Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/zq4IGsuOxioehtEQfKdH2il5Ao0.roa
File: zq4IGsuOxioehtEQfKdH2il5Ao0.roa (raw, json)
Hash identifier: Z4lI84m/FDr0I44agDHLplFpOJC3l5fHJy2DW0PIz5A=
Subject key identifier: CE:AE:08:1A:CB:8E:C6:2A:1E:86:D1:10:7C:A7:47:DA:29:79:02:8D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8B65F0333D6202E7492F3110A16D8C9C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/zq4IGsuOxioehtEQfKdH2il5Ao0.roa
Signing time: Sat 18 May 2024 11:11:04 +0000
ROA not before: Sat 18 May 2024 11:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8b:65:f0:33:3d:62:02:e7:49:2f:31:10:a1:6d:8c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 18 11:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceae081acb8ec62a1e86d1107ca747da2979028d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ef:97:ec:c4:38:60:ee:f4:c6:6d:6a:ea:95:
aa:37:a9:f9:f7:36:8b:72:87:d4:44:ac:55:c0:62:
a3:eb:25:8c:37:86:e8:d5:57:c2:ca:bc:7f:8a:a8:
92:b2:91:63:12:1e:07:0f:a0:f5:99:67:67:f1:cd:
25:f6:5b:2e:d5:9a:32:d2:9d:d8:fb:05:af:e4:a1:
38:77:74:db:b6:ab:b9:3a:e6:27:f2:2a:e0:dd:43:
f9:64:0a:14:ed:47:a9:b3:1b:14:aa:34:b1:72:42:
02:15:81:38:56:c6:11:7d:e8:92:c8:a4:2c:98:5e:
f0:6e:82:b6:e7:69:08:f9:1f:92:e5:37:16:2e:44:
b2:52:60:b5:42:69:94:4c:22:42:8f:2f:c9:51:e3:
79:b4:d8:8b:9b:45:83:66:26:2b:76:06:e2:01:f2:
d3:85:31:dc:53:6a:97:2d:6a:94:e0:9e:5a:d9:5d:
57:ed:42:8b:b4:28:46:56:d8:e2:90:30:40:90:7b:
70:4b:37:0b:85:e6:cd:13:18:3e:37:d6:49:a9:0f:
b4:e2:44:66:48:56:87:1d:90:9a:a8:40:0f:64:e5:
1c:37:cb:6e:14:17:04:f8:2b:de:27:8c:31:a9:ca:
95:4f:06:7a:24:74:14:fe:de:71:02:0b:e8:63:2e:
62:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AE:08:1A:CB:8E:C6:2A:1E:86:D1:10:7C:A7:47:DA:29:79:02:8D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/zq4IGsuOxioehtEQfKdH2il5Ao0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:ea:1a:85:09:2b:61:24:e4:dc:b2:dd:c0:02:d5:d8:e4:91:
7a:8a:7e:fe:67:89:29:19:cd:35:d5:c2:78:58:81:59:d0:8b:
53:9a:a3:68:cb:a5:14:f8:26:62:4b:38:c6:bc:24:e1:2e:f3:
b3:3f:3b:05:42:15:33:ef:52:a3:1c:9c:b0:16:2e:13:35:49:
f7:d8:e3:36:8d:a3:51:38:8f:c8:9e:2a:c6:08:ea:4a:32:ff:
1c:44:dc:9d:34:d2:52:b3:dc:17:f4:d4:fd:99:aa:0c:f4:e2:
9b:49:42:15:40:d2:f1:e5:d8:e1:06:a9:bb:e7:a7:05:6e:76:
83:04:68:e6:e7:bc:cd:56:78:17:76:33:93:e2:9b:c8:fe:d3:
0b:8b:f2:50:a6:a0:78:63:bc:d7:7c:07:59:15:f6:fe:d9:3c:
72:9e:a8:90:a2:59:57:1d:7f:32:6f:49:3b:41:af:2a:58:fd:
28:b2:6a:72:ca:5a:6f:c5:5f:19:01:70:77:a3:19:03:13:16:
f2:15:0e:45:64:3d:94:c1:04:74:71:dd:6b:63:93:96:16:c3:
d7:bc:17:1e:d0:dc:2a:7f:bd:c9:77:6b:74:7d:81:b1:02:62:
28:fe:1d:a4:6b:e8:b9:cb:0a:f9:3a:93:d4:7c:70:d7:02:56:
8a:0c:12:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+LZfAzPWIC50kvMRChbYycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE4MTExMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWFlMDgxYWNiOGVjNjJhMWU4NmQxMTA3Y2E3NDdkYTI5NzkwMjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi++X7MQ4YO70xm1q6pWqN6n59zaL
cofURKxVwGKj6yWMN4bo1VfCyrx/iqiSspFjEh4HD6D1mWdn8c0l9lsu1Zoy0p3Y
+wWv5KE4d3Tbtqu5OuYn8irg3UP5ZAoU7UepsxsUqjSxckICFYE4VsYRfeiSyKQs
mF7wboK252kI+R+S5TcWLkSyUmC1QmmUTCJCjy/JUeN5tNiLm0WDZiYrdgbiAfLT
hTHcU2qXLWqU4J5a2V1X7UKLtChGVtjikDBAkHtwSzcLhebNExg+N9ZJqQ+04kRm
SFaHHZCaqEAPZOUcN8tuFBcE+CveJ4wxqcqVTwZ6JHQU/t5xAgvoYy5iDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM6uCBrLjsYqHobREHynR9opeQKNMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvenE0SUdzdU94aW9laHRFUWZLZEgyaWw1QW8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHbqGoUJK2Ek5Nyy3cAC
1djkkXqKfv5niSkZzTXVwnhYgVnQi1Oao2jLpRT4JmJLOMa8JOEu87M/OwVCFTPv
UqMcnLAWLhM1SffY4zaNo1E4j8ieKsYI6koy/xxE3J000lKz3Bf01P2Zqgz04ptJ
QhVA0vHl2OEGqbvnpwVudoMEaObnvM1WeBd2M5Pim8j+0wuL8lCmoHhjvNd8B1kV
9v7ZPHKeqJCiWVcdfzJvSTtBrypY/SiyanLKWm/FXxkBcHejGQMTFvIVDkVkPZTB
BHRx3Wtjk5YWw9e8Fx7Q3Cp/vcl3a3R9gbECYij+HaRr6LnLCvk6k9R8cNcCVooM
Eqs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org