Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/1Zs3pTF-EzVfL5Xfwb1XR6X6f_I.roa
File: 1Zs3pTF-EzVfL5Xfwb1XR6X6f_I.roa (raw, json)
Hash identifier: cnVURaeIfrAhHNw47WoqVfHxRRSlbLQMva2y67Tot00=
Subject key identifier: D5:9B:37:A5:31:7E:13:35:5F:2F:95:DF:C1:BD:57:47:A5:FA:7F:F2
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F77DF7AE1B97C908580C0C40B6E6B8C64
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/1Zs3pTF-EzVfL5Xfwb1XR6X6f_I.roa
Signing time: Tue 14 May 2024 16:11:25 +0000
ROA not before: Tue 14 May 2024 16:11:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:77:df:7a:e1:b9:7c:90:85:80:c0:c4:0b:6e:6b:8c:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 14 16:11:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d59b37a5317e13355f2f95dfc1bd5747a5fa7ff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3b:43:e0:fb:ec:96:23:02:6c:0d:4e:3c:0b:
a4:0c:8a:cf:c2:46:85:0b:79:be:f6:06:c2:60:96:
d4:e6:75:aa:63:67:e7:14:a0:83:2d:48:3e:f1:66:
08:cb:c5:41:4e:52:f8:f1:fb:c0:37:f6:7c:e9:80:
5a:12:6c:74:8f:f0:9a:d0:94:ed:35:c3:22:d1:d2:
5a:05:06:60:d9:fe:13:cd:84:89:27:7d:71:86:dc:
c6:d8:7f:73:05:6a:6d:3b:49:04:3b:66:0b:cc:7c:
36:3c:b1:b7:8c:44:43:f3:e1:04:2d:4c:a4:fe:66:
ad:6a:92:f4:bc:58:7f:f2:7b:c4:41:7a:c4:84:d2:
a1:16:b2:c3:81:61:1d:9f:56:e1:65:02:72:36:50:
2f:54:00:57:03:47:8b:9a:45:61:16:ef:a7:0f:e5:
4e:3d:10:42:ac:e7:62:af:37:56:45:1d:dc:c6:53:
78:fd:51:cd:d3:5b:8c:5d:85:1f:de:61:0c:ae:ff:
d9:d4:0a:4b:23:91:5c:98:a8:03:84:70:d7:b1:fd:
17:b2:65:e6:ba:36:8f:e4:4c:6d:8d:ec:42:0c:21:
0a:e8:96:b6:02:73:7a:fd:9f:fb:c5:6f:b1:75:de:
72:fc:82:db:20:16:41:f8:a7:fb:5b:0a:f3:f8:ea:
a9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:9B:37:A5:31:7E:13:35:5F:2F:95:DF:C1:BD:57:47:A5:FA:7F:F2
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/1Zs3pTF-EzVfL5Xfwb1XR6X6f_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:07:f4:83:fb:fc:bc:2e:f6:30:f3:ca:85:a4:59:27:4d:13:
c1:37:a3:20:6a:b0:57:6d:d9:60:c2:df:d9:62:5e:4e:53:40:
67:10:c2:a7:88:33:63:d9:03:2a:a8:82:d3:8b:13:0c:0e:e2:
79:61:1e:55:f2:5d:fd:77:b9:ab:1a:23:91:5e:d3:f7:68:03:
33:ab:30:fd:99:f1:31:20:b8:9e:fb:10:68:93:d4:14:9f:cc:
fb:f1:56:8b:ef:e9:8d:3c:45:61:b6:ef:6e:39:89:90:d1:83:
cb:18:7a:df:6a:fb:e6:eb:59:a5:7c:ac:b2:80:f6:a8:f4:be:
20:eb:d4:4b:c2:1f:7c:e2:9e:35:0c:76:99:2d:ef:d2:b0:7c:
9b:35:85:ab:1e:86:f9:80:29:dc:6a:a6:52:d0:34:a2:78:ec:
7d:6c:c8:5e:98:f9:3b:6d:f5:cd:ff:61:74:ca:a1:fb:ee:a9:
fb:f3:c6:06:96:7e:37:39:91:8a:cb:c4:61:93:07:0d:b5:24:
a0:79:8c:e6:8f:2c:6c:c0:1a:98:38:b1:f8:53:52:79:a3:fe:
a4:20:65:8b:04:d9:ae:11:70:e8:01:0e:f7:01:78:fa:89:24:
c1:b9:90:94:c4:69:5c:6c:05:e1:81:17:99:dd:3c:65:b8:98:
52:37:74:75
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9333rhuXyQhYDAxAtua4xkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE0MTYxMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTliMzdhNTMxN2UxMzM1NWYyZjk1ZGZjMWJkNTc0N2E1ZmE3ZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TtD4PvsliMCbA1OPAukDIrPwkaF
C3m+9gbCYJbU5nWqY2fnFKCDLUg+8WYIy8VBTlL48fvAN/Z86YBaEmx0j/Ca0JTt
NcMi0dJaBQZg2f4TzYSJJ31xhtzG2H9zBWptO0kEO2YLzHw2PLG3jERD8+EELUyk
/matapL0vFh/8nvEQXrEhNKhFrLDgWEdn1bhZQJyNlAvVABXA0eLmkVhFu+nD+VO
PRBCrOdirzdWRR3cxlN4/VHN01uMXYUf3mEMrv/Z1ApLI5FcmKgDhHDXsf0XsmXm
ujaP5ExtjexCDCEK6Ja2AnN6/Z/7xW+xdd5y/ILbIBZB+Kf7Wwrz+OqpYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNWbN6UxfhM1Xy+V38G9V0el+n/yMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvMVpzM3BURi1FelZmTDVYZndiMVhSNlg2Zl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJAH9IP7/Lwu9jDzyoWk
WSdNE8E3oyBqsFdt2WDC39liXk5TQGcQwqeIM2PZAyqogtOLEwwO4nlhHlXyXf13
uasaI5Fe0/doAzOrMP2Z8TEguJ77EGiT1BSfzPvxVovv6Y08RWG27245iZDRg8sY
et9q++brWaV8rLKA9qj0viDr1EvCH3zinjUMdpkt79KwfJs1hasehvmAKdxqplLQ
NKJ47H1syF6Y+Ttt9c3/YXTKofvuqfvzxgaWfjc5kYrLxGGTBw21JKB5jOaPLGzA
Gpg4sfhTUnmj/qQgZYsE2a4RcOgBDvcBePqJJMG5kJTEaVxsBeGBF5ndPGW4mFI3
dHU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org