Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/M5dTpuBxHCoMT5iKwmTY43IyFN0.roa
File: M5dTpuBxHCoMT5iKwmTY43IyFN0.roa (raw, json)
Hash identifier: Ua3T2DjuM6y37DEtJ6uxH6yOhwNkNsSoxgzY3gQKllg=
Subject key identifier: 33:97:53:A6:E0:71:1C:2A:0C:4F:98:8A:C2:64:D8:E3:72:32:14:DD
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F0F23486704C0CDBA5E663B2F12CF4E74
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/M5dTpuBxHCoMT5iKwmTY43IyFN0.roa
Signing time: Wed 24 Apr 2024 08:05:21 +0000
ROA not before: Wed 24 Apr 2024 08:05:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:f22:df63/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0f:23:48:67:04:c0:cd:ba:5e:66:3b:2f:12:cf:4e:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 24 08:05:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=339753a6e0711c2a0c4f988ac264d8e3723214dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:10:28:1f:19:80:95:db:60:d4:fe:a6:63:a0:
bb:b2:24:95:a8:1a:fe:fe:57:f5:7c:5e:5d:59:06:
21:3b:2a:44:9b:a5:05:68:f7:67:37:96:c2:77:38:
8b:0f:5c:77:55:04:a8:2d:02:51:99:5d:ba:ed:8c:
5f:7d:a5:e9:a8:47:1b:d3:bc:aa:84:21:1b:7a:73:
2c:b2:6e:df:22:e8:57:31:9d:ca:3d:eb:c6:19:0e:
e8:47:31:48:1b:ec:27:4d:8d:4a:fa:13:6b:f3:b6:
dd:d4:b5:b7:29:f4:41:f8:08:9b:38:7c:5f:aa:aa:
83:6d:62:11:7f:dc:7b:57:ec:df:b6:a9:4d:30:7a:
82:95:a8:22:24:4f:f3:42:1c:92:83:9f:85:31:17:
f9:13:7d:43:a0:58:76:4f:da:28:ec:f2:51:88:36:
95:1b:db:e8:b2:a7:57:96:e9:c8:c1:27:5f:a7:f7:
13:d8:b6:04:a6:7d:ff:d5:0e:e9:f8:93:a0:a7:16:
4c:ff:90:85:2b:4f:2c:51:bd:09:90:89:65:8b:29:
12:a8:7b:01:3d:3d:df:bb:c6:79:73:e5:c3:12:3c:
64:2f:69:73:8a:13:fd:56:b3:7a:35:ca:cd:2e:af:
9d:d2:aa:bb:85:32:17:a8:d3:fb:34:c4:2d:2d:89:
c6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:97:53:A6:E0:71:1C:2A:0C:4F:98:8A:C2:64:D8:E3:72:32:14:DD
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/M5dTpuBxHCoMT5iKwmTY43IyFN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
2001:67c:64:ffff:0:18f:f22:df63/128
Signature Algorithm: sha256WithRSAEncryption
48:e0:d0:4c:c4:fd:b7:e7:e2:16:09:b3:ea:5f:26:3c:17:c0:
6c:70:be:79:55:89:09:ae:99:0e:2b:27:b6:e4:76:28:b9:e9:
49:31:b8:73:22:8a:4f:89:d8:b4:4f:bc:c7:46:5d:a4:25:c1:
54:6e:b1:fd:a1:ad:bf:0b:70:cb:c1:5e:76:1f:2e:75:ee:09:
2b:77:f6:3b:4c:27:d9:bf:c2:20:13:19:48:61:ef:f1:e9:9b:
dc:2d:09:73:44:64:4d:3a:02:e3:ff:a8:0c:77:cd:50:9b:5d:
80:15:a3:5f:12:18:3e:24:42:9c:00:4f:89:d7:68:7b:c4:a9:
88:34:96:fd:d8:7d:95:70:b9:fd:97:af:e0:bb:ed:15:76:f6:
79:f9:ff:fa:e7:87:8a:35:38:1b:7f:3f:92:a7:59:d2:0f:ae:
3f:9c:2b:4d:e2:3a:13:4a:49:c1:69:35:c1:ac:41:c8:89:56:
0e:42:90:f9:1b:00:21:6e:26:87:04:0b:67:43:7c:0c:4a:af:
f3:eb:20:2b:e8:74:1a:90:e4:c2:9d:02:95:79:5d:d3:d3:55:
2f:55:d1:9b:7b:df:44:b6:01:a7:84:fa:df:45:f0:a0:a3:4d:
8e:bb:6e:ad:9a:91:69:4f:63:e7:52:7d:32:3e:ac:21:2d:b7:
e5:e5:1b:e3
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY8PI0hnBMDNul5mOy8Sz050MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI0MDgwNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzk3NTNhNmUwNzExYzJhMGM0Zjk4OGFjMjY0ZDhlMzcyMzIxNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxAoHxmAldtg1P6mY6C7siSVqBr+
/lf1fF5dWQYhOypEm6UFaPdnN5bCdziLD1x3VQSoLQJRmV267YxffaXpqEcb07yq
hCEbenMssm7fIuhXMZ3KPevGGQ7oRzFIG+wnTY1K+hNr87bd1LW3KfRB+AibOHxf
qqqDbWIRf9x7V+zftqlNMHqClagiJE/zQhySg5+FMRf5E31DoFh2T9oo7PJRiDaV
G9vosqdXlunIwSdfp/cT2LYEpn3/1Q7p+JOgpxZM/5CFK08sUb0JkIlliykSqHsB
PT3fu8Z5c+XDEjxkL2lzihP9VrN6NcrNLq+d0qq7hTIXqNP7NMQtLYnGcwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFDOXU6bgcRwqDE+YisJk2ONyMhTdMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvTTVkVHB1QnhIQ29NVDVpS3dtVFk0M0l5Rk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAMBAIAATAGAwQDwQAYMCwE
AgACMCYDEQAgAQZ8AGT//wAAAY8FQ55BAxEAIAEGfABk//8AAAGPDyLfYzANBgkq
hkiG9w0BAQsFAAOCAQEASODQTMT9t+fiFgmz6l8mPBfAbHC+eVWJCa6ZDisntuR2
KLnpSTG4cyKKT4nYtE+8x0ZdpCXBVG6x/aGtvwtwy8Fedh8ude4JK3f2O0wn2b/C
IBMZSGHv8emb3C0Jc0RkTToC4/+oDHfNUJtdgBWjXxIYPiRCnABPiddoe8SpiDSW
/dh9lXC5/Zev4LvtFXb2efn/+ueHijU4G38/kqdZ0g+uP5wrTeI6E0pJwWk1waxB
yIlWDkKQ+RsAIW4mhwQLZ0N8DEqv8+sgK+h0GpDkwp0ClXld09NVL1XRm3vfRLYB
p4T630XwoKNNjrturZqRaU9j51J9Mj6sIS235eUb4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org