Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8TVhVUEyiFcb8XnsYUpdHmp4udo.roa
File: 8TVhVUEyiFcb8XnsYUpdHmp4udo.roa (raw, json)
Hash identifier: JGuwMKB2JrhNl/g2K6WuIzZ7ya1iRYDbf5Z3TmrZLto=
Subject key identifier: F1:35:61:55:41:32:88:57:1B:F1:79:EC:61:4A:5D:1E:6A:78:B9:DA
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F1291FEFDCEF3D08E7EC69EEB9F90D00D
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8TVhVUEyiFcb8XnsYUpdHmp4udo.roa
Signing time: Thu 25 Apr 2024 00:05:08 +0000
ROA not before: Thu 25 Apr 2024 00:05:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:1291:4a3b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:12:91:fe:fd:ce:f3:d0:8e:7e:c6:9e:eb:9f:90:d0:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 25 00:05:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1356155413288571bf179ec614a5d1e6a78b9da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4f:bc:95:46:1a:c0:2f:36:6f:f2:2a:5c:36:
4d:b7:4a:73:ec:24:93:9c:89:0a:4d:1f:88:d0:23:
95:43:02:ca:01:9a:49:44:87:f9:17:ed:07:c8:0a:
6c:ec:53:35:67:b9:14:bf:32:c1:29:e8:01:c7:2f:
cc:10:27:09:06:8b:9e:76:03:03:e3:58:ca:eb:91:
f7:fe:2c:64:62:3d:90:bc:1c:f5:79:29:3d:84:b4:
dc:07:f5:20:ea:0b:ff:41:4c:ab:94:61:c9:2f:3f:
de:d0:6a:40:f2:9b:5c:8a:b7:d5:47:ee:a4:37:40:
4e:26:42:b2:37:82:b6:c3:a9:ca:6e:e0:d5:57:0a:
01:7e:96:9e:b4:4e:9d:74:d8:9a:bd:af:3d:b6:f4:
95:09:6b:8e:37:58:7b:ed:7c:05:b5:cc:7d:35:21:
16:cf:c8:de:9b:9b:b9:a9:3b:51:9b:da:a1:f3:bd:
42:c9:63:f6:2a:a9:df:be:e8:b1:02:bd:50:63:47:
e6:b6:37:b9:47:55:43:09:7b:37:35:3e:56:e2:19:
6e:69:bb:ca:09:b9:5f:3a:11:2d:e4:5b:90:6e:e8:
d1:7c:96:43:f0:ec:12:d8:c0:bb:a3:51:4b:94:59:
53:86:94:76:fb:f9:3b:62:46:b8:49:df:2f:c4:d8:
1a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:35:61:55:41:32:88:57:1B:F1:79:EC:61:4A:5D:1E:6A:78:B9:DA
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8TVhVUEyiFcb8XnsYUpdHmp4udo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
2001:67c:64:ffff:0:18f:1291:4a3b/128
Signature Algorithm: sha256WithRSAEncryption
2e:7d:22:08:a1:f5:c2:da:ba:61:55:a1:39:ac:13:c7:04:13:
38:4d:8b:44:bd:65:62:7d:89:26:93:72:da:a9:f7:6f:15:00:
89:c1:b7:04:80:0e:31:ec:07:58:a4:48:ad:a8:2e:dc:a4:0f:
a2:e6:03:e4:cd:ba:fd:53:a1:c7:b0:f0:98:a3:33:a6:66:94:
6f:09:14:36:b4:cc:9f:cf:f6:9b:b6:5b:0d:a9:7d:ab:fa:d3:
6b:c2:00:0f:44:72:24:b9:bd:a8:57:d1:6b:33:8d:9c:32:42:
c8:7b:20:0f:51:6b:84:e4:ea:e3:0f:ce:1d:71:34:a8:63:b1:
f5:91:72:f6:41:34:58:53:eb:34:97:00:d1:d1:c1:4c:f9:fe:
e8:8a:39:f5:f8:32:3f:32:8f:e9:b7:63:65:68:ab:f8:9d:03:
f6:4a:1b:a8:1a:11:8a:35:00:a1:a3:e4:a6:dc:36:d4:a5:e2:
c4:7e:0f:46:31:d3:78:e2:2e:ec:74:4c:06:19:9b:19:b2:00:
0a:2a:7e:4a:19:a7:ad:c4:47:5a:a4:60:20:74:1c:2f:33:fc:
56:16:30:21:2b:c7:0d:7a:71:d0:8d:d1:81:12:e9:5f:1d:94:
03:cd:be:b3:20:44:c1:bd:41:c9:01:ec:d4:a5:39:24:e7:a0:
a5:87:1d:b6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY8Skf79zvPQjn7GnuufkNANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI1MDAwNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTM1NjE1NTQxMzI4ODU3MWJmMTc5ZWM2MTRhNWQxZTZhNzhiOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0+8lUYawC82b/IqXDZNt0pz7CST
nIkKTR+I0COVQwLKAZpJRIf5F+0HyAps7FM1Z7kUvzLBKegBxy/MECcJBouedgMD
41jK65H3/ixkYj2QvBz1eSk9hLTcB/Ug6gv/QUyrlGHJLz/e0GpA8ptcirfVR+6k
N0BOJkKyN4K2w6nKbuDVVwoBfpaetE6ddNiava89tvSVCWuON1h77XwFtcx9NSEW
z8jem5u5qTtRm9qh871CyWP2KqnfvuixAr1QY0fmtje5R1VDCXs3NT5W4hluabvK
CblfOhEt5FuQbujRfJZD8OwS2MC7o1FLlFlThpR2+/k7Yka4Sd8vxNgaewIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPE1YVVBMohXG/F57GFKXR5qeLnaMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvOFRWaFZVRXlpRmNiOFhuc1lVcGRIbXA0dWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAMBAIAATAGAwQDwQAYMCwE
AgACMCYDEQAgAQZ8AGT//wAAAY8FQ55BAxEAIAEGfABk//8AAAGPEpFKOzANBgkq
hkiG9w0BAQsFAAOCAQEALn0iCKH1wtq6YVWhOawTxwQTOE2LRL1lYn2JJpNy2qn3
bxUAicG3BIAOMewHWKRIragu3KQPouYD5M26/VOhx7DwmKMzpmaUbwkUNrTMn8/2
m7ZbDal9q/rTa8IAD0RyJLm9qFfRazONnDJCyHsgD1FrhOTq4w/OHXE0qGOx9ZFy
9kE0WFPrNJcA0dHBTPn+6Io59fgyPzKP6bdjZWir+J0D9kobqBoRijUAoaPkptw2
1KXixH4PRjHTeOIu7HRMBhmbGbIACip+ShmnrcRHWqRgIHQcLzP8VhYwISvHDXpx
0I3RgRLpXx2UA82+syBEwb1ByQHs1KU5JOegpYcdtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org