Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/pb1iDDak2NXD-oou1Sp0AtnSEg8.roa
File: pb1iDDak2NXD-oou1Sp0AtnSEg8.roa (raw, json)
Hash identifier: 2qC/QEH6+1DiNH/XqfaX5Ycr0nzYK9p267idlTAEBOc=
Subject key identifier: A5:BD:62:0C:36:A4:D8:D5:C3:FA:8A:2E:D5:2A:74:02:D9:D2:12:0F
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F6C4B796E1F2B0257355A4B26F5BE5DD4
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/pb1iDDak2NXD-oou1Sp0AtnSEg8.roa
Signing time: Sun 12 May 2024 10:13:56 +0000
ROA not before: Sun 12 May 2024 10:13:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6c:4b:79:6e:1f:2b:02:57:35:5a:4b:26:f5:be:5d:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 12 10:13:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5bd620c36a4d8d5c3fa8a2ed52a7402d9d2120f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:aa:d5:c6:85:b2:1e:a6:03:f2:9d:75:19:92:
31:0e:d5:51:8e:9a:bf:1c:21:b2:90:d5:08:81:32:
e5:da:9d:59:56:6f:bc:a6:3a:8f:22:ea:41:2c:a1:
24:3e:33:ec:e1:ff:e4:04:a1:78:97:50:a8:6e:f2:
17:77:db:de:eb:bc:4c:fa:bb:ea:32:1c:e5:2e:f2:
98:96:5a:32:65:55:20:15:b7:80:4d:56:05:37:57:
a1:c4:59:37:b8:df:c3:f8:ae:e1:f1:80:8c:b5:64:
05:0b:66:82:89:13:f7:3f:e8:7b:0b:90:d1:b6:2d:
78:21:eb:5a:8d:d5:aa:cd:85:5c:58:8c:e5:c2:f4:
87:9d:f2:29:c0:bc:1f:f0:05:7d:2e:ed:92:9c:ff:
e0:ea:50:f2:eb:f6:ef:4f:d0:98:9e:fb:5e:2d:32:
f2:38:7e:36:39:fb:cf:79:9e:36:f9:7b:fa:eb:96:
90:98:3d:7b:a6:eb:0b:3b:a9:09:71:34:f3:00:f1:
e7:47:24:47:03:46:f5:16:29:09:ee:38:52:a6:e4:
16:24:b8:7c:da:24:00:c7:52:29:f0:ad:02:32:2f:
58:ca:dd:40:8e:4a:a4:87:88:54:9a:ca:ab:94:97:
00:c6:90:e3:7f:c5:d8:a0:6c:e7:ac:a3:58:a2:83:
e6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:BD:62:0C:36:A4:D8:D5:C3:FA:8A:2E:D5:2A:74:02:D9:D2:12:0F
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/pb1iDDak2NXD-oou1Sp0AtnSEg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:92:79:ce:15:e7:dc:ec:4c:fe:7f:1d:65:70:05:20:0b:7e:
86:b8:6b:af:ea:80:87:cb:af:18:4e:b5:b5:a1:6f:55:1b:29:
c4:e5:79:31:09:6d:1c:52:d5:24:9d:5e:cd:05:2b:58:19:47:
5d:b9:55:43:9c:b0:ff:26:8d:75:01:1e:e3:c4:5c:25:91:05:
8f:6b:83:5a:4f:8e:81:61:9e:3f:a3:ba:82:72:d7:d5:18:09:
ec:9a:44:f8:f9:4d:9c:8e:ac:1c:07:36:09:bc:96:12:5c:b0:
da:4d:42:65:a8:9b:21:b3:31:67:f4:80:d3:9f:ae:99:f2:a3:
5a:5f:34:b2:72:9b:39:74:d4:82:84:6d:73:2d:df:78:d1:51:
79:f2:76:6a:87:5a:0e:fc:96:4c:c1:29:ec:6a:c0:58:a8:72:
33:a2:bd:8e:44:2c:03:a5:08:a7:c2:79:5b:53:0a:ee:56:25:
b0:83:a0:43:e1:ce:4c:8d:67:d2:4e:27:17:33:ff:d4:ae:0d:
66:04:99:ce:32:d6:f8:b0:8b:41:8b:fb:2d:18:1f:27:b8:26:
02:5a:dd:e4:65:d4:7a:5a:56:83:1c:2f:20:13:e6:8e:72:b2:
e2:c6:6d:2a:86:57:14:5d:d3:82:4c:a4:9e:30:eb:a4:0b:4f:
00:06:94:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9sS3luHysCVzVaSyb1vl3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEyMTAxMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJkNjIwYzM2YTRkOGQ1YzNmYThhMmVkNTJhNzQwMmQ5ZDIxMjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6arVxoWyHqYD8p11GZIxDtVRjpq/
HCGykNUIgTLl2p1ZVm+8pjqPIupBLKEkPjPs4f/kBKF4l1CobvIXd9ve67xM+rvq
MhzlLvKYlloyZVUgFbeATVYFN1ehxFk3uN/D+K7h8YCMtWQFC2aCiRP3P+h7C5DR
ti14IetajdWqzYVcWIzlwvSHnfIpwLwf8AV9Lu2SnP/g6lDy6/bvT9CYnvteLTLy
OH42OfvPeZ42+Xv665aQmD17pusLO6kJcTTzAPHnRyRHA0b1FikJ7jhSpuQWJLh8
2iQAx1Ip8K0CMi9Yyt1Ajkqkh4hUmsqrlJcAxpDjf8XYoGznrKNYooPm0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKW9Ygw2pNjVw/qKLtUqdALZ0hIPMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvcGIxaUREYWsyTlhELW9vdTFTcDBBdG5TRWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC+Sec4V59zsTP5/HWVw
BSALfoa4a6/qgIfLrxhOtbWhb1UbKcTleTEJbRxS1SSdXs0FK1gZR125VUOcsP8m
jXUBHuPEXCWRBY9rg1pPjoFhnj+juoJy19UYCeyaRPj5TZyOrBwHNgm8lhJcsNpN
QmWomyGzMWf0gNOfrpnyo1pfNLJymzl01IKEbXMt33jRUXnydmqHWg78lkzBKexq
wFiocjOivY5ELAOlCKfCeVtTCu5WJbCDoEPhzkyNZ9JOJxcz/9SuDWYEmc4y1viw
i0GL+y0YHye4JgJa3eRl1HpaVoMcLyAT5o5ysuLGbSqGVxRd04JMpJ4w66QLTwAG
lK0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org