Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/HfXPFQvvO6O5e-p_0XIDWZRoyE0.roa
File: HfXPFQvvO6O5e-p_0XIDWZRoyE0.roa (raw, json)
Hash identifier: baiK6sSsmnYOJTJo62X2zRM9Bex1ZLsk6qX0WLSh7Wo=
Subject key identifier: 1D:F5:CF:15:0B:EF:3B:A3:B9:7B:EA:7F:D1:72:03:59:94:68:C8:4D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F48740F40958BD064B8971FE3DFFE4D67
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/HfXPFQvvO6O5e-p_0XIDWZRoyE0.roa
Signing time: Sun 05 May 2024 11:11:56 +0000
ROA not before: Sun 05 May 2024 11:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:48:74:0f:40:95:8b:d0:64:b8:97:1f:e3:df:fe:4d:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 5 11:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1df5cf150bef3ba3b97bea7fd17203599468c84d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:a5:de:75:a8:f5:46:40:29:1a:3a:af:7d:e6:
78:e4:99:3d:13:26:9c:77:1a:0f:74:f5:77:79:b7:
d3:0f:e1:1b:dd:4b:45:ec:55:de:88:26:22:5a:cc:
87:e3:ee:4a:a0:99:1a:e9:b0:f8:94:b3:43:40:9d:
d4:74:12:f9:d5:9f:18:46:6c:57:23:f3:15:9c:37:
26:e9:27:0a:07:dd:54:69:e9:c6:76:db:2c:06:e1:
e8:93:d3:e0:3b:43:71:39:b8:e1:b5:e4:a5:01:14:
4b:dd:64:43:2a:c4:61:d9:54:38:a2:a0:42:ef:58:
c1:f2:de:5c:14:58:c7:5e:9a:4f:d2:7f:63:7a:83:
95:d9:35:99:90:d4:4f:e5:7c:c7:f2:6d:53:11:2d:
9a:36:c1:f4:05:0c:da:2f:8c:9c:b4:7e:7d:91:36:
11:21:55:d1:ab:da:a8:2c:e2:53:37:09:3d:e6:5c:
5e:9e:e8:74:67:27:ce:28:4f:45:71:98:e4:96:47:
fe:07:ec:f1:82:b0:34:ae:6e:45:12:f0:9c:86:72:
fb:a7:db:f4:6e:fd:ce:bd:d9:b0:63:6e:36:2c:8d:
be:5b:d6:1e:4c:57:67:c3:9c:70:a0:84:a1:3c:f1:
4d:b1:06:7b:b3:e4:ff:6f:3b:90:3f:5e:d7:2f:2f:
41:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F5:CF:15:0B:EF:3B:A3:B9:7B:EA:7F:D1:72:03:59:94:68:C8:4D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/HfXPFQvvO6O5e-p_0XIDWZRoyE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
48:32:7c:7e:58:9d:9d:71:58:26:54:8d:68:85:d7:67:f9:9e:
87:f2:e8:ab:b8:68:a4:ba:32:39:1f:db:9e:8b:08:0d:48:6f:
32:ac:78:ae:cd:4d:1b:0d:f2:1b:ea:2e:c9:f3:a3:c6:a3:df:
4b:cb:99:fc:c7:00:7c:47:54:0d:56:ac:6d:d9:85:b4:cc:86:
7d:2d:55:38:08:60:0b:63:d4:ee:4b:4a:5e:57:22:f8:af:44:
44:9e:21:83:27:41:4e:d9:b7:1b:19:e5:df:e5:c3:00:69:0f:
f6:64:30:55:6e:c4:7b:8e:39:82:57:84:1d:bb:6a:09:55:ba:
f1:72:23:38:a8:dd:77:64:ad:66:b9:ab:d3:75:6a:ce:92:88:
76:df:1c:6a:02:63:1f:6f:e0:ec:13:37:98:68:4a:f0:d2:c7:
99:7f:0e:32:9f:8e:ec:59:a0:bc:d2:54:31:23:12:83:cb:4c:
e0:84:54:ef:ec:e4:9c:f0:c0:4b:68:a4:4d:30:af:1b:8a:1d:
60:a2:1f:23:8b:f2:33:21:2f:b5:00:bd:dc:33:34:f5:f3:87:
b1:c5:92:17:11:45:94:60:b6:ae:cc:56:ae:00:4b:fd:22:cb:
a1:cf:6e:ae:62:21:a7:5f:2a:ba:b8:5d:7c:a3:82:e6:ce:c8:
5e:6d:58:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9IdA9AlYvQZLiXH+Pf/k1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA1MTExMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGY1Y2YxNTBiZWYzYmEzYjk3YmVhN2ZkMTcyMDM1OTk0NjhjODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA96Xedaj1RkApGjqvfeZ45Jk9Eyac
dxoPdPV3ebfTD+Eb3UtF7FXeiCYiWsyH4+5KoJka6bD4lLNDQJ3UdBL51Z8YRmxX
I/MVnDcm6ScKB91UaenGdtssBuHok9PgO0NxObjhteSlARRL3WRDKsRh2VQ4oqBC
71jB8t5cFFjHXppP0n9jeoOV2TWZkNRP5XzH8m1TES2aNsH0BQzaL4yctH59kTYR
IVXRq9qoLOJTNwk95lxenuh0ZyfOKE9FcZjklkf+B+zxgrA0rm5FEvCchnL7p9v0
bv3OvdmwY242LI2+W9YeTFdnw5xwoIShPPFNsQZ7s+T/bzuQP17XLy9BCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB31zxUL7zujuXvqf9FyA1mUaMhNMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvSGZYUEZRdnZPNk81ZS1wXzBYSURXWlJveUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEgyfH5YnZ1xWCZUjWiF
12f5nofy6Ku4aKS6Mjkf256LCA1IbzKseK7NTRsN8hvqLsnzo8aj30vLmfzHAHxH
VA1WrG3ZhbTMhn0tVTgIYAtj1O5LSl5XIvivRESeIYMnQU7ZtxsZ5d/lwwBpD/Zk
MFVuxHuOOYJXhB27aglVuvFyIzio3XdkrWa5q9N1as6SiHbfHGoCYx9v4OwTN5ho
SvDSx5l/DjKfjuxZoLzSVDEjEoPLTOCEVO/s5JzwwEtopE0wrxuKHWCiHyOL8jMh
L7UAvdwzNPXzh7HFkhcRRZRgtq7MVq4AS/0iy6HPbq5iIadfKrq4XXyjgubOyF5t
WEw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org