Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jnZbnYMU4GgqBN01qgJ0uOQkH2M.roa
File: jnZbnYMU4GgqBN01qgJ0uOQkH2M.roa (raw, json)
Hash identifier: RIQYxjeWnpoPm0/GMuCyzxAVQreZNlZ/UuhOImAkPFw=
Subject key identifier: 8E:76:5B:9D:83:14:E0:68:2A:04:DD:35:AA:02:74:B8:E4:24:1F:63
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F0DA8F900A006833AD37582A44C7775DB
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jnZbnYMU4GgqBN01qgJ0uOQkH2M.roa
Signing time: Wed 24 Apr 2024 01:12:08 +0000
ROA not before: Wed 24 Apr 2024 01:12:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0d:a8:f9:00:a0:06:83:3a:d3:75:82:a4:4c:77:75:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 24 01:12:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e765b9d8314e0682a04dd35aa0274b8e4241f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:65:b4:17:0e:84:70:a2:3c:74:db:ed:2a:8b:
be:18:ff:8e:94:42:2c:b2:f9:36:ea:55:47:77:b4:
82:2a:86:38:4f:59:35:a1:c9:2b:09:61:c8:a4:bd:
1b:e2:9d:b4:50:b9:bc:9e:35:a7:22:7d:b5:25:45:
41:1b:95:58:b3:c9:da:82:83:6f:d7:77:12:f1:74:
38:52:d4:e7:7c:40:54:47:7b:fa:02:8c:cd:9d:ed:
06:50:c1:03:b2:45:1a:6f:ad:af:63:ad:f0:3a:9d:
62:2c:93:2c:e4:a6:14:98:0a:73:d3:95:ae:80:ea:
5e:03:39:2c:4d:37:69:95:c6:ba:29:10:16:ce:85:
cc:05:25:63:07:3e:9e:29:ae:06:0b:bf:27:76:69:
9b:43:15:28:dd:dd:69:8b:49:c2:79:e9:c0:f7:67:
24:e1:ab:48:68:4c:48:13:60:8c:c1:92:0b:12:40:
7b:98:40:09:cd:97:73:63:4c:58:71:47:53:65:11:
63:70:27:2d:a8:68:6d:4c:a1:1c:1e:48:7a:4d:be:
16:c9:16:23:f9:3f:52:d5:a9:19:5a:58:73:49:d3:
4f:26:e7:78:48:ad:68:72:74:fd:1e:e7:d6:7c:61:
70:d0:62:a3:55:61:29:5f:f1:a3:26:fa:e5:9f:80:
74:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:76:5B:9D:83:14:E0:68:2A:04:DD:35:AA:02:74:B8:E4:24:1F:63
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jnZbnYMU4GgqBN01qgJ0uOQkH2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
93:7b:df:e3:11:12:ab:95:2c:a1:29:e7:52:f1:d9:f4:bc:2e:
1b:98:83:8b:f2:52:61:5b:ba:28:1d:4d:bf:ef:63:97:2d:e1:
d8:bd:65:2a:c3:8e:ce:34:80:4b:4c:72:3a:e9:ea:e2:b0:c5:
6e:f9:71:b8:0e:e1:27:bd:6a:b4:10:96:f4:11:36:4a:26:67:
a9:ef:b8:fc:b0:4d:02:9f:49:d7:d9:86:28:d8:6f:d6:33:23:
7d:61:47:42:19:bf:6a:3b:c4:e8:41:6b:df:b1:74:b1:6d:a9:
16:1e:9b:c8:94:db:e3:fe:85:3f:ae:c2:f4:a5:3a:94:91:01:
68:ef:6c:8e:d3:b2:35:a8:33:40:66:57:15:fd:26:9c:9b:9d:
a9:c0:f9:e2:61:e7:11:79:a0:da:cc:20:d0:58:15:50:bd:c3:
37:27:af:a6:f8:61:4c:81:7f:ad:e7:13:cf:59:9b:ea:87:94:
a3:89:2f:a9:77:13:10:ac:b9:91:4f:0d:ac:4f:30:b1:a0:b4:
35:b2:67:c5:be:c5:c7:dd:e9:30:18:7d:89:39:79:ce:2b:96:
67:e7:f2:d0:d1:94:3f:c6:29:be:5c:b1:2b:1d:b2:fc:d3:14:
ad:63:3b:78:9f:d2:4e:d7:9d:96:bc:50:3f:61:6e:5b:63:56:
67:6e:3b:39
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8NqPkAoAaDOtN1gqRMd3XbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI0MDExMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTc2NWI5ZDgzMTRlMDY4MmEwNGRkMzVhYTAyNzRiOGU0MjQxZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8mW0Fw6EcKI8dNvtKou+GP+OlEIs
svk26lVHd7SCKoY4T1k1ockrCWHIpL0b4p20ULm8njWnIn21JUVBG5VYs8nagoNv
13cS8XQ4UtTnfEBUR3v6AozNne0GUMEDskUab62vY63wOp1iLJMs5KYUmApz05Wu
gOpeAzksTTdplca6KRAWzoXMBSVjBz6eKa4GC78ndmmbQxUo3d1pi0nCeenA92ck
4atIaExIE2CMwZILEkB7mEAJzZdzY0xYcUdTZRFjcCctqGhtTKEcHkh6Tb4WyRYj
+T9S1akZWlhzSdNPJud4SK1ocnT9HufWfGFw0GKjVWEpX/GjJvrln4B0uQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFI52W52DFOBoKgTdNaoCdLjkJB9jMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvam5aYm5ZTVU0R2dxQk4wMXFnSjB1T1FrSDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQCTe9/j
ERKrlSyhKedS8dn0vC4bmIOL8lJhW7ooHU2/72OXLeHYvWUqw47ONIBLTHI66eri
sMVu+XG4DuEnvWq0EJb0ETZKJmep77j8sE0Cn0nX2YYo2G/WMyN9YUdCGb9qO8To
QWvfsXSxbakWHpvIlNvj/oU/rsL0pTqUkQFo72yO07I1qDNAZlcV/Sacm52pwPni
YecReaDazCDQWBVQvcM3J6+m+GFMgX+t5xPPWZvqh5SjiS+pdxMQrLmRTw2sTzCx
oLQ1smfFvsXH3ekwGH2JOXnOK5Zn5/LQ0ZQ/xim+XLErHbL80xStYzt4n9JO152W
vFA/YW5bY1Znbjs5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org