Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Z1uaPi4n7wYCtR7hehABdaaLopM.roa
File: Z1uaPi4n7wYCtR7hehABdaaLopM.roa (raw, json)
Hash identifier: 57AeE+RruIEtd6y9hk8AMacHZkcUdlui8zFfMUSfvZk=
Subject key identifier: 67:5B:9A:3E:2E:27:EF:06:02:B5:1E:E1:7A:10:01:75:A6:8B:A2:93
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F7C970FCB641A143105E3BA9EC2FC736C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Z1uaPi4n7wYCtR7hehABdaaLopM.roa
Signing time: Wed 15 May 2024 14:10:25 +0000
ROA not before: Wed 15 May 2024 14:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7c:97:0f:cb:64:1a:14:31:05:e3:ba:9e:c2:fc:73:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 15 14:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=675b9a3e2e27ef0602b51ee17a100175a68ba293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:a6:c4:38:00:d5:15:8d:2d:13:84:57:8e:b9:
d8:1d:dc:f0:1d:00:23:19:1b:87:0d:53:1e:63:b1:
32:24:5a:3d:cc:87:ee:2f:55:31:d0:cd:71:3a:0e:
d0:a2:15:7d:2c:48:1d:04:f2:aa:f7:78:c4:10:de:
82:f0:50:98:e0:c1:f7:f9:19:0b:b3:ee:ff:e4:74:
29:4b:d2:86:82:ff:2e:1e:c5:a4:a1:37:dd:1b:b0:
b7:4d:ff:13:20:fd:1c:cd:64:7e:47:de:33:7d:a6:
4b:b7:54:dc:d5:d6:dd:ad:2d:a2:bd:9e:46:72:5d:
a8:f4:98:ba:89:f9:25:d4:01:4f:e5:24:79:ee:a3:
c4:b2:34:ee:07:ec:1a:66:44:5e:f7:13:2b:c5:a7:
b2:2c:77:de:0e:bf:79:b3:bb:62:f5:28:7f:fa:2b:
2c:0d:29:95:40:83:c4:da:fc:d8:a3:5f:04:62:b9:
dd:44:42:d3:e8:f0:bd:d6:ea:dc:b1:a2:83:fb:8f:
55:bf:dc:e4:5c:92:6e:6a:85:cd:05:e3:ea:55:59:
4b:13:a7:79:a4:8d:f5:ab:de:56:6a:c5:59:45:df:
64:93:bf:a6:f0:fc:d9:df:c6:d8:79:b5:c7:58:48:
81:8b:21:2a:64:21:29:e2:7e:d8:b6:ab:2e:c8:05:
f3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5B:9A:3E:2E:27:EF:06:02:B5:1E:E1:7A:10:01:75:A6:8B:A2:93
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Z1uaPi4n7wYCtR7hehABdaaLopM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:f4:1d:42:cb:dc:3a:70:33:32:e0:34:23:37:ba:46:b4:3c:
75:2e:36:64:d2:94:37:56:ec:50:2d:0a:52:87:72:37:c9:6b:
60:c2:f3:d0:11:c6:68:45:75:50:d3:14:b3:e9:da:08:5d:e8:
93:09:1e:eb:7c:08:4a:0e:bf:1f:30:77:d1:1b:07:10:56:25:
1a:5b:8a:de:3a:67:64:50:e6:c9:cf:0b:93:d3:40:90:79:ef:
5a:5f:f3:b8:bb:28:25:41:39:1d:03:aa:7d:e8:ec:8e:15:dd:
9b:e6:01:e7:45:45:54:8d:6d:e0:20:8b:78:22:b7:2c:bb:c4:
76:93:61:e5:f3:e1:a7:57:ac:db:56:df:ad:65:cb:1d:36:46:
a9:01:cd:63:62:fe:d4:cc:37:c3:a3:4d:d5:5e:c1:f2:47:0f:
0e:67:a1:0f:d3:00:3b:77:7e:24:a8:a6:03:12:5e:e5:79:eb:
dc:f9:b4:42:14:8a:f3:83:38:53:71:55:1d:ee:1e:a2:f4:f8:
1b:f6:81:e4:8f:4d:40:4d:48:dc:b6:db:cc:fc:d3:54:99:a1:
f8:64:eb:67:a5:2e:09:ae:c9:52:73:e3:4e:2a:6c:f8:b0:48:
c8:ae:f0:39:e1:38:58:e9:48:3e:fa:a3:7c:aa:31:80:7f:e7:
c8:c4:64:ed
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY98lw/LZBoUMQXjup7C/HNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE1MTQxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzViOWEzZTJlMjdlZjA2MDJiNTFlZTE3YTEwMDE3NWE2OGJhMjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA66bEOADVFY0tE4RXjrnYHdzwHQAj
GRuHDVMeY7EyJFo9zIfuL1Ux0M1xOg7QohV9LEgdBPKq93jEEN6C8FCY4MH3+RkL
s+7/5HQpS9KGgv8uHsWkoTfdG7C3Tf8TIP0czWR+R94zfaZLt1Tc1dbdrS2ivZ5G
cl2o9Ji6ifkl1AFP5SR57qPEsjTuB+waZkRe9xMrxaeyLHfeDr95s7ti9Sh/+iss
DSmVQIPE2vzYo18EYrndRELT6PC91urcsaKD+49Vv9zkXJJuaoXNBePqVVlLE6d5
pI31q95WasVZRd9kk7+m8PzZ38bYebXHWEiBiyEqZCEp4n7YtqsuyAXzmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGdbmj4uJ+8GArUe4XoQAXWmi6KTMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvWjF1YVBpNG43d1lDdFI3aGVoQUJkYWFMb3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHP0HULL3DpwMzLgNCM3
uka0PHUuNmTSlDdW7FAtClKHcjfJa2DC89ARxmhFdVDTFLPp2ghd6JMJHut8CEoO
vx8wd9EbBxBWJRpbit46Z2RQ5snPC5PTQJB571pf87i7KCVBOR0Dqn3o7I4V3Zvm
AedFRVSNbeAgi3gityy7xHaTYeXz4adXrNtW361lyx02RqkBzWNi/tTMN8OjTdVe
wfJHDw5noQ/TADt3fiSopgMSXuV569z5tEIUivODOFNxVR3uHqL0+Bv2geSPTUBN
SNy228z801SZofhk62elLgmuyVJz404qbPiwSMiu8DnhOFjpSD76o3yqMYB/58jE
ZO0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org