Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/xPAEhvMafIWxtZztQDPr6Zcf0LY.roa
File: xPAEhvMafIWxtZztQDPr6Zcf0LY.roa (raw, json)
Hash identifier: Z4L2bmEm5jaoWv38QDOcSF+ea6bKyX8XYurjzPVxHy4=
Subject key identifier: C4:F0:04:86:F3:1A:7C:85:B1:B5:9C:ED:40:33:EB:E9:97:1F:D0:B6
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8C7A6D1DC4254DD440E380C7649C140A
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/xPAEhvMafIWxtZztQDPr6Zcf0LY.roa
Signing time: Sat 18 May 2024 16:13:04 +0000
ROA not before: Sat 18 May 2024 16:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8c:7a:6d:1d:c4:25:4d:d4:40:e3:80:c7:64:9c:14:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 18 16:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4f00486f31a7c85b1b59ced4033ebe9971fd0b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0b:c4:7b:54:ae:a2:ba:7e:93:e9:d3:df:ac:
58:6b:a4:c8:a6:2d:01:54:83:f2:32:db:4b:bf:5d:
d9:1c:62:08:6b:40:4e:49:d0:e5:95:2d:d6:2b:98:
5a:52:1d:53:d6:df:ee:d7:fb:7b:44:0d:4a:88:4b:
d0:10:4e:1a:b8:14:09:bd:31:42:fe:59:24:ac:f9:
91:6f:d9:0d:ab:58:45:99:7d:67:41:2d:df:c9:52:
fc:b3:da:81:b3:74:81:7f:4c:26:66:5a:32:00:5d:
65:ab:13:78:2b:81:ca:28:a0:ad:af:4b:c7:f1:84:
4d:34:b5:dd:1c:e3:8a:11:cb:91:22:85:38:0f:18:
d2:7e:c7:19:47:d7:2c:b5:76:5b:86:3f:42:92:d6:
b1:dd:b3:8c:22:2e:82:b3:21:df:f9:98:3f:a8:d9:
76:d3:a2:a3:22:30:16:89:26:13:87:c7:93:e3:93:
01:36:13:56:ec:13:a1:f5:7f:97:4b:c1:4a:12:9d:
b0:2c:8a:50:7e:15:44:57:79:98:84:5a:38:bc:c1:
83:bc:32:a8:f7:f4:d8:af:6f:c6:61:89:7d:ca:61:
c1:2e:bb:bb:56:58:04:c5:70:bb:5f:1d:3e:15:e4:
25:d5:10:78:03:03:06:e8:18:f4:be:68:10:cc:02:
b2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F0:04:86:F3:1A:7C:85:B1:B5:9C:ED:40:33:EB:E9:97:1F:D0:B6
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/xPAEhvMafIWxtZztQDPr6Zcf0LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:9e:af:63:1f:0b:4f:4e:fe:66:0c:d6:f1:ba:6b:d1:15:4c:
d9:2d:14:49:1f:ca:26:27:67:34:17:ab:ac:fa:eb:dc:7d:b0:
44:fe:64:0e:80:65:c7:5f:b5:63:d4:0d:a9:c2:6f:ed:24:2b:
65:c1:b3:88:dd:71:c6:77:41:dd:03:ae:5e:e7:7b:3c:07:29:
a7:31:f4:7d:cf:0a:72:ad:0f:20:b0:a2:dd:b2:3b:83:22:22:
88:a9:0b:dc:73:7e:2b:52:dd:b7:44:5b:e3:e5:8c:54:78:26:
05:3e:5d:1d:8d:12:42:55:13:18:cf:cf:48:b4:a3:9e:82:29:
16:1b:1b:6d:da:2b:4c:98:c7:ba:9a:a6:17:ed:2a:f6:8b:d4:
fe:e5:3b:a0:33:fb:d8:1d:4b:e5:4d:eb:df:b9:8c:8c:66:fa:
12:9d:08:b5:1a:d9:a1:31:ce:b4:cb:de:a4:d2:2a:29:37:39:
48:4d:86:5b:99:20:f6:89:c4:1f:42:80:e8:aa:72:4a:46:50:
77:39:40:cf:f1:39:f1:63:a3:89:a9:df:b7:05:20:56:72:7d:
0a:7d:ff:2f:cf:e4:0b:03:6c:d6:c8:b4:28:0f:21:11:69:d9:
bf:44:95:fa:62:c1:ee:75:10:1d:10:c0:8b:69:f0:87:99:21:
06:2d:da:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+Mem0dxCVN1EDjgMdknBQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE4MTYxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGYwMDQ4NmYzMWE3Yzg1YjFiNTljZWQ0MDMzZWJlOTk3MWZkMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AvEe1Suorp+k+nT36xYa6TIpi0B
VIPyMttLv13ZHGIIa0BOSdDllS3WK5haUh1T1t/u1/t7RA1KiEvQEE4auBQJvTFC
/lkkrPmRb9kNq1hFmX1nQS3fyVL8s9qBs3SBf0wmZloyAF1lqxN4K4HKKKCtr0vH
8YRNNLXdHOOKEcuRIoU4DxjSfscZR9cstXZbhj9Cktax3bOMIi6CsyHf+Zg/qNl2
06KjIjAWiSYTh8eT45MBNhNW7BOh9X+XS8FKEp2wLIpQfhVEV3mYhFo4vMGDvDKo
9/TYr2/GYYl9ymHBLru7VlgExXC7Xx0+FeQl1RB4AwMG6Bj0vmgQzAKy0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMTwBIbzGnyFsbWc7UAz6+mXH9C2MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEveFBBRWh2TWFmSVd4dFp6dFFEUHI2WmNmMExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFOer2MfC09O/mYM1vG6
a9EVTNktFEkfyiYnZzQXq6z669x9sET+ZA6AZcdftWPUDanCb+0kK2XBs4jdccZ3
Qd0Drl7nezwHKacx9H3PCnKtDyCwot2yO4MiIoipC9xzfitS3bdEW+PljFR4JgU+
XR2NEkJVExjPz0i0o56CKRYbG23aK0yYx7qaphftKvaL1P7lO6Az+9gdS+VN69+5
jIxm+hKdCLUa2aExzrTL3qTSKik3OUhNhluZIPaJxB9CgOiqckpGUHc5QM/xOfFj
o4mp37cFIFZyfQp9/y/P5AsDbNbItCgPIRFp2b9Elfpiwe51EB0QwItp8IeZIQYt
2qU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org