Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ra9GcA9LwbqQlrQRT51Qy3QHSRs.roa
File: ra9GcA9LwbqQlrQRT51Qy3QHSRs.roa (raw, json)
Hash identifier: yOnT44+O93YV3KtT5zN5eiaHGPwSoW1nrgx6O7cTMZg=
Subject key identifier: AD:AF:46:70:0F:4B:C1:BA:90:96:B4:11:4F:9D:50:CB:74:07:49:1B
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F7E4E83530FE635CCE4D062D2B5020D21
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ra9GcA9LwbqQlrQRT51Qy3QHSRs.roa
Signing time: Wed 15 May 2024 22:10:25 +0000
ROA not before: Wed 15 May 2024 22:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7e:4e:83:53:0f:e6:35:cc:e4:d0:62:d2:b5:02:0d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 15 22:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adaf46700f4bc1ba9096b4114f9d50cb7407491b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b0:b9:50:6c:b6:ae:bf:1c:e6:e8:6e:61:71:
a0:f7:b9:30:ac:29:bf:f6:d6:07:7c:a7:ec:68:af:
21:56:e8:1d:60:ec:a1:ec:01:37:21:9d:2e:74:77:
e7:ef:21:ff:ef:9e:c4:f4:f6:61:f9:54:3e:fa:0d:
08:84:8d:a4:2d:2e:35:0f:95:6a:3d:8a:7a:4d:17:
80:16:02:20:67:22:69:91:c1:1a:0d:82:f1:ce:fe:
66:7e:25:30:fe:d8:86:fa:78:1f:b6:fd:e5:8b:b6:
19:34:22:48:c7:ff:71:db:43:8b:3d:2b:58:80:44:
c9:dc:40:80:72:2c:98:4d:10:3f:b8:47:07:5d:ac:
0b:d2:db:11:b4:04:86:22:b9:f9:43:0d:ff:55:dd:
dd:8b:34:5c:8c:3d:be:09:58:93:26:ca:35:66:bf:
f6:b1:9c:ef:0a:34:e9:a9:e5:7d:79:d6:7b:84:65:
36:6f:43:3e:ca:a0:ca:8b:53:2c:d2:59:60:85:3d:
6f:dc:6b:95:1f:26:10:af:43:7c:69:32:88:89:9e:
a0:35:c6:84:be:22:df:41:ff:d2:57:1c:07:01:82:
31:ac:b1:43:7f:64:60:d4:65:4d:d1:54:f5:8f:35:
f5:d0:1e:f5:36:4e:f2:19:6f:9c:74:33:bd:3b:58:
40:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AF:46:70:0F:4B:C1:BA:90:96:B4:11:4F:9D:50:CB:74:07:49:1B
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ra9GcA9LwbqQlrQRT51Qy3QHSRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a9:0b:80:32:27:f3:42:48:4e:0c:25:c5:96:ad:e5:15:9a:e9:
56:17:06:c6:65:1f:c9:93:67:72:61:5b:4b:d8:a1:60:a3:ba:
9e:bf:8a:a1:6c:51:8d:c6:2e:25:57:52:36:c5:29:81:fe:08:
18:7e:f9:e0:06:8d:e9:3d:07:05:50:39:04:56:c2:47:be:51:
26:d2:1b:be:44:42:99:73:d1:68:8c:00:69:19:0d:0f:26:46:
ce:51:8c:5f:6d:14:71:94:31:03:6e:a3:a8:16:1b:b5:e5:05:
1f:d6:e3:8a:cd:df:f2:89:af:84:da:8f:a8:6f:b2:67:86:5e:
4b:e6:75:af:41:8d:d4:7e:ae:78:40:3e:92:fc:45:5e:ac:06:
2b:32:b5:6f:d3:a2:7e:08:d1:75:8f:ea:12:09:e2:d5:c6:ed:
1f:f0:15:11:3b:3b:17:38:88:19:6d:4c:f5:5a:62:58:f1:57:
28:4b:8c:ae:27:61:e2:76:d4:81:0c:d5:85:2b:f6:c1:c9:b5:
e2:45:ab:67:3f:c7:89:42:79:79:0a:e6:f8:4b:54:35:58:89:
95:dd:cd:4a:4e:12:86:60:7a:47:53:40:2f:f1:28:44:21:9a:
e5:aa:87:4d:f9:ab:8d:ec:3d:fd:f1:49:a3:12:fe:17:c4:df:
07:1f:74:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9+ToNTD+Y1zOTQYtK1Ag0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE1MjIxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGFmNDY3MDBmNGJjMWJhOTA5NmI0MTE0ZjlkNTBjYjc0MDc0OTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrC5UGy2rr8c5uhuYXGg97kwrCm/
9tYHfKfsaK8hVugdYOyh7AE3IZ0udHfn7yH/757E9PZh+VQ++g0IhI2kLS41D5Vq
PYp6TReAFgIgZyJpkcEaDYLxzv5mfiUw/tiG+ngftv3li7YZNCJIx/9x20OLPStY
gETJ3ECAciyYTRA/uEcHXawL0tsRtASGIrn5Qw3/Vd3dizRcjD2+CViTJso1Zr/2
sZzvCjTpqeV9edZ7hGU2b0M+yqDKi1Ms0llghT1v3GuVHyYQr0N8aTKIiZ6gNcaE
viLfQf/SVxwHAYIxrLFDf2Rg1GVN0VT1jzX10B71Nk7yGW+cdDO9O1hALwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK2vRnAPS8G6kJa0EU+dUMt0B0kbMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvcmE5R2NBOUx3YnFRbHJRUlQ1MVF5M1FIU1JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKkLgDIn80JITgwlxZat
5RWa6VYXBsZlH8mTZ3JhW0vYoWCjup6/iqFsUY3GLiVXUjbFKYH+CBh++eAGjek9
BwVQOQRWwke+USbSG75EQplz0WiMAGkZDQ8mRs5RjF9tFHGUMQNuo6gWG7XlBR/W
44rN3/KJr4Taj6hvsmeGXkvmda9BjdR+rnhAPpL8RV6sBisytW/Ton4I0XWP6hIJ
4tXG7R/wFRE7Oxc4iBltTPVaYljxVyhLjK4nYeJ21IEM1YUr9sHJteJFq2c/x4lC
eXkK5vhLVDVYiZXdzUpOEoZgekdTQC/xKEQhmuWqh035q43sPf3xSaMS/hfE3wcf
dFU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org