Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/j16zY2QprsFsAX4b0FL8krDD27U.roa
File: j16zY2QprsFsAX4b0FL8krDD27U.roa (raw, json)
Hash identifier: CrGmnC+LraBhpV/2wQ4TwmMuLKjnSE1YZ5LH2F7bfTM=
Subject key identifier: 8F:5E:B3:63:64:29:AE:C1:6C:01:7E:1B:D0:52:FC:92:B0:C3:DB:B5
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F51AFF46963962457E1C89985793CA97C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/j16zY2QprsFsAX4b0FL8krDD27U.roa
Signing time: Tue 07 May 2024 06:13:56 +0000
ROA not before: Tue 07 May 2024 06:13:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:51:af:f4:69:63:96:24:57:e1:c8:99:85:79:3c:a9:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 7 06:13:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f5eb3636429aec16c017e1bd052fc92b0c3dbb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:51:53:1d:a1:c3:73:ac:66:f6:95:3d:67:94:
70:c3:42:42:28:ba:5d:cc:17:49:4b:a4:47:45:ef:
da:9e:9d:a4:77:34:9b:76:13:62:f3:6a:a0:b2:cf:
83:3e:70:5d:3c:4e:94:32:d6:50:a9:e7:7d:c0:0f:
5d:0d:2f:8e:18:4b:42:1e:85:8d:d6:a8:5e:ee:43:
46:77:43:da:5d:a9:54:a0:35:66:5e:16:a0:4c:67:
94:17:64:0c:b5:52:ac:a6:78:35:0b:82:71:fd:69:
56:cc:fa:0c:8b:aa:cf:0f:76:a1:cc:11:a6:d3:56:
39:a7:6a:3e:86:36:21:08:14:34:ca:14:06:7c:67:
61:bf:af:23:af:67:99:c4:96:f6:a3:67:c0:db:37:
ff:63:8e:36:de:98:de:8c:04:4f:30:fb:6d:41:83:
7d:e6:72:8a:6e:2c:b3:b6:8c:3d:ee:8c:67:05:45:
a1:11:a4:23:1c:62:58:8e:88:96:c4:30:83:c9:aa:
6e:d1:8c:57:fc:92:02:db:e8:75:cc:90:28:5b:5c:
80:d4:89:64:8a:30:2f:61:2a:d1:68:0e:3d:48:ec:
88:8e:c6:66:08:2a:6c:03:25:72:ae:4a:b0:a5:4e:
d5:74:92:7c:86:6a:b8:7e:ab:71:50:ff:2f:bd:69:
a0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:5E:B3:63:64:29:AE:C1:6C:01:7E:1B:D0:52:FC:92:B0:C3:DB:B5
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/j16zY2QprsFsAX4b0FL8krDD27U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:81:26:da:ad:f3:6c:bd:e3:08:cb:72:cd:b4:92:c9:30:a7:
cd:a1:26:d4:70:44:58:4a:57:d7:db:c9:5e:6c:b4:79:4b:96:
6d:ea:19:f4:e4:c1:93:db:3e:06:3e:30:d1:f0:93:90:1b:22:
f3:8c:1e:63:7c:5f:01:0c:a9:e8:b0:8f:ca:a8:e8:5c:8d:17:
36:16:2e:d6:3c:a8:7c:83:a7:f5:d6:20:ed:65:fd:ac:7f:86:
fe:21:4b:89:36:06:7b:51:b3:c3:c8:7a:7c:ad:e4:c3:d2:a6:
c4:40:26:82:d7:9d:ff:f8:31:a2:88:a8:25:26:4d:5b:66:c2:
ad:c8:e7:99:f9:92:d2:ed:20:b1:96:b6:e6:c9:8b:69:88:ed:
66:11:98:e8:7f:04:34:dd:97:9c:aa:6f:23:10:5b:6e:78:57:
85:10:76:8f:e9:4d:a5:30:88:20:dd:bb:cb:33:74:86:d4:a2:
d3:14:a0:37:61:82:82:fb:bf:3c:47:fa:af:8a:ab:ce:6d:d5:
d6:35:46:99:ca:64:c6:f8:52:98:75:38:1a:87:c7:37:1d:0a:
f4:ba:8b:5b:13:16:aa:de:27:3f:08:d9:4a:7a:5d:88:5f:8d:
63:d8:f5:47:6a:40:44:d9:51:02:a9:7e:49:fc:c5:67:f5:fc:
fe:87:58:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9Rr/RpY5YkV+HImYV5PKl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA3MDYxMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjVlYjM2MzY0MjlhZWMxNmMwMTdlMWJkMDUyZmM5MmIwYzNkYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFFTHaHDc6xm9pU9Z5Rww0JCKLpd
zBdJS6RHRe/anp2kdzSbdhNi82qgss+DPnBdPE6UMtZQqed9wA9dDS+OGEtCHoWN
1qhe7kNGd0PaXalUoDVmXhagTGeUF2QMtVKspng1C4Jx/WlWzPoMi6rPD3ahzBGm
01Y5p2o+hjYhCBQ0yhQGfGdhv68jr2eZxJb2o2fA2zf/Y4423pjejARPMPttQYN9
5nKKbiyztow97oxnBUWhEaQjHGJYjoiWxDCDyapu0YxX/JIC2+h1zJAoW1yA1Ilk
ijAvYSrRaA49SOyIjsZmCCpsAyVyrkqwpU7VdJJ8hmq4fqtxUP8vvWmgiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI9es2NkKa7BbAF+G9BS/JKww9u1MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvajE2elkyUXByc0ZzQVg0YjBGTDhrckREMjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGuBJtqt82y94wjLcs20
kskwp82hJtRwRFhKV9fbyV5stHlLlm3qGfTkwZPbPgY+MNHwk5AbIvOMHmN8XwEM
qeiwj8qo6FyNFzYWLtY8qHyDp/XWIO1l/ax/hv4hS4k2BntRs8PIenyt5MPSpsRA
JoLXnf/4MaKIqCUmTVtmwq3I55n5ktLtILGWtubJi2mI7WYRmOh/BDTdl5yqbyMQ
W254V4UQdo/pTaUwiCDdu8szdIbUotMUoDdhgoL7vzxH+q+Kq85t1dY1RpnKZMb4
Uph1OBqHxzcdCvS6i1sTFqreJz8I2Up6XYhfjWPY9UdqQETZUQKpfkn8xWf1/P6H
WM4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org