Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ncn1FVktyyuyzHB6bo3Fft1LbU8.roa
File: ncn1FVktyyuyzHB6bo3Fft1LbU8.roa (raw, json)
Hash identifier: vQr7vmhVXpb4MU2nWIw9qhpHntUUn03Odhi8uDIMm7Y=
Subject key identifier: 9D:C9:F5:15:59:2D:CB:2B:B2:CC:70:7A:6E:8D:C5:7E:DD:4B:6D:4F
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F6F80B49CAE8C99CF40C573007F12D71A
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ncn1FVktyyuyzHB6bo3Fft1LbU8.roa
Signing time: Mon 13 May 2024 01:10:56 +0000
ROA not before: Mon 13 May 2024 01:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6f:80:b4:9c:ae:8c:99:cf:40:c5:73:00:7f:12:d7:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 13 01:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dc9f515592dcb2bb2cc707a6e8dc57edd4b6d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2d:ff:97:68:dd:a0:43:b1:07:a4:88:4d:3a:
91:5b:71:e4:8b:10:33:17:9a:ec:64:d9:26:61:7e:
10:25:55:59:fa:c5:0f:c9:5a:da:af:2a:bf:c9:98:
d5:3d:40:6c:0f:bf:a4:ee:48:b8:0e:d0:eb:89:08:
3f:86:d2:91:f3:66:34:1b:9d:04:2b:da:3e:36:f0:
d9:0e:fc:0e:c8:30:fb:6b:88:5a:c9:fc:89:49:14:
1d:ce:99:e0:6c:84:98:03:82:1c:30:44:ce:81:4a:
83:8f:40:3d:3e:c6:35:cd:bb:bd:c8:8a:a2:cf:67:
69:3e:3e:b7:b8:35:7d:86:04:06:ca:92:b3:77:73:
67:05:e7:2f:bc:c3:07:e9:51:7c:a7:08:75:50:b8:
1a:53:d5:66:3a:60:e9:e9:2e:e4:7a:61:35:ed:a8:
e8:44:28:1f:e2:c6:ce:c9:a7:83:2f:d8:e3:54:41:
2a:07:ce:d5:48:34:e3:5e:0a:ae:a1:5b:6a:a6:08:
37:db:66:9f:b8:59:c8:11:be:26:4e:17:4b:e9:dc:
ff:f5:65:21:f5:95:2a:7b:38:c4:8e:d4:47:63:89:
33:19:54:ed:5f:9f:30:fb:bf:0d:0c:f0:6b:18:ff:
da:87:1c:f1:e2:50:54:75:5a:ea:98:34:83:e3:99:
ed:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C9:F5:15:59:2D:CB:2B:B2:CC:70:7A:6E:8D:C5:7E:DD:4B:6D:4F
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ncn1FVktyyuyzHB6bo3Fft1LbU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c9:db:c5:0d:f1:a8:8c:c6:36:06:ec:9c:8d:a2:3c:27:ee:f0:
ea:da:a8:01:80:41:ea:10:7e:54:83:30:5a:e5:91:aa:c1:1b:
2a:72:0f:cd:24:0c:17:16:f1:5c:28:85:b8:8d:53:c0:88:a9:
64:7c:4e:f0:b4:c4:06:36:a4:77:31:91:69:cf:52:01:e6:75:
89:d7:3a:22:8b:84:c8:1a:4e:ca:f4:e5:62:0a:96:28:8e:cd:
40:13:b0:18:7d:ff:47:80:34:a1:db:57:36:18:4d:01:f6:06:
47:5e:fa:29:09:a1:72:86:1f:34:82:eb:ed:74:60:d1:61:b3:
5d:63:7b:8c:e9:4b:3d:7f:1a:95:e5:3f:b0:2e:5c:4c:b4:4c:
1e:5e:82:fc:fa:42:00:04:93:b6:9d:84:95:6c:85:8b:2c:40:
df:7c:2e:05:30:22:17:d9:6f:4d:b3:c9:63:60:20:59:0d:60:
80:c9:f6:9e:c9:f8:5e:f7:d4:f2:9a:7b:7b:0d:52:e5:31:47:
73:ec:65:f9:12:d6:08:47:5f:7e:3c:ff:ac:00:32:93:a3:f6:
f1:a3:34:50:e1:9d:56:a4:ed:f8:77:4e:5c:fd:97:95:b7:b1:
cf:2e:f7:9f:86:08:77:4b:74:c9:e9:a8:2f:a5:6f:07:eb:46:
9b:3c:89:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9vgLScroyZz0DFcwB/EtcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEzMDExMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGM5ZjUxNTU5MmRjYjJiYjJjYzcwN2E2ZThkYzU3ZWRkNGI2ZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC3/l2jdoEOxB6SITTqRW3HkixAz
F5rsZNkmYX4QJVVZ+sUPyVraryq/yZjVPUBsD7+k7ki4DtDriQg/htKR82Y0G50E
K9o+NvDZDvwOyDD7a4hayfyJSRQdzpngbISYA4IcMETOgUqDj0A9PsY1zbu9yIqi
z2dpPj63uDV9hgQGypKzd3NnBecvvMMH6VF8pwh1ULgaU9VmOmDp6S7kemE17ajo
RCgf4sbOyaeDL9jjVEEqB87VSDTjXgquoVtqpgg322afuFnIEb4mThdL6dz/9WUh
9ZUqezjEjtRHY4kzGVTtX58w+78NDPBrGP/ahxzx4lBUdVrqmDSD45nt5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ3J9RVZLcsrssxwem6NxX7dS21PMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvbmNuMUZWa3R5eXV5ekhCNmJvM0ZmdDFMYlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMnbxQ3xqIzGNgbsnI2i
PCfu8OraqAGAQeoQflSDMFrlkarBGypyD80kDBcW8VwohbiNU8CIqWR8TvC0xAY2
pHcxkWnPUgHmdYnXOiKLhMgaTsr05WIKliiOzUATsBh9/0eANKHbVzYYTQH2Bkde
+ikJoXKGHzSC6+10YNFhs11je4zpSz1/GpXlP7AuXEy0TB5egvz6QgAEk7adhJVs
hYssQN98LgUwIhfZb02zyWNgIFkNYIDJ9p7J+F731PKae3sNUuUxR3PsZfkS1ghH
X348/6wAMpOj9vGjNFDhnVak7fh3Tlz9l5W3sc8u95+GCHdLdMnpqC+lbwfrRps8
iQs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org