Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/gjvQj2ED2Dy-WGbRC3McKyRFB2s.roa
File: gjvQj2ED2Dy-WGbRC3McKyRFB2s.roa (raw, json)
Hash identifier: z/gzNQXlX5uy/5ojMEglpeYdmUa0Wj1W3M6hxXnvV+c=
Subject key identifier: 82:3B:D0:8F:61:03:D8:3C:BE:58:66:D1:0B:73:1C:2B:24:45:07:6B
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F4EAD13DF11DCE709D5D5DB2A1FADF351
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/gjvQj2ED2Dy-WGbRC3McKyRFB2s.roa
Signing time: Mon 06 May 2024 16:11:56 +0000
ROA not before: Mon 06 May 2024 16:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4e:ad:13:df:11:dc:e7:09:d5:d5:db:2a:1f:ad:f3:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 6 16:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=823bd08f6103d83cbe5866d10b731c2b2445076b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:d6:eb:e8:a3:7f:36:ef:21:d7:2a:67:8e:5e:
f7:b8:01:a1:84:95:5e:ad:02:0a:df:74:e1:d3:fa:
d0:66:be:73:8e:91:70:5f:ff:e4:39:aa:a1:47:37:
83:e9:54:70:d1:05:61:d8:b5:af:36:45:54:bb:ea:
af:1e:72:ab:4c:2a:dd:f1:87:f3:67:f7:b4:66:c0:
dc:06:40:a1:c3:38:f9:04:e0:82:cb:9c:62:54:9d:
c7:0e:28:78:f1:00:6c:e9:f9:c0:ca:e3:47:2e:9e:
55:71:6d:40:96:73:95:f6:47:80:48:2f:fb:c7:10:
28:20:1e:ac:ae:4d:0d:16:b5:57:95:8a:cd:4c:54:
38:17:41:53:fa:a3:82:06:30:cf:f9:44:30:2a:ed:
22:d3:32:3f:be:72:1d:c7:6d:10:22:6e:e0:ed:29:
2c:82:12:dd:88:f1:97:8c:b7:0c:50:5f:4e:98:31:
2d:00:17:4a:a8:e5:06:86:3f:c7:aa:a8:3e:48:6e:
b6:ce:3b:2f:36:70:25:60:34:d9:79:22:ac:e1:c6:
1b:50:f1:db:aa:44:35:bd:8b:e5:ac:88:d8:fe:14:
10:56:e1:a8:a6:62:bd:a9:54:80:e0:53:ed:3c:99:
77:4e:8d:ff:af:3c:c3:a7:ef:d2:9a:e0:b6:67:3c:
35:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3B:D0:8F:61:03:D8:3C:BE:58:66:D1:0B:73:1C:2B:24:45:07:6B
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/gjvQj2ED2Dy-WGbRC3McKyRFB2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
be:9c:63:56:35:58:b6:9d:7f:15:d7:b8:dc:56:9a:33:c0:5d:
2f:c1:82:8c:66:6b:7f:97:dd:e5:6f:12:40:98:f8:d2:0c:b8:
8d:e7:4a:09:5e:93:80:49:1d:04:79:e3:af:74:67:6c:a9:14:
31:f1:c2:5e:c7:f9:af:65:4f:2c:37:a8:fe:62:cc:ce:8f:5f:
e3:51:b9:44:a2:f3:f4:30:78:a0:c7:3f:28:0a:b1:7b:fc:ad:
64:f2:17:f9:e8:37:a7:76:df:0c:7a:6d:33:e0:ee:65:33:68:
a5:4a:cd:41:aa:3d:fb:66:05:9c:44:d3:ae:b6:2f:5b:6a:c1:
75:74:e6:b5:5f:df:38:e2:43:de:ad:77:c0:09:3a:b7:21:75:
6d:50:c0:de:b5:75:49:01:dd:ad:68:57:26:7e:32:69:e8:07:
63:a6:e0:35:ef:11:70:6c:28:73:94:a5:53:ba:de:82:ad:87:
5c:ff:8f:bb:35:44:1f:ba:0b:bd:72:4a:e4:ae:80:4b:7b:cc:
13:1a:b5:80:69:c5:e1:e4:55:83:fe:1a:2a:05:f2:1f:8a:46:
aa:ca:64:40:52:8b:e4:6a:b0:20:53:2b:d2:f7:48:a6:be:05:
7d:ab:ae:ad:b8:ef:d4:c9:f9:96:b5:17:ec:63:6a:f8:19:21:
c2:12:61:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9OrRPfEdznCdXV2yofrfNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA2MTYxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjNiZDA4ZjYxMDNkODNjYmU1ODY2ZDEwYjczMWMyYjI0NDUwNzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Nbr6KN/Nu8h1ypnjl73uAGhhJVe
rQIK33Th0/rQZr5zjpFwX//kOaqhRzeD6VRw0QVh2LWvNkVUu+qvHnKrTCrd8Yfz
Z/e0ZsDcBkChwzj5BOCCy5xiVJ3HDih48QBs6fnAyuNHLp5VcW1AlnOV9keASC/7
xxAoIB6srk0NFrVXlYrNTFQ4F0FT+qOCBjDP+UQwKu0i0zI/vnIdx20QIm7g7Sks
ghLdiPGXjLcMUF9OmDEtABdKqOUGhj/Hqqg+SG62zjsvNnAlYDTZeSKs4cYbUPHb
qkQ1vYvlrIjY/hQQVuGopmK9qVSA4FPtPJl3To3/rzzDp+/SmuC2Zzw1PwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFII70I9hA9g8vlhm0QtzHCskRQdrMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZ2p2UWoyRUQyRHktV0diUkMzTWNLeVJGQjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL6cY1Y1WLadfxXXuNxW
mjPAXS/Bgoxma3+X3eVvEkCY+NIMuI3nSglek4BJHQR54690Z2ypFDHxwl7H+a9l
Tyw3qP5izM6PX+NRuUSi8/QweKDHPygKsXv8rWTyF/noN6d23wx6bTPg7mUzaKVK
zUGqPftmBZxE0662L1tqwXV05rVf3zjiQ96td8AJOrchdW1QwN61dUkB3a1oVyZ+
MmnoB2Om4DXvEXBsKHOUpVO63oKth1z/j7s1RB+6C71ySuSugEt7zBMatYBpxeHk
VYP+GioF8h+KRqrKZEBSi+RqsCBTK9L3SKa+BX2rrq2479TJ+Za1F+xjavgZIcIS
YXg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org