
62:c6:ab:26:be:fb:56:49:79:f5:24:cd:de:a8:07:
95:75:45:48:24:ad:d1:7a:47:11:1f:e5:fe:b5:1e:
ca:6a:7d:5b:b1:61:df:1c:ff:d4:c6:1f:28:2d:6a:
ff:7f:89:51:93:45:7f:05:ac:85:60:c9:98:a6:50:
7d:b4:5d:52:01:aa:b8:cc:4a:c9:45:e2:bc:4e:ea:
f3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:C5:6D:C8:E2:F6:12:CB:98:9A:FC:DA:8E:11:63:03:B2:16:11:2E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/i8VtyOL2EsuYmvzajhFjA7IWES4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:a1:b9:47:d0:6f:08:d0:bb:0d:ff:71:11:6b:08:05:bd:b6:
b9:82:79:90:d4:5a:a7:a7:c9:8f:ae:00:c0:5c:cd:b5:4c:43:
93:08:2d:3a:a9:ce:42:6b:c3:d0:3d:50:95:1b:2a:78:42:9b:
c3:a0:62:60:14:60:2f:32:b9:d9:a7:bd:56:5f:8a:2d:ae:57:
26:f5:08:96:f8:f1:b9:e2:af:34:84:1d:7c:e6:41:af:05:35:
0b:aa:57:47:3b:52:ae:57:d0:8a:e3:07:c5:7f:c3:e2:c2:e0:
17:02:a4:fb:cd:ab:57:e0:07:c7:87:8f:7d:b8:73:fe:3f:97:
0e:e9:f5:b8:d6:1e:9a:81:f0:47:1b:08:f4:76:6f:0e:84:b7:
22:30:a6:d3:2a:8e:40:db:66:73:c3:58:f9:14:36:af:e6:1c:
be:f4:d3:b8:ee:f8:75:43:15:a2:33:90:76:ae:2f:46:63:7b:
ff:25:dd:be:b9:11:cd:21:7e:4b:87:41:83:d5:8f:3f:84:b6:
8a:4d:d1:bb:11:90:d2:07:94:c3:03:b6:3d:5c:ff:52:4c:81:
57:d8:c9:64:a1:04:99:ac:d1:14:69:b4:cb:9b:7b:7d:c3:cf:
17:6f:b1:5f:ca:01:95:3c:40:30:a3:ef:73:ff:97:13:30:51:
a2:c7:cf:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+PDZs516rgacMBz1/ZptWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE5MDQxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmM1NmRjOGUyZjYxMmNiOTg5YWZjZGE4ZTExNjMwM2IyMTYxMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwf/DOvc3xCo8qlhf0lzVNbsaTXie
fW5cf/ktPgRxyYDVOVshFjOqZUfYSweiu6nVlc/mj61SRRj4Vgo4gJWxd9jCI4zD
neNeXC6+w8Cys+85h64V+vvIyzxEwOMVr//BnR4rdcdhVkXEv7dFa2ajivM7yd41
TMc+tCEeZ24piJp+5Ywzw+0hWuEc6osQfqG6fRU7g8aBC+DjvvwX55E+Nsx1nzL5
G3pBnd3jdrTSgWBgA2tixqsmvvtWSXn1JM3eqAeVdUVIJK3RekcRH+X+tR7Kan1b
sWHfHP/Uxh8oLWr/f4lRk0V/BayFYMmYplB9tF1SAaq4zErJReK8TurzYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIvFbcji9hLLmJr82o4RYwOyFhEuMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvaThWdHlPTDJFc3VZbXZ6YWpoRmpBN0lXRVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABOhuUfQbwjQuw3/cRFr
CAW9trmCeZDUWqenyY+uAMBczbVMQ5MILTqpzkJrw9A9UJUbKnhCm8OgYmAUYC8y
udmnvVZfii2uVyb1CJb48bnirzSEHXzmQa8FNQuqV0c7Uq5X0IrjB8V/w+LC4BcC
pPvNq1fgB8eHj324c/4/lw7p9bjWHpqB8EcbCPR2bw6EtyIwptMqjkDbZnPDWPkU
Nq/mHL7007ju+HVDFaIzkHauL0Zje/8l3b65Ec0hfkuHQYPVjz+EtopN0bsRkNIH
lMMDtj1c/1JMgVfYyWShBJms0RRptMube33DzxdvsV/KAZU8QDCj73P/lxMwUaLH
z1g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org