Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/mFFhRrNbL9U2DLqX6ez_L7NWvOQ.roa
File: mFFhRrNbL9U2DLqX6ez_L7NWvOQ.roa (raw, json)
Hash identifier: BSLJ5LOb8J03T/gspzdlphjX5XlHXV0+yeP6k7pjTlY=
Subject key identifier: 98:51:61:46:B3:5B:2F:D5:36:0C:BA:97:E9:EC:FF:2F:B3:56:BC:E4
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F98EB8B565B458118D52007A2A2642840
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/mFFhRrNbL9U2DLqX6ez_L7NWvOQ.roa
Signing time: Tue 21 May 2024 02:12:04 +0000
ROA not before: Tue 21 May 2024 02:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:98:eb:8b:56:5b:45:81:18:d5:20:07:a2:a2:64:28:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 02:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98516146b35b2fd5360cba97e9ecff2fb356bce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:22:81:64:78:6a:f2:85:0e:f0:7f:42:68:63:
8f:7d:e9:b7:28:30:b4:28:b5:bf:ee:73:bf:04:1d:
44:79:e8:93:17:8a:cd:61:22:cd:f5:e5:a9:8f:25:
f7:7d:a9:66:2c:19:0d:b5:b2:45:60:2c:91:3b:e4:
c6:8f:32:26:9a:54:b0:5d:aa:35:87:f8:c5:a3:6d:
1e:0b:23:1c:2a:e6:fb:00:d1:e4:dd:7f:04:dc:90:
ff:ef:45:91:4d:c6:ff:86:b1:61:66:3c:71:9d:5e:
18:46:c9:23:54:35:be:c6:13:31:54:85:fe:01:03:
f7:2a:d5:45:cf:73:88:8c:bd:af:13:c3:33:df:df:
0c:15:5f:98:a7:9a:3b:38:2b:1a:fc:e2:c5:49:ff:
fb:f4:bc:ef:3a:c2:71:d9:70:f0:3b:64:16:8d:ad:
e9:17:fb:93:5c:2d:4f:4b:1e:01:ce:d2:02:8c:6c:
cf:64:1b:27:d3:12:63:cc:0b:0b:fe:48:5e:69:ef:
bf:1a:3a:65:f2:47:52:ba:35:3b:db:da:1d:d6:22:
ce:73:15:51:8e:ed:63:b4:5f:46:d4:df:1d:af:53:
01:98:1c:82:b6:e3:cc:9d:c2:15:47:16:d3:3f:0d:
86:dc:e5:27:b1:16:07:b3:b7:24:64:e1:63:70:8e:
2a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:51:61:46:B3:5B:2F:D5:36:0C:BA:97:E9:EC:FF:2F:B3:56:BC:E4
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/mFFhRrNbL9U2DLqX6ez_L7NWvOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3c:03:23:76:ab:a6:a5:a2:06:33:2f:33:c2:7a:f5:00:c2:68:
70:ac:bd:83:b1:fc:11:2c:0d:21:e1:7a:12:4d:1a:49:65:ea:
5e:72:d7:b7:1e:28:97:12:41:82:ed:fa:15:68:e1:1f:d7:c1:
5e:33:fc:45:88:00:3a:03:0c:03:5b:81:07:4f:61:21:8b:78:
fc:8c:d2:2c:2b:79:dc:25:1a:a0:7b:02:85:d1:6f:91:d9:5f:
36:c6:58:38:80:8c:08:08:ee:78:c0:8d:c5:71:e8:bc:e4:1d:
94:fc:1e:36:62:8a:54:d5:d3:3c:bb:bf:da:4d:ef:3f:2c:53:
db:b9:30:ed:e5:56:8a:ac:43:a9:d0:c9:63:ab:c4:17:03:f8:
b1:79:42:ce:e0:00:90:24:e5:d5:8a:5a:59:2d:c7:dd:29:c5:
3e:eb:7a:18:69:a5:d5:2f:0c:c2:4f:40:eb:ba:33:4b:eb:f7:
6b:91:6d:bf:33:b8:b9:b9:f9:fb:50:9c:5f:da:a6:2e:c1:86:
32:4f:d4:71:a1:09:00:e2:8b:04:fa:72:4c:0f:eb:24:24:c3:
87:c6:f6:11:c0:ac:64:b6:c4:9c:d3:4a:71:99:d0:61:ac:b4:
8c:70:8c:b9:88:ca:40:95:69:ed:87:2e:df:f5:b4:0b:4e:a3:
17:83:0a:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+Y64tWW0WBGNUgB6KiZChAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMDIxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODUxNjE0NmIzNWIyZmQ1MzYwY2JhOTdlOWVjZmYyZmIzNTZiY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyKBZHhq8oUO8H9CaGOPfem3KDC0
KLW/7nO/BB1EeeiTF4rNYSLN9eWpjyX3falmLBkNtbJFYCyRO+TGjzImmlSwXao1
h/jFo20eCyMcKub7ANHk3X8E3JD/70WRTcb/hrFhZjxxnV4YRskjVDW+xhMxVIX+
AQP3KtVFz3OIjL2vE8Mz398MFV+Yp5o7OCsa/OLFSf/79LzvOsJx2XDwO2QWja3p
F/uTXC1PSx4BztICjGzPZBsn0xJjzAsL/kheae+/Gjpl8kdSujU729od1iLOcxVR
ju1jtF9G1N8dr1MBmByCtuPMncIVRxbTPw2G3OUnsRYHs7ckZOFjcI4qBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJhRYUazWy/VNgy6l+ns/y+zVrzkMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvbUZGaFJyTmJMOVUyRExxWDZlel9MN05Xdk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADwDI3arpqWiBjMvM8J6
9QDCaHCsvYOx/BEsDSHhehJNGkll6l5y17ceKJcSQYLt+hVo4R/XwV4z/EWIADoD
DANbgQdPYSGLePyM0iwredwlGqB7AoXRb5HZXzbGWDiAjAgI7njAjcVx6LzkHZT8
HjZiilTV0zy7v9pN7z8sU9u5MO3lVoqsQ6nQyWOrxBcD+LF5Qs7gAJAk5dWKWlkt
x90pxT7rehhppdUvDMJPQOu6M0vr92uRbb8zuLm5+ftQnF/api7BhjJP1HGhCQDi
iwT6ckwP6yQkw4fG9hHArGS2xJzTSnGZ0GGstIxwjLmIykCVae2HLt/1tAtOoxeD
CrQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org