Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/iV3OuFWwFn3QDVCVGaqNm_yWxaU.roa
File: iV3OuFWwFn3QDVCVGaqNm_yWxaU.roa (raw, json)
Hash identifier: eDUWFgHkxbq+911Q11dptztMQ+w24xZsTSExjLefRb8=
Subject key identifier: 89:5D:CE:B8:55:B0:16:7D:D0:0D:50:95:19:AA:8D:9B:FC:96:C5:A5
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F7AAA823B9D98236F32AB440C2F7A69D6
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/iV3OuFWwFn3QDVCVGaqNm_yWxaU.roa
Signing time: Wed 15 May 2024 05:12:25 +0000
ROA not before: Wed 15 May 2024 05:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7a:aa:82:3b:9d:98:23:6f:32:ab:44:0c:2f:7a:69:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 15 05:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=895dceb855b0167dd00d509519aa8d9bfc96c5a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f2:68:1f:48:f1:2b:21:6f:0d:9b:01:67:da:
f5:c0:da:47:c2:67:d0:40:fb:82:1e:59:7c:5b:da:
71:46:2b:a2:8e:33:16:48:f3:ad:0f:bd:05:5d:9e:
2a:a7:a3:f4:95:5a:14:b2:7d:0e:36:c6:72:83:ec:
4d:de:64:4d:f6:26:43:3b:d4:5c:d5:40:45:f7:a6:
32:a7:da:47:fd:05:98:1c:9a:c6:ec:07:ad:f5:7f:
10:10:b4:91:38:e7:bd:03:0b:fa:1e:e8:70:13:ea:
40:81:b1:e0:d4:26:89:5c:91:07:2d:7a:30:64:ef:
22:ac:a4:60:e4:98:20:a0:1a:c2:3e:5d:12:c4:57:
4c:d1:16:16:ab:9c:95:33:5c:d9:a4:ab:87:15:97:
5f:7c:e8:d5:8c:c6:44:f7:32:a8:98:c2:f5:7a:51:
d3:fd:3d:b9:df:41:ea:65:a4:93:e7:99:a4:9b:d9:
1f:51:2e:0e:da:f6:19:58:ac:97:10:a1:c9:7e:29:
41:63:8f:97:26:90:67:23:a8:57:8b:23:0e:1d:74:
d2:af:9b:17:fd:44:d0:a6:6a:01:ed:ea:39:dd:2c:
d7:08:82:3b:ef:bc:52:81:3c:60:f9:c9:23:12:99:
4a:97:69:b0:47:5f:8c:bc:8c:9c:e1:87:0f:48:ad:
04:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5D:CE:B8:55:B0:16:7D:D0:0D:50:95:19:AA:8D:9B:FC:96:C5:A5
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/iV3OuFWwFn3QDVCVGaqNm_yWxaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b5:ed:59:3e:62:8b:d1:53:f2:6d:b5:e1:a5:5b:a0:9c:6b:b1:
8b:af:ef:41:c1:fe:53:09:37:29:1b:d4:f7:da:f5:41:0e:e0:
10:fd:70:74:9e:48:c5:2e:88:04:c3:77:a7:53:4a:b6:f9:ee:
30:30:b5:8f:c8:0f:ab:9a:ba:ac:5e:55:6f:72:21:aa:22:0d:
37:dc:32:77:d9:56:5a:8f:2b:b4:97:a6:ee:46:bb:03:8e:db:
0b:ef:cc:13:42:83:18:af:05:bd:e6:91:a5:64:dc:3c:5f:c1:
17:bd:a1:ed:ea:d8:b6:2b:68:23:5f:44:eb:70:f6:c3:92:e5:
87:37:8c:2d:01:61:63:bb:a1:68:bb:55:fe:77:24:2b:0b:50:
ca:ec:63:54:c9:69:13:a1:54:e4:35:0b:3b:cd:92:ba:7a:a1:
eb:53:c5:8f:34:aa:9c:c4:f8:09:40:a5:1a:0e:6f:4c:50:f4:
a1:48:19:ae:12:2f:77:64:87:cf:26:24:64:db:2a:77:8f:13:
5e:a4:31:d0:dd:28:88:7d:dc:b8:e0:1e:1f:91:cd:fd:82:c1:
4c:d6:1a:d2:1f:e4:40:66:a7:e5:dc:b7:f9:33:bb:65:a5:80:
23:2e:6d:93:2a:bd:8c:ff:9f:1e:bd:65:c9:ef:3b:50:1e:29:
91:66:29:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY96qoI7nZgjbzKrRAwvemnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE1MDUxMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTVkY2ViODU1YjAxNjdkZDAwZDUwOTUxOWFhOGQ5YmZjOTZjNWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfJoH0jxKyFvDZsBZ9r1wNpHwmfQ
QPuCHll8W9pxRiuijjMWSPOtD70FXZ4qp6P0lVoUsn0ONsZyg+xN3mRN9iZDO9Rc
1UBF96Yyp9pH/QWYHJrG7Aet9X8QELSROOe9Awv6HuhwE+pAgbHg1CaJXJEHLXow
ZO8irKRg5JggoBrCPl0SxFdM0RYWq5yVM1zZpKuHFZdffOjVjMZE9zKomML1elHT
/T2530HqZaST55mkm9kfUS4O2vYZWKyXEKHJfilBY4+XJpBnI6hXiyMOHXTSr5sX
/UTQpmoB7eo53SzXCII777xSgTxg+ckjEplKl2mwR1+MvIyc4YcPSK0EFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIldzrhVsBZ90A1QlRmqjZv8lsWlMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvaVYzT3VGV3dGbjNRRFZDVkdhcU5tX3lXeGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALXtWT5ii9FT8m214aVb
oJxrsYuv70HB/lMJNykb1Pfa9UEO4BD9cHSeSMUuiATDd6dTSrb57jAwtY/ID6ua
uqxeVW9yIaoiDTfcMnfZVlqPK7SXpu5GuwOO2wvvzBNCgxivBb3mkaVk3DxfwRe9
oe3q2LYraCNfROtw9sOS5Yc3jC0BYWO7oWi7Vf53JCsLUMrsY1TJaROhVOQ1CzvN
krp6oetTxY80qpzE+AlApRoOb0xQ9KFIGa4SL3dkh88mJGTbKnePE16kMdDdKIh9
3LjgHh+Rzf2CwUzWGtIf5EBmp+Xct/kzu2WlgCMubZMqvYz/nx69ZcnvO1AeKZFm
KYM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org