Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/KjATCU5l_u8_BxfiBFD0Icyww34.roa
File: KjATCU5l_u8_BxfiBFD0Icyww34.roa (raw, json)
Hash identifier: jy9c8kSw+sXfXYudBkhVsd3skU/fBSuLsfRjYh0Swrs=
Subject key identifier: 2A:30:13:09:4E:65:FE:EF:3F:07:17:E2:04:50:F4:21:CC:B0:C3:7E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F93C619B6190DCA98DE1C80D083C936EE
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/KjATCU5l_u8_BxfiBFD0Icyww34.roa
Signing time: Mon 20 May 2024 02:13:04 +0000
ROA not before: Mon 20 May 2024 02:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:93:c6:19:b6:19:0d:ca:98:de:1c:80:d0:83:c9:36:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 20 02:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a3013094e65feef3f0717e20450f421ccb0c37e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0c:90:db:27:bb:e0:93:b1:26:56:b9:8a:f2:
3d:43:6c:45:53:26:0e:89:f3:25:91:bb:b9:c2:7b:
87:b1:d3:23:99:fb:83:2d:f9:0a:55:3e:51:c7:8b:
49:60:76:12:aa:ef:60:ef:e1:0f:57:90:e8:7c:f3:
ee:27:a7:96:60:7f:1b:6c:68:45:ff:3e:75:ab:14:
44:c6:ce:21:1f:19:3d:df:e8:71:4b:d9:45:6c:c8:
e9:cb:eb:ff:42:c8:38:85:ad:12:1f:3b:eb:99:42:
fb:2e:dd:b6:6a:aa:94:cc:6d:3c:8b:82:71:b0:a0:
d4:d2:bd:cc:5e:30:e1:fd:a3:a3:76:97:14:39:c5:
85:5b:fa:01:6d:7b:48:0d:d5:5e:4e:47:73:e7:cb:
6b:b8:fc:7a:0e:21:0e:a0:36:7f:0c:d4:65:2b:6f:
0d:c0:17:68:5e:db:b5:e7:05:83:59:65:22:f4:92:
f3:eb:d3:53:bd:16:9e:6d:8d:02:30:a1:51:ec:dc:
77:1c:01:e4:5f:98:5d:24:6d:5a:3a:42:ca:b9:e6:
e6:13:f8:9e:8a:b4:b1:28:7d:83:22:b2:88:54:71:
4d:da:c8:fd:9b:63:62:91:13:f7:73:a4:09:95:ca:
6d:66:a2:59:2a:2c:fe:25:7e:78:f6:ea:eb:14:08:
96:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:30:13:09:4E:65:FE:EF:3F:07:17:E2:04:50:F4:21:CC:B0:C3:7E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/KjATCU5l_u8_BxfiBFD0Icyww34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:72:13:ef:e8:6a:a5:cf:bb:2d:9d:be:1c:a7:0d:8b:6e:de:
32:62:ef:6b:e8:88:b8:38:aa:be:9f:23:79:2c:85:03:7a:04:
70:f6:c0:ed:78:e9:2e:bb:8c:5a:8b:69:e8:04:13:24:86:67:
44:ce:17:74:65:5a:11:d1:bd:eb:fe:78:e9:59:c1:aa:28:de:
3a:7b:5c:12:5c:a2:ed:fe:83:2a:a5:43:0f:69:56:cb:42:f7:
a1:0d:0c:a0:c3:f1:e2:aa:c4:93:89:3e:f8:f6:ff:a1:b8:1d:
e2:a3:8b:cb:a1:4a:65:c0:79:88:68:85:6e:4c:68:15:96:ee:
2e:6f:ac:f4:32:ce:61:ae:b2:5f:f9:a2:6e:0e:49:60:1e:9c:
8a:e8:ff:27:90:9b:1e:ef:c1:ba:a9:b2:97:68:1c:e3:8a:6a:
f3:f6:79:b6:d1:48:73:fe:dc:17:27:a1:bb:71:b5:ca:a0:d1:
09:fc:0a:c8:d6:6a:11:d9:01:93:a5:02:74:26:6b:43:2b:d9:
08:70:73:f3:33:94:c4:21:ad:b3:a4:d4:eb:d7:6a:f3:35:cc:
dd:ff:bc:4c:97:06:f8:0f:4f:ed:b7:4e:45:fb:4b:c0:9e:be:
ef:67:3c:17:c1:6f:9a:d5:92:f3:f5:65:c4:63:f8:c9:56:9d:
be:44:62:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+Txhm2GQ3KmN4cgNCDyTbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIwMDIxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTMwMTMwOTRlNjVmZWVmM2YwNzE3ZTIwNDUwZjQyMWNjYjBjMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wyQ2ye74JOxJla5ivI9Q2xFUyYO
ifMlkbu5wnuHsdMjmfuDLfkKVT5Rx4tJYHYSqu9g7+EPV5DofPPuJ6eWYH8bbGhF
/z51qxRExs4hHxk93+hxS9lFbMjpy+v/Qsg4ha0SHzvrmUL7Lt22aqqUzG08i4Jx
sKDU0r3MXjDh/aOjdpcUOcWFW/oBbXtIDdVeTkdz58truPx6DiEOoDZ/DNRlK28N
wBdoXtu15wWDWWUi9JLz69NTvRaebY0CMKFR7Nx3HAHkX5hdJG1aOkLKuebmE/ie
irSxKH2DIrKIVHFN2sj9m2NikRP3c6QJlcptZqJZKiz+JX549urrFAiW1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCowEwlOZf7vPwcX4gRQ9CHMsMN+MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvS2pBVENVNWxfdThfQnhmaUJGRDBJY3l3dzM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFFyE+/oaqXPuy2dvhyn
DYtu3jJi72voiLg4qr6fI3kshQN6BHD2wO146S67jFqLaegEEySGZ0TOF3RlWhHR
vev+eOlZwaoo3jp7XBJcou3+gyqlQw9pVstC96ENDKDD8eKqxJOJPvj2/6G4HeKj
i8uhSmXAeYhohW5MaBWW7i5vrPQyzmGusl/5om4OSWAenIro/yeQmx7vwbqpspdo
HOOKavP2ebbRSHP+3Bcnobtxtcqg0Qn8CsjWahHZAZOlAnQma0Mr2Qhwc/MzlMQh
rbOk1OvXavM1zN3/vEyXBvgPT+23TkX7S8Cevu9nPBfBb5rVkvP1ZcRj+MlWnb5E
Yl0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org