Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/nERUff5hs9gJXDRhNYU-B7KvuiE.roa
File: nERUff5hs9gJXDRhNYU-B7KvuiE.roa (raw, json)
Hash identifier: rmoa8TV4KyrllTCVijdgvXolrunG/Vi/g5OMJ9a3wpc=
Subject key identifier: 9C:44:54:7D:FE:61:B3:D8:09:5C:34:61:35:85:3E:07:B2:AF:BA:21
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F47CE598CA3F2BD3008A47BB5403DEF99
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/nERUff5hs9gJXDRhNYU-B7KvuiE.roa
Signing time: Sun 05 May 2024 08:10:56 +0000
ROA not before: Sun 05 May 2024 08:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:47:ce:59:8c:a3:f2:bd:30:08:a4:7b:b5:40:3d:ef:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 5 08:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c44547dfe61b3d8095c346135853e07b2afba21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0d:d3:ef:fc:90:96:37:bd:8b:6b:1b:38:fb:
bd:1d:25:3b:c4:10:9b:9e:7b:bd:ce:18:33:d7:90:
56:19:4b:b7:e9:b1:ab:79:5f:d2:ee:7d:ab:91:69:
c6:07:39:f6:d4:13:d1:de:6d:c6:f1:b5:f7:02:f4:
05:3b:40:68:fc:af:a3:41:ba:92:cf:ab:0e:0c:3f:
2b:1d:91:73:72:5d:75:80:38:71:e4:f1:ac:7c:f1:
e4:38:70:09:41:40:7b:e8:3e:e1:ac:6c:c1:6b:09:
c2:10:f4:c2:c0:49:6f:01:f3:77:17:ee:ce:27:71:
2c:2a:58:b0:84:f4:33:59:64:40:ab:37:b3:5a:99:
33:0c:ce:cf:7e:47:78:a3:33:fb:60:53:7e:4d:d8:
38:60:a5:41:f2:d8:86:03:d4:36:0f:35:5b:b0:7d:
0e:ad:00:23:3a:1b:cc:7b:d8:bb:bd:1b:10:c3:4e:
3a:b5:68:b6:4b:be:91:6f:7f:27:6c:df:56:b1:61:
17:48:cd:84:4e:91:f8:84:c5:0d:63:48:3b:68:cc:
d1:9b:ec:c7:e9:0e:e0:c5:13:73:5c:3f:c8:6d:8c:
c8:d7:9d:b0:d3:de:8e:31:03:e0:12:10:f4:c3:c9:
03:43:50:6c:c3:43:88:af:c7:c5:9c:4b:d2:73:6e:
46:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:44:54:7D:FE:61:B3:D8:09:5C:34:61:35:85:3E:07:B2:AF:BA:21
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/nERUff5hs9gJXDRhNYU-B7KvuiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:6e:f1:d6:72:3a:71:32:3f:64:73:97:b3:72:3b:3a:4d:83:
27:9f:1f:fa:84:e0:c7:6c:39:db:cc:7a:83:6f:d6:a5:71:46:
de:ce:61:c2:98:7b:29:01:41:14:62:b1:56:d5:bc:d3:9e:48:
b1:94:6c:6e:29:bb:40:9e:55:fa:e0:e4:65:73:ac:62:31:58:
4b:fa:44:d5:f8:ce:5c:66:d0:49:41:cb:c4:7b:96:30:9a:08:
11:cb:95:37:d7:ca:ac:7c:4a:67:c9:86:b1:54:28:8e:e7:50:
58:f1:ed:7e:e5:e5:1f:de:82:49:da:22:71:c3:91:f1:09:c5:
47:97:39:df:9a:ed:7f:cc:6c:19:cd:a6:40:23:38:b5:c7:04:
3a:d0:35:74:d9:bf:14:1a:ae:7b:10:df:41:e9:58:c0:84:68:
4c:ee:d8:89:aa:80:fe:dd:13:be:1f:a5:4b:3f:81:8f:57:bd:
51:81:34:97:8b:86:2f:bf:5b:e8:af:c1:10:f4:7f:88:b5:4d:
6f:ef:b7:c8:6b:53:1e:d1:0b:3d:79:73:cb:38:22:d4:78:50:
4c:e9:12:7f:1e:2f:e1:46:d9:02:1d:d9:c4:cd:68:7c:c7:14:
29:bc:e6:7e:4f:2c:20:47:cd:77:72:c2:ab:0d:87:b5:74:2d:
f1:44:60:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9HzlmMo/K9MAike7VAPe+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA1MDgxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQ0NTQ3ZGZlNjFiM2Q4MDk1YzM0NjEzNTg1M2UwN2IyYWZiYTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxA3T7/yQlje9i2sbOPu9HSU7xBCb
nnu9zhgz15BWGUu36bGreV/S7n2rkWnGBzn21BPR3m3G8bX3AvQFO0Bo/K+jQbqS
z6sODD8rHZFzcl11gDhx5PGsfPHkOHAJQUB76D7hrGzBawnCEPTCwElvAfN3F+7O
J3EsKliwhPQzWWRAqzezWpkzDM7Pfkd4ozP7YFN+Tdg4YKVB8tiGA9Q2DzVbsH0O
rQAjOhvMe9i7vRsQw046tWi2S76Rb38nbN9WsWEXSM2ETpH4hMUNY0g7aMzRm+zH
6Q7gxRNzXD/IbYzI152w096OMQPgEhD0w8kDQ1Bsw0OIr8fFnEvSc25GEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJxEVH3+YbPYCVw0YTWFPgeyr7ohMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvbkVSVWZmNWhzOWdKWERSaE5ZVS1CN0t2dWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKtu8dZyOnEyP2Rzl7Ny
OzpNgyefH/qE4MdsOdvMeoNv1qVxRt7OYcKYeykBQRRisVbVvNOeSLGUbG4pu0Ce
Vfrg5GVzrGIxWEv6RNX4zlxm0ElBy8R7ljCaCBHLlTfXyqx8SmfJhrFUKI7nUFjx
7X7l5R/egknaInHDkfEJxUeXOd+a7X/MbBnNpkAjOLXHBDrQNXTZvxQarnsQ30Hp
WMCEaEzu2ImqgP7dE74fpUs/gY9XvVGBNJeLhi+/W+ivwRD0f4i1TW/vt8hrUx7R
Cz15c8s4ItR4UEzpEn8eL+FG2QId2cTNaHzHFCm85n5PLCBHzXdywqsNh7V0LfFE
YA8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org