Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/0SoOQnG7a3-JnLOUNND-WaazJhg.roa
File: 0SoOQnG7a3-JnLOUNND-WaazJhg.roa (raw, json)
Hash identifier: OC7sn9YUzwWvVrahrzH8c6ZcLuS485m1nJ0u4ehgT14=
Subject key identifier: D1:2A:0E:42:71:BB:6B:7F:89:9C:B3:94:34:D0:FE:59:A6:B3:26:18
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F4CF4B52E6F97A5E3728AD2E3E23F74C7
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/0SoOQnG7a3-JnLOUNND-WaazJhg.roa
Signing time: Mon 06 May 2024 08:10:56 +0000
ROA not before: Mon 06 May 2024 08:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:f4:b5:2e:6f:97:a5:e3:72:8a:d2:e3:e2:3f:74:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 6 08:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d12a0e4271bb6b7f899cb39434d0fe59a6b32618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7c:59:2f:43:7e:0d:34:f5:ee:84:6e:89:2e:
b4:f5:8b:68:c7:7e:b3:a5:64:93:8d:88:76:84:e8:
af:c3:d3:c3:b9:69:1e:9c:1f:8a:1f:af:46:ea:e7:
2d:29:25:51:1c:1a:5e:b1:d0:c1:5d:ef:83:40:5a:
b0:b8:72:af:5d:ff:01:53:e7:8f:03:bb:f3:01:86:
08:fa:17:53:a8:24:6f:0d:f3:98:d3:f7:1b:04:a2:
9d:78:4d:a7:96:65:7f:ff:e4:73:25:21:65:53:48:
60:01:97:84:83:eb:7b:07:5d:50:fa:2f:dd:af:78:
6d:9d:e7:51:f1:0c:2a:1e:2b:6c:00:31:df:33:7f:
c9:fa:0c:23:e4:8d:f0:40:12:78:99:4c:f1:d4:2d:
c6:b7:b7:89:50:3a:d7:24:9c:0b:b3:3f:6c:f6:13:
b9:ae:a1:7d:d0:6e:10:89:be:09:7c:6c:65:0a:83:
4c:32:ae:43:59:3a:ac:56:10:37:8b:ba:a5:7f:05:
c4:7b:b8:dc:63:39:2c:15:8d:17:4c:7d:1f:df:f9:
b4:dc:4b:24:85:f9:d6:fb:b5:d9:28:57:97:ca:f0:
82:43:77:3e:04:70:57:3a:ee:40:8c:57:1b:83:36:
a8:c3:26:3c:64:c3:04:bb:ff:5e:fb:da:a8:4e:a8:
4d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2A:0E:42:71:BB:6B:7F:89:9C:B3:94:34:D0:FE:59:A6:B3:26:18
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/0SoOQnG7a3-JnLOUNND-WaazJhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:12:e4:2c:62:32:8b:b6:90:74:b0:65:f0:8c:b2:b7:5e:c3:
23:08:6d:be:4c:50:25:65:e6:64:d1:06:ba:80:4a:1e:c4:70:
13:bd:39:0a:07:b2:18:d5:71:c2:0f:33:24:ac:cc:84:72:53:
a7:1e:a0:f0:bc:a1:45:49:69:27:51:6e:81:49:20:96:fa:a2:
f3:c1:f2:d1:24:6d:39:ad:54:92:73:1a:4f:6b:24:22:32:44:
a8:d6:b8:31:b5:78:d4:b8:ee:e7:a5:71:b6:1a:e3:ee:cf:0c:
95:bd:53:40:bd:49:97:29:e6:89:99:9b:b4:1a:f8:cf:b4:50:
9b:8d:c2:b3:34:22:c1:55:4f:1d:d2:36:6b:ec:ba:16:3f:ae:
61:34:a5:12:b0:51:66:5b:9b:eb:1a:b8:60:c9:0c:2d:41:28:
6d:1a:99:c0:55:de:f7:4e:e6:7b:78:de:19:bf:f0:83:46:93:
6b:9f:a5:42:67:65:c5:c7:23:a1:31:e9:80:7c:d1:78:29:2a:
ee:44:95:e1:5e:06:e2:14:3b:a9:35:b0:c2:ff:7c:d1:9c:8b:
05:a3:5a:ee:ed:dd:1c:e2:bf:97:0b:b9:45:0e:dc:ed:81:7d:
96:9c:88:0d:94:53:7a:71:b4:15:7f:e3:f1:a6:68:58:e7:77:
55:f7:c6:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9M9LUub5el43KK0uPiP3THMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA2MDgxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTJhMGU0MjcxYmI2YjdmODk5Y2IzOTQzNGQwZmU1OWE2YjMyNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3xZL0N+DTT17oRuiS609Ytox36z
pWSTjYh2hOivw9PDuWkenB+KH69G6uctKSVRHBpesdDBXe+DQFqwuHKvXf8BU+eP
A7vzAYYI+hdTqCRvDfOY0/cbBKKdeE2nlmV//+RzJSFlU0hgAZeEg+t7B11Q+i/d
r3htnedR8QwqHitsADHfM3/J+gwj5I3wQBJ4mUzx1C3Gt7eJUDrXJJwLsz9s9hO5
rqF90G4Qib4JfGxlCoNMMq5DWTqsVhA3i7qlfwXEe7jcYzksFY0XTH0f3/m03Esk
hfnW+7XZKFeXyvCCQ3c+BHBXOu5AjFcbgzaowyY8ZMMEu/9e+9qoTqhNbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNEqDkJxu2t/iZyzlDTQ/lmmsyYYMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvMFNvT1FuRzdhMy1KbkxPVU5ORC1XYWF6SmhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFgS5CxiMou2kHSwZfCM
srdewyMIbb5MUCVl5mTRBrqASh7EcBO9OQoHshjVccIPMySszIRyU6ceoPC8oUVJ
aSdRboFJIJb6ovPB8tEkbTmtVJJzGk9rJCIyRKjWuDG1eNS47uelcbYa4+7PDJW9
U0C9SZcp5omZm7Qa+M+0UJuNwrM0IsFVTx3SNmvsuhY/rmE0pRKwUWZbm+sauGDJ
DC1BKG0amcBV3vdO5nt43hm/8INGk2ufpUJnZcXHI6Ex6YB80XgpKu5EleFeBuIU
O6k1sML/fNGciwWjWu7t3Rziv5cLuUUO3O2BfZaciA2UU3pxtBV/4/GmaFjnd1X3
xk8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org