Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/yzUeqi_SYfdzaWX_tBw31Lp9kb0.roa
File: yzUeqi_SYfdzaWX_tBw31Lp9kb0.roa (raw, json)
Hash identifier: eUg/UmgUHXOjQxmE7vZKPYxajhgmuZN8H4OSpg3aiRQ=
Subject key identifier: CB:35:1E:AA:2F:D2:61:F7:73:69:65:FF:B4:1C:37:D4:BA:7D:91:BD
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8AC20F6FA5A275985D3ABF62BC9EA506
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/yzUeqi_SYfdzaWX_tBw31Lp9kb0.roa
Signing time: Sat 18 May 2024 08:12:04 +0000
ROA not before: Sat 18 May 2024 08:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8a:c2:0f:6f:a5:a2:75:98:5d:3a:bf:62:bc:9e:a5:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 18 08:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb351eaa2fd261f7736965ffb41c37d4ba7d91bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bb:e9:fb:d1:d5:6b:1f:e5:cd:12:15:d6:4f:
8c:51:52:fa:00:c0:96:f1:df:2a:d9:39:91:c0:0f:
47:4f:84:e1:4b:ab:67:e4:98:10:3b:54:df:01:c4:
7a:bd:02:90:48:b7:ce:4b:53:4e:c6:b4:1f:e8:06:
7c:d2:3c:4a:c7:89:2d:48:bd:2d:c8:fe:ef:aa:07:
c8:1e:e8:3a:f9:04:ef:6d:e4:3a:c0:be:74:5a:4d:
2f:8d:e8:28:07:6e:d7:2f:68:dd:85:ce:94:4b:fb:
36:e4:e2:77:46:7d:c4:57:64:aa:68:a9:d8:64:ef:
c6:7e:a3:16:59:8e:53:85:5c:0c:2c:02:37:28:03:
ea:df:17:4f:e4:66:d4:6d:a8:1b:e5:81:d9:4c:6e:
f8:d1:43:57:f1:ab:39:76:29:29:ff:4c:a8:27:cf:
47:2b:73:fd:ab:28:b8:c4:2d:fb:f3:a1:73:a9:64:
49:3d:f7:32:24:b1:35:c5:66:ba:68:c5:2d:d8:12:
8d:8f:cc:f2:36:4b:1a:62:52:09:9a:c2:e4:c2:51:
c7:60:d5:f8:f3:b6:ab:e8:2f:41:f7:cc:93:65:a6:
d1:60:f1:35:c7:54:60:ad:9b:5b:11:60:bd:7c:ff:
55:1a:e6:82:ca:b3:aa:6a:2f:a2:e9:a6:07:8a:ca:
62:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:35:1E:AA:2F:D2:61:F7:73:69:65:FF:B4:1C:37:D4:BA:7D:91:BD
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/yzUeqi_SYfdzaWX_tBw31Lp9kb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:c4:68:7e:d2:22:b8:18:dd:61:35:07:1e:86:0c:2d:5d:92:
9e:d1:c9:3d:40:ce:7a:74:8b:77:89:16:73:31:24:ec:64:07:
8b:1d:b6:15:1f:51:3a:a7:5c:19:8e:8e:4a:4c:75:67:9c:c0:
76:d7:76:d4:f5:2b:a3:76:79:7c:1f:c4:fe:5d:94:29:39:5a:
73:49:ee:89:78:30:f4:99:ad:25:51:b1:d2:34:07:f4:f8:52:
40:c2:e4:79:65:31:e1:87:81:fa:82:04:a0:32:3f:64:f3:61:
38:e5:69:c3:f7:4a:6d:e4:1d:66:e0:30:7d:58:8e:b8:70:3e:
ea:88:30:4e:ae:82:ee:4f:21:9d:43:a9:1e:84:80:d1:b8:fd:
89:da:0c:e3:33:18:f4:03:5b:14:99:f3:e1:62:d1:4c:46:85:
db:7c:16:bd:f4:33:66:5e:dd:20:0a:ae:24:2a:9b:0c:c7:01:
35:79:5a:93:c5:02:ca:7d:36:1b:31:a3:9a:29:1f:1e:50:74:
27:ba:35:8f:75:dd:f7:02:d2:44:6f:48:fd:77:5d:f3:17:0a:
94:30:3c:46:44:8e:d0:35:52:e0:31:87:24:16:43:ca:ad:e2:
97:63:d1:2c:98:22:9d:85:a7:69:9e:45:d1:f8:62:39:7c:5a:
3e:4b:7e:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+Kwg9vpaJ1mF06v2K8nqUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE4MDgxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM1MWVhYTJmZDI2MWY3NzM2OTY1ZmZiNDFjMzdkNGJhN2Q5MWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbvp+9HVax/lzRIV1k+MUVL6AMCW
8d8q2TmRwA9HT4ThS6tn5JgQO1TfAcR6vQKQSLfOS1NOxrQf6AZ80jxKx4ktSL0t
yP7vqgfIHug6+QTvbeQ6wL50Wk0vjegoB27XL2jdhc6US/s25OJ3Rn3EV2SqaKnY
ZO/GfqMWWY5ThVwMLAI3KAPq3xdP5GbUbagb5YHZTG740UNX8as5dikp/0yoJ89H
K3P9qyi4xC3786FzqWRJPfcyJLE1xWa6aMUt2BKNj8zyNksaYlIJmsLkwlHHYNX4
87ar6C9B98yTZabRYPE1x1RgrZtbEWC9fP9VGuaCyrOqai+i6aYHispi7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMs1Hqov0mH3c2ll/7QcN9S6fZG9MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEveXpVZXFpX1NZZmR6YVdYX3RCdzMxTHA5a2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABHEaH7SIrgY3WE1Bx6G
DC1dkp7RyT1Aznp0i3eJFnMxJOxkB4sdthUfUTqnXBmOjkpMdWecwHbXdtT1K6N2
eXwfxP5dlCk5WnNJ7ol4MPSZrSVRsdI0B/T4UkDC5HllMeGHgfqCBKAyP2TzYTjl
acP3Sm3kHWbgMH1YjrhwPuqIME6ugu5PIZ1DqR6EgNG4/YnaDOMzGPQDWxSZ8+Fi
0UxGhdt8Fr30M2Ze3SAKriQqmwzHATV5WpPFAsp9Nhsxo5opHx5QdCe6NY913fcC
0kRvSP13XfMXCpQwPEZEjtA1UuAxhyQWQ8qt4pdj0SyYIp2Fp2meRdH4Yjl8Wj5L
fgo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org