Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/SzJJ7THtgJT1hmGt98G2_piLyCk.roa
File: SzJJ7THtgJT1hmGt98G2_piLyCk.roa (raw, json)
Hash identifier: nQwsBTFG2hobBzmyblW/49qCFmkKWmipwMIygfb0Frk=
Subject key identifier: 4B:32:49:ED:31:ED:80:94:F5:86:61:AD:F7:C1:B6:FE:98:8B:C8:29
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F509A8D044EB4F6674321BC2E393D5A4D
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/SzJJ7THtgJT1hmGt98G2_piLyCk.roa
Signing time: Tue 07 May 2024 01:10:56 +0000
ROA not before: Tue 07 May 2024 01:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:50:9a:8d:04:4e:b4:f6:67:43:21:bc:2e:39:3d:5a:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 7 01:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b3249ed31ed8094f58661adf7c1b6fe988bc829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:8b:a8:84:0e:61:0d:d7:57:35:69:b3:15:8e:
d4:af:6b:7e:a3:c9:2f:9c:eb:a5:2c:d4:2f:e1:d9:
ce:49:7d:e3:7a:e8:c4:13:bf:a5:85:df:f4:7d:9a:
79:db:a9:df:d1:53:44:d9:a0:ec:4e:53:99:39:c0:
60:80:ab:7d:d0:b3:01:4a:c0:26:fe:a9:e1:b7:61:
a9:01:d7:66:77:3b:ec:0c:22:b9:54:81:5b:58:43:
6a:2e:99:69:2b:01:d6:6a:31:69:5f:0f:84:eb:39:
5a:69:6e:ea:b6:4f:45:2f:cf:b2:5d:8b:7e:16:3c:
18:9f:38:43:17:3f:5f:b4:1c:80:a4:e4:a1:be:0c:
02:13:73:bc:03:c3:57:6a:97:0e:65:d7:a9:8b:b9:
8b:b0:41:2e:39:05:c0:ef:c6:9f:0e:a2:56:fd:72:
c6:78:35:9e:82:e4:fc:76:40:39:6e:d6:ef:af:73:
20:0b:e7:f1:df:ff:19:5a:63:41:2e:71:c8:c2:7d:
c6:5b:66:63:bc:f2:01:1e:42:b6:d6:94:c0:63:15:
06:31:c1:17:e6:af:b5:a4:38:57:06:5b:fc:ba:3d:
6b:8f:f6:99:2d:35:f9:1f:b8:7d:cc:46:23:01:99:
b1:77:3c:f1:04:98:af:30:3b:3a:aa:d5:56:06:9a:
6e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:32:49:ED:31:ED:80:94:F5:86:61:AD:F7:C1:B6:FE:98:8B:C8:29
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/SzJJ7THtgJT1hmGt98G2_piLyCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:43:9b:f3:ee:ae:85:2a:df:5f:78:ad:2a:4d:8b:cf:91:cc:
ce:75:3e:05:06:f5:ad:8c:00:a6:da:5c:89:1e:22:48:c3:b6:
2a:22:1b:cd:03:e7:f5:92:a3:14:46:bb:73:c1:ac:a1:72:4b:
01:fc:bc:b4:11:15:7c:48:d5:90:20:ef:f7:55:eb:88:d6:04:
f6:1d:c7:eb:6e:17:5e:35:22:c3:c3:40:ee:b5:ff:32:29:d6:
7a:00:0f:f8:35:91:c1:d5:04:e8:b3:77:4d:33:a2:88:86:d8:
4a:91:5c:84:bb:05:9d:ce:51:89:87:2d:48:34:4b:fb:a3:9f:
31:e8:8a:89:69:84:d8:51:09:73:57:ba:27:51:03:46:b4:75:
ce:45:cb:f5:f9:fd:3b:01:0d:ca:2b:6b:ad:d1:25:dd:34:6c:
3f:fd:8a:38:3a:42:a3:35:05:f8:12:9e:30:71:a9:84:17:e5:
e8:d1:12:e0:06:b5:bc:43:2f:14:3b:20:30:90:ce:63:1b:eb:
74:b4:79:5d:11:7c:a8:e1:92:73:08:ce:c8:3a:c1:24:9f:17:
2b:45:d6:70:02:bd:43:d3:d5:83:6c:3d:1c:54:a7:cd:eb:63:
d1:ec:a0:3e:fb:e7:f8:80:bc:f0:bd:53:56:8b:b0:1e:72:1e:
1e:b2:21:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9Qmo0ETrT2Z0MhvC45PVpNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA3MDExMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjMyNDllZDMxZWQ4MDk0ZjU4NjYxYWRmN2MxYjZmZTk4OGJjODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA84uohA5hDddXNWmzFY7Ur2t+o8kv
nOulLNQv4dnOSX3jeujEE7+lhd/0fZp526nf0VNE2aDsTlOZOcBggKt90LMBSsAm
/qnht2GpAddmdzvsDCK5VIFbWENqLplpKwHWajFpXw+E6zlaaW7qtk9FL8+yXYt+
FjwYnzhDFz9ftByApOShvgwCE3O8A8NXapcOZdepi7mLsEEuOQXA78afDqJW/XLG
eDWeguT8dkA5btbvr3MgC+fx3/8ZWmNBLnHIwn3GW2ZjvPIBHkK21pTAYxUGMcEX
5q+1pDhXBlv8uj1rj/aZLTX5H7h9zEYjAZmxdzzxBJivMDs6qtVWBppuDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEsySe0x7YCU9YZhrffBtv6Yi8gpMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvU3pKSjdUSHRnSlQxaG1HdDk4RzJfcGlMeUNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADVDm/PuroUq3194rSpN
i8+RzM51PgUG9a2MAKbaXIkeIkjDtioiG80D5/WSoxRGu3PBrKFySwH8vLQRFXxI
1ZAg7/dV64jWBPYdx+tuF141IsPDQO61/zIp1noAD/g1kcHVBOizd00zooiG2EqR
XIS7BZ3OUYmHLUg0S/ujnzHoiolphNhRCXNXuidRA0a0dc5Fy/X5/TsBDcora63R
Jd00bD/9ijg6QqM1BfgSnjBxqYQX5ejREuAGtbxDLxQ7IDCQzmMb63S0eV0RfKjh
knMIzsg6wSSfFytF1nACvUPT1YNsPRxUp83rY9HsoD775/iAvPC9U1aLsB5yHh6y
IYY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:42 2025 by rpki-client