Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/itoApSta5CfUnljJGIkYLPDWniw.roa
File: itoApSta5CfUnljJGIkYLPDWniw.roa (raw, json)
Hash identifier: KyLTMF/0NVJVwN1Ahj792TVqzJX9XQqmD6/I85T6hRc=
Subject key identifier: 8A:DA:00:A5:2B:5A:E4:27:D4:9E:58:C9:18:89:18:2C:F0:D6:9E:2C
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA11647A6566C14A1AEA5B6E6D450A706
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/itoApSta5CfUnljJGIkYLPDWniw.roa
Signing time: Wed 22 May 2024 16:15:42 +0000
ROA not before: Wed 22 May 2024 16:15:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a1:16:47:a6:56:6c:14:a1:ae:a5:b6:e6:d4:50:a7:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 22 16:15:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ada00a52b5ae427d49e58c91889182cf0d69e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:61:eb:f0:ba:11:41:0f:3b:57:bd:55:e5:51:
4d:34:9f:3f:dd:77:63:80:60:33:27:07:6d:48:8c:
af:1a:1a:d8:49:1d:2c:1e:a5:cb:b6:e3:a8:3a:d1:
02:45:19:b4:4e:e9:b3:13:fe:23:96:0c:dd:ae:b5:
79:db:4a:95:4c:06:72:d5:32:6c:ad:26:91:7e:88:
ad:e8:2d:a2:4c:07:46:e5:fd:87:d6:b2:83:0e:90:
34:cd:a2:91:84:02:2b:98:16:3b:fd:61:90:f2:d5:
30:c7:7b:a6:8a:a9:9d:0f:b5:f0:57:bc:4c:70:36:
95:9e:b0:4e:d1:63:9c:cb:fd:f7:82:9d:41:c2:8d:
34:ca:a5:a2:4f:44:cd:af:59:0a:1f:0a:e1:18:25:
26:09:ad:33:be:98:64:b2:24:2a:a2:b6:a6:54:b3:
5a:a4:4a:67:b4:f8:78:f8:f6:93:cd:61:10:24:79:
8f:c1:b8:d3:eb:32:1b:23:d9:f2:db:e2:d6:cc:85:
10:7f:c3:ca:a4:17:cb:be:88:70:df:4e:d8:e5:f8:
65:76:34:65:e4:70:09:5e:22:03:f4:ac:91:0f:39:
4b:21:91:7f:70:1a:91:f3:74:0d:e5:43:de:76:41:
bb:49:1d:0f:85:c8:cb:4e:a8:55:29:85:80:42:7b:
48:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:DA:00:A5:2B:5A:E4:27:D4:9E:58:C9:18:89:18:2C:F0:D6:9E:2C
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/itoApSta5CfUnljJGIkYLPDWniw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:b1:d2:57:93:ca:73:ba:df:ab:66:ef:94:f5:3d:54:9c:04:
79:13:15:d9:5c:e4:93:0b:a7:9e:eb:35:0d:3a:8d:46:4d:d4:
8b:92:ea:be:87:68:c2:a9:cb:df:7e:71:a3:09:f2:db:72:2e:
b0:a9:35:4d:c9:8d:4b:b6:10:76:8b:8d:bb:08:ef:81:f1:27:
31:58:6f:13:aa:00:2f:ee:9c:c1:f9:b8:8a:33:38:47:7b:7b:
c1:4c:d8:ca:0f:39:b0:c4:2f:19:e5:2a:f5:41:4a:4c:63:df:
5a:18:6b:39:30:e6:51:ca:1d:fd:28:90:42:b8:2a:c0:d6:29:
38:2f:70:8c:25:e7:92:44:37:fc:43:63:39:fa:92:a8:49:91:
89:81:03:7d:7f:28:94:f2:dd:b8:1c:96:ae:5d:46:65:f4:91:
17:3a:e9:a8:ec:2d:b4:00:b8:e9:2b:59:cd:13:84:60:38:c1:
e2:5e:93:b4:71:cd:f4:c6:31:67:52:6b:eb:3c:b5:ed:88:9b:
f3:2e:0a:92:8b:c3:31:38:d0:a0:48:51:ed:68:b1:49:ab:b4:
40:9c:45:b0:2a:5c:70:3a:41:5f:e6:de:6d:c3:71:ca:2d:6d:
e1:2d:6b:53:8e:75:8b:dc:dc:87:24:0a:68:a4:61:18:de:ee:
d5:b0:12:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+hFkemVmwUoa6ltubUUKcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIyMTYxNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWRhMDBhNTJiNWFlNDI3ZDQ5ZTU4YzkxODg5MTgyY2YwZDY5ZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmHr8LoRQQ87V71V5VFNNJ8/3Xdj
gGAzJwdtSIyvGhrYSR0sHqXLtuOoOtECRRm0TumzE/4jlgzdrrV520qVTAZy1TJs
rSaRfoit6C2iTAdG5f2H1rKDDpA0zaKRhAIrmBY7/WGQ8tUwx3umiqmdD7XwV7xM
cDaVnrBO0WOcy/33gp1Bwo00yqWiT0TNr1kKHwrhGCUmCa0zvphksiQqoramVLNa
pEpntPh4+PaTzWEQJHmPwbjT6zIbI9ny2+LWzIUQf8PKpBfLvohw307Y5fhldjRl
5HAJXiID9KyRDzlLIZF/cBqR83QN5UPedkG7SR0PhcjLTqhVKYWAQntIGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIraAKUrWuQn1J5YyRiJGCzw1p4sMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvaXRvQXBTdGE1Q2ZVbmxqSkdJa1lMUERXbml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH2x0leTynO636tm75T1
PVScBHkTFdlc5JMLp57rNQ06jUZN1IuS6r6HaMKpy99+caMJ8ttyLrCpNU3JjUu2
EHaLjbsI74HxJzFYbxOqAC/unMH5uIozOEd7e8FM2MoPObDELxnlKvVBSkxj31oY
azkw5lHKHf0okEK4KsDWKTgvcIwl55JEN/xDYzn6kqhJkYmBA31/KJTy3bgclq5d
RmX0kRc66ajsLbQAuOkrWc0ThGA4weJek7RxzfTGMWdSa+s8te2Im/MuCpKLwzE4
0KBIUe1osUmrtECcRbAqXHA6QV/m3m3DccotbeEta1OOdYvc3IckCmikYRje7tWw
Ei4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org