Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/j-UNsdwmpfJAjRiSoJYIOcSnJOA.roa
File: j-UNsdwmpfJAjRiSoJYIOcSnJOA.roa (raw, json)
Hash identifier: TMNzxt70/nlMlOGhaXWjWCviCgxn4vGsTSlJsNtIWls=
Subject key identifier: 8F:E5:0D:B1:DC:26:A5:F2:40:8D:18:92:A0:96:08:39:C4:A7:24:E0
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F99C65B47836109CFA7DFFF103B1C8837
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/j-UNsdwmpfJAjRiSoJYIOcSnJOA.roa
Signing time: Tue 21 May 2024 06:11:04 +0000
ROA not before: Tue 21 May 2024 06:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:99:c6:5b:47:83:61:09:cf:a7:df:ff:10:3b:1c:88:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 06:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fe50db1dc26a5f2408d1892a0960839c4a724e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:61:0d:79:78:2f:6d:8b:6e:31:e2:c7:74:19:
8d:b9:19:56:72:b2:7d:e8:07:92:cf:30:15:39:f5:
91:19:26:9f:8f:8c:99:dd:12:a0:c7:c3:a9:9b:56:
1c:fd:a0:6e:7f:fb:07:dc:51:59:e3:31:79:c4:9f:
9a:1c:8b:48:cf:f3:32:49:76:d3:5b:77:d7:62:50:
64:cb:2c:1c:e1:b6:8d:fa:f5:45:59:41:a6:93:41:
2a:be:b3:36:d3:a3:fb:bf:9e:2b:be:b9:1f:a7:75:
2e:0e:b0:23:87:6b:99:4c:1a:65:b9:a3:44:30:f5:
fc:11:0c:89:b0:9a:10:2c:ee:46:1e:60:1c:19:2b:
96:e5:50:43:ec:16:4f:83:4b:ba:36:d0:13:d2:b5:
00:48:80:af:52:e4:d9:b3:94:08:c5:a6:df:b5:36:
78:c4:62:71:59:37:e8:03:97:5b:7e:fa:01:ce:07:
d3:a8:18:1b:fd:ef:b0:20:44:07:75:1f:72:28:f0:
d2:7a:69:46:5d:a6:fc:e1:c6:fa:99:1c:89:8d:61:
86:76:96:bc:36:d2:4f:ec:3c:2a:36:d9:7b:a4:3a:
5e:11:4f:0a:bd:7e:76:ec:6b:8d:f7:51:ed:48:81:
39:33:e1:68:ed:d5:83:a6:89:86:0d:af:df:45:60:
2b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E5:0D:B1:DC:26:A5:F2:40:8D:18:92:A0:96:08:39:C4:A7:24:E0
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/j-UNsdwmpfJAjRiSoJYIOcSnJOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:a6:df:f4:1d:18:4f:03:47:25:f7:1d:60:ea:f7:6a:59:5e:
03:0c:c5:a4:fd:85:ca:f2:a1:c8:1c:b6:80:a5:52:b3:f8:c2:
5c:35:17:ee:67:33:bc:f3:e7:a5:cb:05:9c:f7:39:f3:fb:05:
5e:41:a3:31:1f:e3:a9:7a:4e:6f:ed:1c:7b:c9:17:55:f0:22:
33:46:ef:7b:f5:ad:d7:01:2f:31:60:b3:cf:d7:fd:d6:84:c8:
1f:13:31:41:0c:2a:57:dc:e9:dc:7a:c9:c7:23:69:68:9c:5f:
4d:1e:50:b3:73:1f:26:12:b5:bf:29:53:d7:d4:58:75:43:33:
aa:6d:8f:53:a6:30:9b:00:a4:96:53:98:6d:bc:a4:05:d5:dd:
6a:9e:89:59:4a:c4:b8:98:b3:3d:03:6b:15:ee:87:aa:73:87:
39:b6:df:3a:23:6f:43:08:b0:a5:f6:b9:4a:11:27:a1:5d:14:
63:84:a7:d1:14:62:6a:e9:5c:59:a7:ec:c3:e5:fe:fa:3c:6c:
ae:3a:c6:d9:44:eb:70:e3:af:07:2e:ec:40:3c:15:25:5a:9c:
e7:c6:a4:64:7c:e5:8b:08:6f:2d:7b:b2:7a:8d:27:32:d4:5b:
73:ed:c6:ca:1d:24:8f:ec:c3:38:22:07:51:49:d0:1a:5a:62:
3d:8c:5d:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+ZxltHg2EJz6ff/xA7HIg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMDYxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmU1MGRiMWRjMjZhNWYyNDA4ZDE4OTJhMDk2MDgzOWM0YTcyNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumENeXgvbYtuMeLHdBmNuRlWcrJ9
6AeSzzAVOfWRGSafj4yZ3RKgx8Opm1Yc/aBuf/sH3FFZ4zF5xJ+aHItIz/MySXbT
W3fXYlBkyywc4baN+vVFWUGmk0EqvrM206P7v54rvrkfp3UuDrAjh2uZTBpluaNE
MPX8EQyJsJoQLO5GHmAcGSuW5VBD7BZPg0u6NtAT0rUASICvUuTZs5QIxabftTZ4
xGJxWTfoA5dbfvoBzgfTqBgb/e+wIEQHdR9yKPDSemlGXab84cb6mRyJjWGGdpa8
NtJP7DwqNtl7pDpeEU8KvX527GuN91HtSIE5M+Fo7dWDpomGDa/fRWArywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI/lDbHcJqXyQI0YkqCWCDnEpyTgMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvai1VTnNkd21wZkpBalJpU29KWUlPY1NuSk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKam3/QdGE8DRyX3HWDq
92pZXgMMxaT9hcryocgctoClUrP4wlw1F+5nM7zz56XLBZz3OfP7BV5BozEf46l6
Tm/tHHvJF1XwIjNG73v1rdcBLzFgs8/X/daEyB8TMUEMKlfc6dx6yccjaWicX00e
ULNzHyYStb8pU9fUWHVDM6ptj1OmMJsApJZTmG28pAXV3WqeiVlKxLiYsz0DaxXu
h6pzhzm23zojb0MIsKX2uUoRJ6FdFGOEp9EUYmrpXFmn7MPl/vo8bK46xtlE63Dj
rwcu7EA8FSVanOfGpGR85YsIby17snqNJzLUW3PtxsodJI/swzgiB1FJ0BpaYj2M
XXE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org