Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/vh_ip2fRh50MCt8BSVOYtZnH1z4.roa
File: vh_ip2fRh50MCt8BSVOYtZnH1z4.roa (raw, json)
Hash identifier: 8RiT28XBEVxaA4NB3ClpNg8yERQdC/dH421FMaBTDPU=
Subject key identifier: BE:1F:E2:A7:67:D1:87:9D:0C:0A:DF:01:49:53:98:B5:99:C7:D7:3E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018EFDC80820961FAA077F3D8F37B0E2DE8A
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/vh_ip2fRh50MCt8BSVOYtZnH1z4.roa
Signing time: Sat 20 Apr 2024 23:12:08 +0000
ROA not before: Sat 20 Apr 2024 23:12:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fd:c8:08:20:96:1f:aa:07:7f:3d:8f:37:b0:e2:de:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 20 23:12:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be1fe2a767d1879d0c0adf01495398b599c7d73e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d4:5a:30:56:8b:4c:ee:55:fd:fd:9d:cd:f3:
8d:54:47:92:94:db:fa:d8:89:14:cd:ee:36:00:f8:
fc:41:02:62:67:e9:fc:70:b0:e9:88:54:5c:2d:fd:
47:75:dc:0b:da:9d:5b:1b:8d:ff:c9:64:1f:3a:10:
0c:6c:cf:f0:a5:b6:d6:7e:3f:3b:2c:3a:4f:c9:b1:
73:7c:c4:58:f8:41:c0:92:d5:f4:e6:91:cb:b1:52:
27:88:71:e6:63:b4:fd:ec:75:fa:29:0e:a2:d3:87:
67:7a:46:00:2f:2e:b2:e2:52:21:07:80:e9:00:e5:
02:fc:78:6b:c3:cd:08:29:c8:ca:33:7b:3a:d0:ae:
a6:4b:c1:d9:ca:be:a7:a9:6f:f6:a6:31:59:83:49:
6d:13:c7:8d:9f:04:0b:75:fb:54:b5:29:a2:88:0b:
5b:61:ac:93:0d:66:39:eb:5d:b5:97:5c:2f:72:b9:
38:6f:60:72:7c:53:41:5e:18:c6:84:e4:53:79:38:
7a:cd:37:76:0c:50:22:7b:93:5b:97:2a:81:e8:9f:
c6:9a:80:93:ee:5b:72:a5:c3:4e:90:7d:6a:d7:6b:
69:41:a0:92:0e:99:e3:d5:41:6d:23:f7:a2:1e:eb:
43:f4:69:58:3b:47:e8:c8:5b:36:9e:fd:a5:d6:3b:
40:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1F:E2:A7:67:D1:87:9D:0C:0A:DF:01:49:53:98:B5:99:C7:D7:3E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/vh_ip2fRh50MCt8BSVOYtZnH1z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
Signature Algorithm: sha256WithRSAEncryption
63:e9:b7:4b:e9:04:7a:4a:22:f6:15:0e:7a:7e:0f:5b:29:3c:
96:b2:03:ce:f5:fe:16:2c:c0:93:df:d4:e6:3d:64:7d:51:fd:
2f:d2:64:2f:ea:77:22:b8:54:47:de:24:52:05:42:7a:bd:23:
a3:99:03:33:43:bc:2d:44:54:9a:94:76:68:7d:7a:ef:8d:89:
78:cd:ce:f0:f5:a6:be:aa:d8:5d:fd:6a:80:ce:a3:8b:c0:81:
88:5c:a5:bb:35:7b:85:6b:9c:c3:4a:b2:62:46:6a:92:ae:4d:
fb:70:3b:b6:d0:c5:83:8d:ed:83:42:dc:b9:1a:90:b7:cd:a4:
01:ff:fd:8d:77:ed:ce:a2:0b:25:aa:5c:6a:12:58:86:72:3e:
66:26:f6:2e:9d:3e:36:71:dc:27:b7:89:94:fc:e5:99:6e:54:
2f:4e:e5:fd:c3:9e:36:ae:ec:eb:60:c3:bb:21:1f:3d:a7:16:
bc:8c:de:3d:5c:6e:82:81:f3:ea:4c:58:ad:36:0b:01:68:f1:
ec:08:48:7e:9d:86:e5:f3:57:e2:84:45:26:cd:a7:32:4f:c4:
cc:62:2b:b0:ac:82:f4:ed:1b:84:b5:2a:4d:af:66:24:3d:d1:
8a:3d:0e:73:03:eb:93:88:f5:0e:2c:7a:0d:c5:76:d7:1c:20:
bd:34:ed:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY79yAgglh+qB389jzew4t6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDIwMjMxMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFmZTJhNzY3ZDE4NzlkMGMwYWRmMDE0OTUzOThiNTk5YzdkNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9RaMFaLTO5V/f2dzfONVEeSlNv6
2IkUze42APj8QQJiZ+n8cLDpiFRcLf1HddwL2p1bG43/yWQfOhAMbM/wpbbWfj87
LDpPybFzfMRY+EHAktX05pHLsVIniHHmY7T97HX6KQ6i04dnekYALy6y4lIhB4Dp
AOUC/Hhrw80IKcjKM3s60K6mS8HZyr6nqW/2pjFZg0ltE8eNnwQLdftUtSmiiAtb
YayTDWY56121l1wvcrk4b2ByfFNBXhjGhORTeTh6zTd2DFAie5NblyqB6J/GmoCT
7ltypcNOkH1q12tpQaCSDpnj1UFtI/eiHutD9GlYO0foyFs2nv2l1jtAJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL4f4qdn0YedDArfAUlTmLWZx9c+MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvdmhfaXAyZlJoNTBNQ3Q4QlNWT1l0Wm5IMXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwQAYMA0G
CSqGSIb3DQEBCwUAA4IBAQBj6bdL6QR6SiL2FQ56fg9bKTyWsgPO9f4WLMCT39Tm
PWR9Uf0v0mQv6nciuFRH3iRSBUJ6vSOjmQMzQ7wtRFSalHZofXrvjYl4zc7w9aa+
qthd/WqAzqOLwIGIXKW7NXuFa5zDSrJiRmqSrk37cDu20MWDje2DQty5GpC3zaQB
//2Nd+3OogslqlxqEliGcj5mJvYunT42cdwnt4mU/OWZblQvTuX9w542ruzrYMO7
IR89pxa8jN49XG6CgfPqTFitNgsBaPHsCEh+nYbl81fihEUmzacyT8TMYiuwrIL0
7RuEtSpNr2YkPdGKPQ5zA+uTiPUOLHoNxXbXHCC9NO06
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org