Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/kNRCH9NxPrchov0Myia1tdqNNa0.roa
File: kNRCH9NxPrchov0Myia1tdqNNa0.roa (raw, json)
Hash identifier: GHzyRTR8FI+e0vn7OeVH8IPX0VhDbzlNg7jtlx9Gt94=
Subject key identifier: 90:D4:42:1F:D3:71:3E:B7:21:A2:FD:0C:CA:26:B5:B5:DA:8D:35:AD
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F91D6CCBFFA299DD3B1A918DA2C98E6DE
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/kNRCH9NxPrchov0Myia1tdqNNa0.roa
Signing time: Sun 19 May 2024 17:12:04 +0000
ROA not before: Sun 19 May 2024 17:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:91:d6:cc:bf:fa:29:9d:d3:b1:a9:18:da:2c:98:e6:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 19 17:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90d4421fd3713eb721a2fd0cca26b5b5da8d35ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f8:cd:7d:01:e8:3d:9a:e7:f2:37:08:08:b4:
32:a7:9b:ec:5e:03:f1:f9:43:cc:1b:ec:f2:26:09:
67:42:8b:38:9e:bc:0d:99:c3:08:e6:5e:a6:2a:13:
e4:ff:69:67:38:a1:b0:ba:9d:8b:5b:69:bf:6d:54:
cd:a3:41:f7:6e:96:68:fd:b6:94:46:0c:f7:b1:71:
62:d4:1c:29:6b:2c:1e:a1:97:b2:e3:5f:41:a2:2b:
88:ae:08:bb:6d:08:f0:fa:61:54:f3:25:06:66:2b:
cf:b4:29:82:4f:a5:34:e5:f0:d0:eb:c1:87:27:79:
0d:45:47:b3:88:c2:53:93:af:79:88:34:c3:92:4f:
df:1a:43:ab:ba:d0:d9:1c:a1:d5:77:32:1f:29:52:
13:ae:84:a7:78:71:77:38:6b:ff:bf:d4:73:c4:4b:
d3:17:7c:cb:43:18:81:b1:48:b2:4d:3a:15:74:7b:
ee:54:2c:5b:7e:c3:cd:25:bf:30:dc:4c:8a:9e:3c:
6c:02:d0:ad:4a:76:3e:17:5f:06:e8:a4:12:b8:3e:
d7:70:d5:0b:d4:aa:a0:20:68:9b:31:4c:34:7a:e0:
fc:ad:89:39:24:c9:ae:d6:eb:c8:f7:83:ee:e4:18:
33:f3:f7:b3:fc:4f:11:62:98:3d:b4:8b:8c:37:d4:
4e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D4:42:1F:D3:71:3E:B7:21:A2:FD:0C:CA:26:B5:B5:DA:8D:35:AD
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/kNRCH9NxPrchov0Myia1tdqNNa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c6:ad:f9:34:f0:47:b1:dd:dc:9b:d8:27:2c:58:4d:c3:7f:55:
a6:b8:4e:a0:da:c9:5d:1f:08:1f:e8:1f:d2:9d:e6:4c:e6:4c:
c6:28:eb:b9:7c:15:61:b7:7a:c2:be:bc:63:64:3f:09:e4:8c:
62:d6:9e:e1:a6:ed:42:60:31:c0:03:71:74:60:11:b1:f2:bb:
d6:5a:f9:13:f5:e6:f6:c6:bc:21:d2:99:67:c7:0b:43:b0:35:
95:f0:a9:e1:23:3a:32:55:59:70:76:a8:7b:56:9a:44:0e:c4:
54:52:e9:a1:f8:e7:10:40:ca:0c:0d:2a:3c:5d:6e:21:bf:e3:
a5:b9:5c:bb:27:2a:0b:f8:7a:b3:6d:97:01:d4:c7:b9:b9:8f:
9a:9b:08:59:ea:ef:26:a4:20:0c:6c:bd:6c:4e:d1:71:43:c3:
6e:8e:be:cc:a8:c5:d8:92:d5:0d:bd:69:ad:35:7a:5b:93:e4:
83:df:4b:25:4e:78:9d:f9:41:96:5b:bc:d6:f9:02:c7:4d:70:
0e:15:a2:1b:09:9b:ab:81:2f:01:8e:3d:66:09:11:27:10:d2:
91:1e:d3:07:cd:ca:1b:7b:1e:fa:72:40:74:1f:93:0e:ca:0c:
ae:eb:db:3c:e4:00:aa:94:fb:95:b5:bc:e6:90:e0:75:42:61:
8c:e0:ec:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+R1sy/+imd07GpGNosmObeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE5MTcxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQ0NDIxZmQzNzEzZWI3MjFhMmZkMGNjYTI2YjViNWRhOGQzNWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofjNfQHoPZrn8jcICLQyp5vsXgPx
+UPMG+zyJglnQos4nrwNmcMI5l6mKhPk/2lnOKGwup2LW2m/bVTNo0H3bpZo/baU
Rgz3sXFi1BwpayweoZey419BoiuIrgi7bQjw+mFU8yUGZivPtCmCT6U05fDQ68GH
J3kNRUeziMJTk695iDTDkk/fGkOrutDZHKHVdzIfKVITroSneHF3OGv/v9RzxEvT
F3zLQxiBsUiyTToVdHvuVCxbfsPNJb8w3EyKnjxsAtCtSnY+F18G6KQSuD7XcNUL
1KqgIGibMUw0euD8rYk5JMmu1uvI94Pu5Bgz8/ez/E8RYpg9tIuMN9RO/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJDUQh/TcT63IaL9DMomtbXajTWtMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEva05SQ0g5TnhQcmNob3YwTXlpYTF0ZHFOTmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMat+TTwR7Hd3JvYJyxY
TcN/Vaa4TqDayV0fCB/oH9Kd5kzmTMYo67l8FWG3esK+vGNkPwnkjGLWnuGm7UJg
McADcXRgEbHyu9Za+RP15vbGvCHSmWfHC0OwNZXwqeEjOjJVWXB2qHtWmkQOxFRS
6aH45xBAygwNKjxdbiG/46W5XLsnKgv4erNtlwHUx7m5j5qbCFnq7yakIAxsvWxO
0XFDw26OvsyoxdiS1Q29aa01eluT5IPfSyVOeJ35QZZbvNb5AsdNcA4VohsJm6uB
LwGOPWYJEScQ0pEe0wfNyht7HvpyQHQfkw7KDK7r2zzkAKqU+5W1vOaQ4HVCYYzg
7DE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org