Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Cxd4IKAv6zuDJNb6GPYc_opGsW8.roa
File: Cxd4IKAv6zuDJNb6GPYc_opGsW8.roa (raw, json)
Hash identifier: k676b3tgjuZGr0dw+QpbmOEjaten4AMZ1UoNpUD6G+8=
Subject key identifier: 0B:17:78:20:A0:2F:EB:3B:83:24:D6:FA:18:F6:1C:FE:8A:46:B1:6F
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F68A4B8D1843EAF2D78AA86FA62758D86
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Cxd4IKAv6zuDJNb6GPYc_opGsW8.roa
Signing time: Sat 11 May 2024 17:12:56 +0000
ROA not before: Sat 11 May 2024 17:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:68:a4:b8:d1:84:3e:af:2d:78:aa:86:fa:62:75:8d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 11 17:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b177820a02feb3b8324d6fa18f61cfe8a46b16f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:71:63:60:be:3e:53:4f:c6:43:6e:9d:20:3f:
a9:19:d2:cc:c9:69:41:2d:71:46:14:19:fb:9c:29:
a5:f2:46:de:ca:ae:ca:c3:56:19:b3:0b:29:9b:63:
69:95:b9:d6:d5:c4:aa:53:c1:81:11:a2:ff:dc:0f:
cc:d6:39:da:77:65:ed:c9:82:56:7c:f0:fe:57:63:
b8:8b:09:40:f9:04:a9:f3:b7:df:04:2e:5d:1d:68:
ec:aa:d1:f0:2b:60:91:75:d1:e0:a8:90:2b:b0:56:
2d:fb:19:a7:87:65:ec:7c:fd:86:f8:aa:46:55:47:
2b:d4:f9:dc:d2:38:4b:68:96:c7:10:07:d8:57:d1:
99:2d:6c:d1:99:d8:a1:2b:50:66:ab:f7:b4:df:47:
3f:99:21:e7:b6:03:a4:7e:97:1a:6a:68:c4:10:60:
5e:69:1c:12:fc:8e:2f:4c:02:37:b5:1d:6e:93:f9:
f8:ef:86:05:53:74:52:c2:65:a9:f1:d3:28:68:c4:
74:33:e8:da:13:93:eb:17:05:da:4f:ad:68:49:ff:
84:84:f4:36:de:21:a5:5f:8d:00:bc:04:2e:86:7e:
56:53:21:91:ce:c3:02:77:fd:f9:8f:b7:8d:09:14:
9b:d2:91:7e:ce:4a:3f:15:be:1f:9c:e5:f7:bb:89:
0f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:17:78:20:A0:2F:EB:3B:83:24:D6:FA:18:F6:1C:FE:8A:46:B1:6F
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Cxd4IKAv6zuDJNb6GPYc_opGsW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:d5:9f:3d:ce:e9:fe:62:11:7d:c0:e2:c8:a2:f8:aa:de:8d:
b6:50:5d:c0:ca:78:0c:5b:ac:2e:8b:7c:37:1a:b7:d0:67:e9:
96:26:a8:69:ee:b8:b1:45:ca:ee:2e:0c:e3:87:b1:27:5d:3c:
55:e9:2e:47:4b:3e:b8:9a:fd:88:96:11:ff:4e:56:ed:3d:0f:
a0:3c:af:70:ac:0b:d0:fc:31:da:ee:19:77:f2:64:62:ad:d1:
50:54:61:7b:4f:5f:b6:79:3f:55:80:43:e7:ed:7f:dd:c7:87:
98:c8:bf:ee:74:b0:35:17:8f:34:76:92:8f:da:bf:b4:ff:db:
61:f8:fc:4d:0d:fd:1a:57:8d:21:ed:b5:56:a1:7d:2a:c8:4b:
ec:18:ee:3e:34:30:79:98:82:87:d9:9b:fc:63:03:fc:93:a8:
7b:0f:d5:1d:2f:7f:97:26:ca:dc:39:44:06:bd:e0:28:46:6f:
3a:98:52:be:c9:91:31:99:ff:3e:e3:58:c3:a5:af:66:fc:9f:
2d:27:de:ae:99:0b:c0:8f:ec:85:e5:d9:cb:ee:67:fb:27:46:
46:28:d6:61:4d:50:7a:13:fc:4c:07:5b:9f:06:03:b1:52:b1:
59:81:23:2c:f8:a6:af:92:35:93:67:13:36:e3:46:71:4a:18:
01:28:7f:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9opLjRhD6vLXiqhvpidY2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTExMTcxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjE3NzgyMGEwMmZlYjNiODMyNGQ2ZmExOGY2MWNmZThhNDZiMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHFjYL4+U0/GQ26dID+pGdLMyWlB
LXFGFBn7nCml8kbeyq7Kw1YZswspm2NplbnW1cSqU8GBEaL/3A/M1jnad2XtyYJW
fPD+V2O4iwlA+QSp87ffBC5dHWjsqtHwK2CRddHgqJArsFYt+xmnh2XsfP2G+KpG
VUcr1Pnc0jhLaJbHEAfYV9GZLWzRmdihK1Bmq/e030c/mSHntgOkfpcaamjEEGBe
aRwS/I4vTAI3tR1uk/n474YFU3RSwmWp8dMoaMR0M+jaE5PrFwXaT61oSf+EhPQ2
3iGlX40AvAQuhn5WUyGRzsMCd/35j7eNCRSb0pF+zko/Fb4fnOX3u4kPawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAsXeCCgL+s7gyTW+hj2HP6KRrFvMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvQ3hkNElLQXY2enVESk5iNkdQWWNfb3BHc1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGPVnz3O6f5iEX3A4sii
+KrejbZQXcDKeAxbrC6LfDcat9Bn6ZYmqGnuuLFFyu4uDOOHsSddPFXpLkdLPria
/YiWEf9OVu09D6A8r3CsC9D8MdruGXfyZGKt0VBUYXtPX7Z5P1WAQ+ftf93Hh5jI
v+50sDUXjzR2ko/av7T/22H4/E0N/RpXjSHttVahfSrIS+wY7j40MHmYgofZm/xj
A/yTqHsP1R0vf5cmytw5RAa94ChGbzqYUr7JkTGZ/z7jWMOlr2b8ny0n3q6ZC8CP
7IXl2cvuZ/snRkYo1mFNUHoT/EwHW58GA7FSsVmBIyz4pq+SNZNnEzbjRnFKGAEo
f00=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org