Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rLE9CH-ngbp4Wb8xVXidQeeMne0.roa
File: rLE9CH-ngbp4Wb8xVXidQeeMne0.roa (raw, json)
Hash identifier: S35NajG3em6jDRV/OkMX//xvAOU5mAGnH9D0t4AIUis=
Subject key identifier: AC:B1:3D:08:7F:A7:81:BA:78:59:BF:31:55:78:9D:41:E7:8C:9D:ED
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F261F679B34AAB7739668F31EAC4BC9EC
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rLE9CH-ngbp4Wb8xVXidQeeMne0.roa
Signing time: Sun 28 Apr 2024 19:12:23 +0000
ROA not before: Sun 28 Apr 2024 19:12:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:26:1f:67:9b:34:aa:b7:73:96:68:f3:1e:ac:4b:c9:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 28 19:12:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acb13d087fa781ba7859bf3155789d41e78c9ded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d2:dd:d0:09:d8:2f:bf:73:05:dd:ce:35:19:
62:d3:71:3d:49:a6:2d:76:36:4f:df:1d:e0:f4:6f:
66:a9:ed:04:22:46:d4:18:f0:d4:2b:df:47:82:69:
24:a4:9a:3b:f3:e3:43:21:7b:b3:fd:cd:91:83:b8:
10:92:4d:50:b3:ec:b3:87:94:d7:a6:1d:02:8e:4e:
46:92:52:fc:32:55:b0:af:8e:71:44:1a:d3:10:ac:
07:f3:5c:4e:ec:7a:67:2f:61:8c:6b:0d:b1:16:a9:
0f:e7:20:f2:26:4b:e0:04:76:21:42:d0:e7:78:5c:
84:4f:2f:3f:39:fc:92:29:95:92:f1:0a:59:3c:30:
f1:98:ba:03:0e:00:12:5f:31:a5:95:c9:5c:98:25:
2b:50:e5:e3:b8:32:4a:26:e4:63:bd:49:c9:27:f3:
bb:68:db:26:f3:ec:b8:5d:8d:f0:b5:f2:37:91:61:
72:3e:31:c2:c5:cc:3a:7f:fa:f1:03:79:3b:c1:c0:
a0:b7:37:7c:3c:c8:86:ee:a6:1a:41:fc:a0:2f:8e:
3e:98:c4:86:90:88:a0:06:22:0a:f0:64:41:9d:eb:
38:ba:93:66:8e:ee:5c:c9:33:41:be:d4:b1:90:6e:
e0:20:93:11:7f:5f:8f:2c:58:14:b1:fa:fe:95:7b:
a1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B1:3D:08:7F:A7:81:BA:78:59:BF:31:55:78:9D:41:E7:8C:9D:ED
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rLE9CH-ngbp4Wb8xVXidQeeMne0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
b6:b2:c9:fb:d0:96:71:f9:02:83:90:cd:c6:cf:f1:0c:ea:b6:
fa:fd:8e:38:f4:1b:c1:aa:ae:30:c6:e8:c5:06:71:e4:96:6a:
f3:8d:77:71:ab:de:c1:da:41:84:b4:18:43:2e:18:ff:e2:53:
39:af:1d:86:40:dc:4c:f3:1e:12:44:07:6e:c7:b7:cc:95:8b:
52:a0:8b:6d:94:6e:51:28:62:d5:9e:d1:6c:ab:04:55:34:cf:
ce:b1:2f:2c:5a:09:5d:fa:cb:1e:9f:2a:16:fa:b6:da:35:55:
ed:2c:2f:a4:a4:bb:9e:1a:7b:3f:8f:f4:da:90:df:d6:7b:fd:
07:05:be:39:53:49:d0:06:d9:35:02:d9:67:b7:e8:98:0f:5e:
2a:70:d3:a3:e3:7d:2f:ad:ef:ea:d6:5b:f6:25:46:bc:29:70:
38:2f:6a:fb:ac:16:09:94:91:4d:d3:52:1b:01:c0:c8:9f:67:
d1:3e:47:86:17:80:25:8c:5c:ae:7d:37:a2:7d:ea:e9:9a:22:
e4:f5:ad:2e:d5:64:29:7a:f8:0c:7d:9d:17:c3:30:86:a9:44:
31:ca:cc:31:62:8f:05:2a:74:ef:82:9d:4d:88:c5:3c:2e:44:
23:1f:9a:14:5a:3a:c8:35:e7:aa:e6:af:c1:90:9f:6a:40:b9:
cb:cf:60:09
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8mH2ebNKq3c5Zo8x6sS8nsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI4MTkxMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2IxM2QwODdmYTc4MWJhNzg1OWJmMzE1NTc4OWQ0MWU3OGM5ZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdLd0AnYL79zBd3ONRli03E9SaYt
djZP3x3g9G9mqe0EIkbUGPDUK99HgmkkpJo78+NDIXuz/c2Rg7gQkk1Qs+yzh5TX
ph0Cjk5GklL8MlWwr45xRBrTEKwH81xO7HpnL2GMaw2xFqkP5yDyJkvgBHYhQtDn
eFyETy8/OfySKZWS8QpZPDDxmLoDDgASXzGllclcmCUrUOXjuDJKJuRjvUnJJ/O7
aNsm8+y4XY3wtfI3kWFyPjHCxcw6f/rxA3k7wcCgtzd8PMiG7qYaQfygL44+mMSG
kIigBiIK8GRBnes4upNmju5cyTNBvtSxkG7gIJMRf1+PLFgUsfr+lXuh1QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKyxPQh/p4G6eFm/MVV4nUHnjJ3tMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvckxFOUNILW5nYnA0V2I4eFZYaWRRZWVNbmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQC2ssn7
0JZx+QKDkM3Gz/EM6rb6/Y449BvBqq4wxujFBnHklmrzjXdxq97B2kGEtBhDLhj/
4lM5rx2GQNxM8x4SRAdux7fMlYtSoIttlG5RKGLVntFsqwRVNM/OsS8sWgld+sse
nyoW+rbaNVXtLC+kpLueGns/j/TakN/We/0HBb45U0nQBtk1Atlnt+iYD14qcNOj
430vre/q1lv2JUa8KXA4L2r7rBYJlJFN01IbAcDIn2fRPkeGF4AljFyufTeiferp
miLk9a0u1WQpevgMfZ0XwzCGqUQxyswxYo8FKnTvgp1NiMU8LkQjH5oUWjrINeeq
5q/BkJ9qQLnLz2AJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org