Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jZUBD-mUbZ78Zx4gYsZmLu8calk.roa
File: jZUBD-mUbZ78Zx4gYsZmLu8calk.roa (raw, json)
Hash identifier: 9KDLvHnwF55QgjrDWZ9T6a4vb1pKysIns26FrloySVg=
Subject key identifier: 8D:95:01:0F:E9:94:6D:9E:FC:67:1E:20:62:C6:66:2E:EF:1C:6A:59
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F37B84E8A3703D8BC2AE34CA3202D4770
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jZUBD-mUbZ78Zx4gYsZmLu8calk.roa
Signing time: Thu 02 May 2024 05:12:56 +0000
ROA not before: Thu 02 May 2024 05:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:37:b8:4e:8a:37:03:d8:bc:2a:e3:4c:a3:20:2d:47:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 2 05:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d95010fe9946d9efc671e2062c6662eef1c6a59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d9:52:78:70:68:8f:6e:8d:09:1c:9b:38:7c:
df:ca:0d:df:b4:10:90:59:2e:33:fd:4b:27:b9:73:
4f:34:6f:d1:c9:32:a4:73:09:41:2a:2f:78:93:f7:
c2:b8:13:6e:da:1e:c4:7b:53:6f:ac:2d:d7:e2:69:
e8:0e:c4:9c:b4:25:a2:7c:7d:45:01:c1:38:b9:09:
61:78:bf:6d:6a:fb:f6:91:c3:88:ee:d5:b2:8e:af:
1e:be:da:d9:8e:a2:a4:ee:fa:97:fc:50:20:b8:0b:
11:53:be:2a:ec:0e:3e:93:d6:33:25:ac:05:6c:d3:
50:61:a8:55:48:55:f3:be:79:ae:0c:d1:f1:26:fa:
f0:8b:c4:31:e3:a0:a2:67:fb:64:9b:a1:81:98:44:
54:ee:f4:ed:fb:b5:cf:66:f3:9e:38:c2:bd:35:a0:
d0:76:03:f8:62:95:a7:ae:42:b7:d6:97:f9:a2:3f:
87:67:b9:cf:45:d2:e1:95:d0:57:fc:f7:d9:9b:b4:
5e:f6:98:92:36:14:82:c6:f3:03:74:1c:9e:74:73:
70:77:01:59:5d:34:27:95:ba:81:e7:ea:fb:d9:75:
07:af:70:a8:a7:94:04:e0:2f:f6:28:b9:e1:03:45:
92:ec:46:d5:34:e2:3b:9b:91:3f:f2:35:69:79:b1:
19:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:95:01:0F:E9:94:6D:9E:FC:67:1E:20:62:C6:66:2E:EF:1C:6A:59
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jZUBD-mUbZ78Zx4gYsZmLu8calk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:bd:e9:99:10:f1:8c:91:18:82:c6:06:d2:ff:4a:e2:2b:a2:
93:b1:9c:be:17:8b:91:a1:75:23:79:38:b9:f9:5a:3e:a9:79:
da:3a:db:02:62:4a:18:91:d1:20:50:f2:f3:5b:12:3a:98:a3:
c7:f1:a6:f9:94:12:a9:7d:5c:17:a5:1e:24:14:c0:7e:31:58:
2c:5e:b6:c6:77:38:c9:ac:28:b9:e2:e0:65:33:a5:4f:e9:46:
6c:d2:f2:c1:4b:3d:63:f7:b9:f5:ba:fc:91:06:3d:1d:ce:c7:
f2:4e:7c:23:b6:dd:94:01:df:d9:08:a0:d5:56:47:9c:d3:40:
ff:4b:8c:be:19:cd:af:16:cb:52:b0:e0:2a:c6:66:91:23:e2:
7c:e6:2a:af:64:71:e0:4b:2d:2c:15:ff:7a:d1:e2:19:71:56:
e2:a8:f6:19:eb:8a:5b:73:95:6d:99:e4:30:a5:8d:e9:eb:97:
0e:1a:78:d0:17:bd:d4:ed:07:73:7b:3b:a5:06:b5:00:8f:ae:
ce:7a:78:d2:02:c7:d7:50:80:d0:c4:97:6a:8a:47:97:03:8e:
d1:a5:c6:8c:a2:7b:6e:5c:96:9c:0e:a5:cc:db:b5:8f:61:34:
04:f4:9c:69:0a:c5:b1:df:44:e5:62:8d:d3:e8:d4:47:21:85:
2c:a6:d4:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY83uE6KNwPYvCrjTKMgLUdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAyMDUxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDk1MDEwZmU5OTQ2ZDllZmM2NzFlMjA2MmM2NjYyZWVmMWM2YTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutlSeHBoj26NCRybOHzfyg3ftBCQ
WS4z/UsnuXNPNG/RyTKkcwlBKi94k/fCuBNu2h7Ee1NvrC3X4mnoDsSctCWifH1F
AcE4uQlheL9tavv2kcOI7tWyjq8evtrZjqKk7vqX/FAguAsRU74q7A4+k9YzJawF
bNNQYahVSFXzvnmuDNHxJvrwi8Qx46CiZ/tkm6GBmERU7vTt+7XPZvOeOMK9NaDQ
dgP4YpWnrkK31pf5oj+HZ7nPRdLhldBX/PfZm7Re9piSNhSCxvMDdByedHNwdwFZ
XTQnlbqB5+r72XUHr3Cop5QE4C/2KLnhA0WS7EbVNOI7m5E/8jVpebEZ/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI2VAQ/plG2e/GceIGLGZi7vHGpZMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvalpVQkQtbVViWjc4Wng0Z1lzWm1MdThjYWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEC96ZkQ8YyRGILGBtL/
SuIropOxnL4Xi5GhdSN5OLn5Wj6pedo62wJiShiR0SBQ8vNbEjqYo8fxpvmUEql9
XBelHiQUwH4xWCxetsZ3OMmsKLni4GUzpU/pRmzS8sFLPWP3ufW6/JEGPR3Ox/JO
fCO23ZQB39kIoNVWR5zTQP9LjL4Zza8Wy1Kw4CrGZpEj4nzmKq9kceBLLSwV/3rR
4hlxVuKo9hnriltzlW2Z5DCljenrlw4aeNAXvdTtB3N7O6UGtQCPrs56eNICx9dQ
gNDEl2qKR5cDjtGlxoyie25clpwOpczbtY9hNAT0nGkKxbHfROVijdPo1EchhSym
1Ow=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org