Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3MRHS5hLZfJtR6EwFANK9i5XnNk.roa
File: 3MRHS5hLZfJtR6EwFANK9i5XnNk.roa (raw, json)
Hash identifier: QSCEydMwZt80PgGzDnn1/V5CI7xS8C2bsdxYc1PMjv0=
Subject key identifier: DC:C4:47:4B:98:4B:65:F2:6D:47:A1:30:14:03:4A:F6:2E:57:9C:D9
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F88CD43537956762414C35D320307139F
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3MRHS5hLZfJtR6EwFANK9i5XnNk.roa
Signing time: Fri 17 May 2024 23:05:04 +0000
ROA not before: Fri 17 May 2024 23:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:88cc:7d1d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:88:cd:43:53:79:56:76:24:14:c3:5d:32:03:07:13:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 17 23:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcc4474b984b65f26d47a13014034af62e579cd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e2:70:f5:62:2c:bc:a7:4d:c7:a0:90:aa:e0:
25:b9:b9:60:b1:e3:4e:66:2b:23:a9:ae:cc:4e:cf:
36:ac:07:e9:f6:57:4c:46:79:48:a7:45:39:a9:bf:
28:b0:d8:e0:8f:be:c0:eb:4a:83:91:b8:66:e6:91:
a9:48:e8:5e:d2:89:8b:7c:78:7e:56:b3:98:4f:3e:
38:b4:b0:6f:2a:36:22:4f:3e:0f:c3:79:71:20:fe:
81:ae:8d:f9:7a:c8:12:de:ce:af:c6:69:83:0f:ee:
91:68:45:ea:68:41:30:d5:b2:78:7a:2e:59:65:7e:
43:11:08:f1:e8:02:a3:e5:60:32:e6:44:2f:4d:ad:
11:60:6c:2a:65:83:63:8c:3b:72:7a:42:68:9d:36:
ab:51:28:ae:c0:f2:94:bd:83:a1:9f:19:cb:c5:39:
9d:74:16:55:5f:b3:01:9d:c1:8c:36:35:51:e4:8f:
9b:ca:b2:9a:53:c1:7c:af:df:5e:e9:4f:7e:83:3a:
5d:4f:8e:b6:77:3d:38:6b:85:e1:dc:50:0b:22:11:
19:4b:ad:69:96:79:20:4a:47:ef:12:f9:72:0e:33:
42:ba:0c:28:9c:ff:4c:7d:fe:8f:8f:7d:bf:18:43:
17:a6:40:bb:c2:84:02:3c:00:5b:48:1e:55:ea:9a:
e4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C4:47:4B:98:4B:65:F2:6D:47:A1:30:14:03:4A:F6:2E:57:9C:D9
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3MRHS5hLZfJtR6EwFANK9i5XnNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:73:95:65:28:87:8c:22:fc:68:f8:c1:87:f5:3e:ef:86:45:
50:2c:ca:f2:cc:81:03:5e:7c:b8:6b:6a:1b:dd:1f:84:97:a7:
cb:46:39:96:fc:d6:8b:c0:ab:c6:5f:9a:ae:5e:10:18:06:65:
ee:60:4f:08:70:15:fb:c8:4b:ff:81:d3:e2:70:48:38:df:ca:
93:f7:d3:92:da:ef:c5:f3:4c:46:74:d4:7d:51:44:7a:b1:30:
cf:0a:f1:6e:b6:e7:57:02:25:19:a0:54:08:a5:6d:8f:dd:43:
99:ef:19:7d:da:cc:d9:3d:6e:22:39:3a:f4:df:e1:26:f0:92:
e9:a7:b8:a9:e1:c1:2b:ad:8e:04:6e:b7:a0:5b:29:12:c5:ba:
95:f2:aa:fa:de:6e:f2:1b:22:38:3a:96:47:ee:85:d3:7e:f6:
90:d0:d5:42:79:31:09:6f:29:e6:9e:15:0a:fb:fb:4b:fe:f1:
a3:b3:82:0e:cf:de:6b:75:e3:69:48:d0:48:93:1d:de:ca:76:
41:d2:96:55:6a:5b:d9:69:18:41:a9:07:17:b2:ff:f6:18:ba:
9d:74:99:9a:aa:31:87:6d:d8:fa:ca:fd:e7:08:12:33:d2:da:
24:83:c4:f6:e7:6a:fd:87:50:ce:33:2a:37:f1:04:b9:96:03:
cf:32:7d:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+IzUNTeVZ2JBTDXTIDBxOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE3MjMwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2M0NDc0Yjk4NGI2NWYyNmQ0N2ExMzAxNDAzNGFmNjJlNTc5Y2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneJw9WIsvKdNx6CQquAlublgseNO
Zisjqa7MTs82rAfp9ldMRnlIp0U5qb8osNjgj77A60qDkbhm5pGpSOhe0omLfHh+
VrOYTz44tLBvKjYiTz4Pw3lxIP6Bro35esgS3s6vxmmDD+6RaEXqaEEw1bJ4ei5Z
ZX5DEQjx6AKj5WAy5kQvTa0RYGwqZYNjjDtyekJonTarUSiuwPKUvYOhnxnLxTmd
dBZVX7MBncGMNjVR5I+byrKaU8F8r99e6U9+gzpdT462dz04a4Xh3FALIhEZS61p
lnkgSkfvEvlyDjNCugwonP9Mff6Pj32/GEMXpkC7woQCPABbSB5V6prkpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNzER0uYS2XybUehMBQDSvYuV5zZMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvM01SSFM1aExaZkp0UjZFd0ZBTks5aTVYbk5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG9zlWUoh4wi/Gj4wYf1
Pu+GRVAsyvLMgQNefLhrahvdH4SXp8tGOZb81ovAq8Zfmq5eEBgGZe5gTwhwFfvI
S/+B0+JwSDjfypP305La78XzTEZ01H1RRHqxMM8K8W6251cCJRmgVAilbY/dQ5nv
GX3azNk9biI5OvTf4SbwkumnuKnhwSutjgRut6BbKRLFupXyqvrebvIbIjg6lkfu
hdN+9pDQ1UJ5MQlvKeaeFQr7+0v+8aOzgg7P3mt142lI0EiTHd7KdkHSllVqW9lp
GEGpBxey//YYup10mZqqMYdt2PrK/ecIEjPS2iSDxPbnav2HUM4zKjfxBLmWA88y
fRc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org