Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cXRJqyovYZzfNvPAPYtCcUPa0tE.roa
File: cXRJqyovYZzfNvPAPYtCcUPa0tE.roa (raw, json)
Hash identifier: 2l0EEI5yeUvIj3RrrV6IpLTGMCWpsSrm7//2PPMJM1o=
Subject key identifier: 71:74:49:AB:2A:2F:61:9C:DF:36:F3:C0:3D:8B:42:71:43:DA:D2:D1
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9243BFED5371B9A989FF4D2A8F947645
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cXRJqyovYZzfNvPAPYtCcUPa0tE.roa
Signing time: Sun 19 May 2024 19:11:04 +0000
ROA not before: Sun 19 May 2024 19:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:92:43:bf:ed:53:71:b9:a9:89:ff:4d:2a:8f:94:76:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 19 19:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=717449ab2a2f619cdf36f3c03d8b427143dad2d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:69:a0:48:4f:d6:cf:2a:f0:08:60:c5:e1:bf:
db:21:39:e4:4f:d6:e2:7e:68:b9:50:21:1a:10:1e:
3f:ae:8b:c4:a8:e5:0c:e6:d7:3f:a1:6d:d0:92:6d:
80:50:af:5a:c1:6b:49:1a:22:74:91:ae:d2:26:d4:
32:98:ac:e5:f3:b6:91:66:7e:e3:48:d1:ac:7c:48:
29:7c:cd:a5:97:97:69:3b:31:1b:87:5e:f9:c1:3c:
1f:af:af:be:dc:36:ec:21:03:84:6c:58:07:7a:b7:
d1:ed:ab:f2:7d:93:7d:28:bc:4f:22:dc:8a:fc:13:
5a:29:34:80:25:d9:fd:39:3d:73:9a:1f:2a:e4:40:
ae:23:bb:bd:b0:2d:40:72:38:29:aa:16:aa:62:6c:
45:ba:9f:00:a2:51:26:a0:71:32:d0:18:72:ef:19:
10:f2:8f:66:09:7a:05:f6:d4:79:be:2f:58:ae:9d:
54:89:24:de:0e:ef:be:ef:0e:a3:ad:a1:1a:1d:31:
c8:e4:5c:73:34:32:80:13:f7:7e:26:51:49:63:cf:
fb:70:45:29:64:91:7b:5e:c7:e2:3a:65:d0:91:04:
e3:c8:bc:69:81:b2:ae:93:de:16:de:3b:81:4c:22:
2e:27:a8:9c:a9:b0:73:94:b9:27:3d:02:09:43:87:
d6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:74:49:AB:2A:2F:61:9C:DF:36:F3:C0:3D:8B:42:71:43:DA:D2:D1
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cXRJqyovYZzfNvPAPYtCcUPa0tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:4f:ae:2d:83:bf:32:91:62:6b:20:2d:2d:f9:5a:58:e9:c7:
1e:65:2f:ab:89:21:15:e9:38:ed:88:c4:70:1b:d4:9a:a2:a1:
bf:9b:63:dd:ef:3a:98:98:df:1e:5b:61:13:45:99:d6:c5:81:
2b:f8:ed:30:1d:60:96:62:3f:af:cf:4e:6d:ce:dd:3a:d0:69:
a6:f3:ba:be:58:97:f5:f4:a6:ce:46:ab:54:ff:69:91:08:c6:
d1:d7:33:be:1a:43:80:64:bc:b6:54:1f:15:da:08:b0:1f:db:
53:2a:c1:17:13:01:c1:5f:2f:a2:70:e0:17:18:8c:a1:48:14:
2b:a8:62:58:b7:57:57:f3:ec:b0:4f:83:f9:cd:e6:a3:cc:0f:
12:cb:f4:b5:0e:6b:12:fd:49:21:7f:2b:d1:e4:12:a7:44:11:
ab:af:ae:91:70:21:21:c1:a5:5f:b0:89:a6:9c:06:dc:b2:79:
75:a1:e4:18:69:ce:4c:68:14:2f:da:75:06:28:62:40:c4:50:
ef:2e:43:f3:aa:22:b0:1e:41:e7:ab:ca:69:e8:12:bd:4b:2d:
06:0e:d8:54:04:bc:02:ba:3f:24:7a:04:3b:9c:91:1f:17:ea:
ad:09:8e:53:18:d7:69:b0:f3:b5:4b:27:1c:0f:fd:7d:2e:77:
3f:80:3b:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+SQ7/tU3G5qYn/TSqPlHZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE5MTkxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTc0NDlhYjJhMmY2MTljZGYzNmYzYzAzZDhiNDI3MTQzZGFkMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGmgSE/WzyrwCGDF4b/bITnkT9bi
fmi5UCEaEB4/rovEqOUM5tc/oW3Qkm2AUK9awWtJGiJ0ka7SJtQymKzl87aRZn7j
SNGsfEgpfM2ll5dpOzEbh175wTwfr6++3DbsIQOEbFgHerfR7avyfZN9KLxPItyK
/BNaKTSAJdn9OT1zmh8q5ECuI7u9sC1AcjgpqhaqYmxFup8AolEmoHEy0Bhy7xkQ
8o9mCXoF9tR5vi9Yrp1UiSTeDu++7w6jraEaHTHI5FxzNDKAE/d+JlFJY8/7cEUp
ZJF7XsfiOmXQkQTjyLxpgbKuk94W3juBTCIuJ6icqbBzlLknPQIJQ4fWNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHF0SasqL2Gc3zbzwD2LQnFD2tLRMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvY1hSSnF5b3ZZWnpmTnZQQVBZdENjVVBhMHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIpPri2DvzKRYmsgLS35
Wljpxx5lL6uJIRXpOO2IxHAb1Jqiob+bY93vOpiY3x5bYRNFmdbFgSv47TAdYJZi
P6/PTm3O3TrQaabzur5Yl/X0ps5Gq1T/aZEIxtHXM74aQ4BkvLZUHxXaCLAf21Mq
wRcTAcFfL6Jw4BcYjKFIFCuoYli3V1fz7LBPg/nN5qPMDxLL9LUOaxL9SSF/K9Hk
EqdEEauvrpFwISHBpV+wiaacBtyyeXWh5BhpzkxoFC/adQYoYkDEUO8uQ/OqIrAe
QeerymnoEr1LLQYO2FQEvAK6PyR6BDuckR8X6q0JjlMY12mw87VLJxwP/X0udz+A
O1c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org