Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/JIkAO5Gg9AaIWKvv5l5DROgdBG8.roa
File: JIkAO5Gg9AaIWKvv5l5DROgdBG8.roa (raw, json)
Hash identifier: HMeh+ztvzLE57mAC3feM79lKLcBFR1ubqiMUIYir7z0=
Subject key identifier: 24:89:00:3B:91:A0:F4:06:88:58:AB:EF:E6:5E:43:44:E8:1D:04:6F
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F57785B9206B3451EC6C93660AD8D1702
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/JIkAO5Gg9AaIWKvv5l5DROgdBG8.roa
Signing time: Wed 08 May 2024 09:10:56 +0000
ROA not before: Wed 08 May 2024 09:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:57:78:5b:92:06:b3:45:1e:c6:c9:36:60:ad:8d:17:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 8 09:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2489003b91a0f4068858abefe65e4344e81d046f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:de:f2:bc:fd:77:6a:b4:35:66:cf:17:6f:3d:
57:a9:0c:1a:dc:e4:8d:d2:a7:70:52:61:2d:cb:e6:
1b:e8:1f:e5:47:60:43:74:cc:f6:cb:61:a7:da:a8:
18:7f:ed:67:42:a2:2d:77:da:8c:37:e9:06:9a:ce:
95:b0:48:ec:4b:9a:18:19:5b:59:95:ff:12:5a:91:
96:f1:94:c3:18:68:86:65:92:f4:b1:fc:80:ea:21:
87:53:3b:0e:b3:5e:8e:a4:06:50:cd:ff:fa:30:e0:
b3:86:9a:64:18:a0:3c:17:ef:56:53:7e:8d:6a:c7:
08:50:96:86:0a:ec:e6:ad:66:71:c0:dc:ce:da:26:
30:82:ad:e5:44:08:d0:dc:82:aa:c8:57:e2:8b:c4:
86:80:a8:7a:dd:86:46:de:56:7d:64:47:ab:be:ce:
fa:5e:95:c6:89:d0:32:da:d1:f3:a3:23:ad:d1:d1:
b0:50:95:66:21:6c:ca:ed:f2:6a:c5:c3:97:49:ba:
a3:1b:f8:23:02:2f:9c:96:63:d9:3a:b0:f1:93:d3:
0a:cc:67:a6:bf:f8:90:67:3d:3e:53:72:e1:e7:8a:
fd:43:b7:fa:c5:31:03:02:18:d4:a3:71:0c:2f:20:
c6:01:c0:92:b6:09:8a:55:0d:9b:66:90:24:96:9d:
3c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:89:00:3B:91:A0:F4:06:88:58:AB:EF:E6:5E:43:44:E8:1D:04:6F
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/JIkAO5Gg9AaIWKvv5l5DROgdBG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:54:b2:59:63:76:cd:08:a0:1e:c7:3c:d5:d4:f1:78:53:a5:
1e:04:d2:5e:18:e5:72:64:c3:f6:3f:42:79:8e:42:2b:9d:86:
2f:07:11:7d:43:59:5c:8b:1d:3b:c6:2f:b0:47:5b:34:b5:51:
b8:d4:b1:03:44:89:c6:df:22:79:a6:ff:36:aa:f8:18:b5:5c:
bc:ad:3c:78:98:9c:ba:51:fa:57:6c:ae:e7:d7:1b:1b:b1:bd:
44:a6:c4:74:cf:6b:4d:3f:39:69:ac:3a:28:b9:c3:4d:7c:a1:
01:79:24:14:2c:9f:d4:57:74:f9:34:24:0c:b9:48:8f:58:d7:
fd:f0:43:e0:cf:33:65:d4:f7:c7:ba:07:ed:05:f8:26:9d:50:
45:eb:d9:0a:06:32:b1:09:96:d8:81:79:c7:11:70:fb:f2:3b:
df:c4:f3:68:f1:50:f3:f7:c5:f0:6a:3e:c1:b2:9b:e0:97:79:
de:d7:3d:57:df:ae:af:9c:2f:bb:37:81:e5:92:38:c5:d3:a6:
61:c0:c4:f7:74:d5:58:42:1b:6c:1c:b6:c7:62:9d:dc:72:64:
1c:1e:7c:0d:8c:0c:59:8a:b9:e2:14:12:16:81:32:d8:a4:6b:
ea:f6:b4:11:7d:e2:38:2f:47:10:47:30:70:d1:38:3f:9b:b7:
71:f2:a1:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9XeFuSBrNFHsbJNmCtjRcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA4MDkxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDg5MDAzYjkxYTBmNDA2ODg1OGFiZWZlNjVlNDM0NGU4MWQwNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnd7yvP13arQ1Zs8Xbz1XqQwa3OSN
0qdwUmEty+Yb6B/lR2BDdMz2y2Gn2qgYf+1nQqItd9qMN+kGms6VsEjsS5oYGVtZ
lf8SWpGW8ZTDGGiGZZL0sfyA6iGHUzsOs16OpAZQzf/6MOCzhppkGKA8F+9WU36N
ascIUJaGCuzmrWZxwNzO2iYwgq3lRAjQ3IKqyFfii8SGgKh63YZG3lZ9ZEervs76
XpXGidAy2tHzoyOt0dGwUJVmIWzK7fJqxcOXSbqjG/gjAi+clmPZOrDxk9MKzGem
v/iQZz0+U3Lh54r9Q7f6xTEDAhjUo3EMLyDGAcCStgmKVQ2bZpAklp086QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCSJADuRoPQGiFir7+ZeQ0ToHQRvMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvSklrQU81R2c5QWFJV0t2djVsNURST2dkQkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE9Uslljds0IoB7HPNXU
8XhTpR4E0l4Y5XJkw/Y/QnmOQiudhi8HEX1DWVyLHTvGL7BHWzS1UbjUsQNEicbf
Inmm/zaq+Bi1XLytPHiYnLpR+ldsrufXGxuxvUSmxHTPa00/OWmsOii5w018oQF5
JBQsn9RXdPk0JAy5SI9Y1/3wQ+DPM2XU98e6B+0F+CadUEXr2QoGMrEJltiBeccR
cPvyO9/E82jxUPP3xfBqPsGym+CXed7XPVffrq+cL7s3geWSOMXTpmHAxPd01VhC
G2wctsdindxyZBwefA2MDFmKueIUEhaBMtika+r2tBF94jgvRxBHMHDROD+bt3Hy
oUE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:34 2025 by rpki-client