Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/iu-uxsjFnmRDhtqJWHYcKvkSCaQ.roa
File: iu-uxsjFnmRDhtqJWHYcKvkSCaQ.roa (raw, json)
Hash identifier: y8tW57gIGH1FsQ/7lBS43Ymc0MHTv292c5xPe0uAbN0=
Subject key identifier: 8A:EF:AE:C6:C8:C5:9E:64:43:86:DA:89:58:76:1C:2A:F9:12:09:A4
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F83AC65D773AF551CF5171ABFB253FF3D
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/iu-uxsjFnmRDhtqJWHYcKvkSCaQ.roa
Signing time: Thu 16 May 2024 23:11:04 +0000
ROA not before: Thu 16 May 2024 23:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:83:ac:65:d7:73:af:55:1c:f5:17:1a:bf:b2:53:ff:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 16 23:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aefaec6c8c59e644386da8958761c2af91209a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1e:ad:90:53:6a:a8:3d:05:95:dc:55:ea:32:
66:46:02:8a:1d:7d:93:30:e5:4d:2a:3f:90:b7:a9:
74:b2:c2:ee:01:bd:ec:4c:c7:6f:19:d7:3c:7e:5f:
0b:7d:1d:37:a3:eb:3b:12:1b:f9:6c:97:75:c0:02:
66:e7:fe:ff:81:26:ef:1d:65:fb:cd:0d:1a:d4:56:
6c:86:48:80:20:18:eb:7e:06:b8:bb:0c:51:46:ba:
af:fa:1e:e7:dd:a6:97:e0:1d:7d:f2:13:26:37:29:
41:ef:e5:75:72:16:ec:67:9f:61:a6:b5:d7:f8:2d:
8b:ca:5f:d0:e0:ff:4a:db:21:df:7d:22:73:b3:60:
85:67:ad:25:96:bc:d0:d3:12:aa:ac:66:09:fa:24:
24:81:40:70:d3:fa:09:cb:20:62:37:de:87:40:25:
91:28:9a:93:7a:38:37:f1:81:ab:7d:60:a9:ce:7d:
67:c1:22:a8:99:e9:84:ba:32:ee:e9:5b:21:b9:45:
72:bf:2f:fe:5d:2c:2b:de:71:ed:36:13:17:88:8f:
5c:bb:fd:db:3b:b4:08:b2:d7:de:f1:47:ab:fe:6c:
58:6b:73:8d:50:72:1f:4d:e1:b0:1c:12:ca:67:f7:
5c:c2:c1:cb:64:58:5a:9b:1b:47:ab:30:01:1e:41:
cb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:EF:AE:C6:C8:C5:9E:64:43:86:DA:89:58:76:1C:2A:F9:12:09:A4
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/iu-uxsjFnmRDhtqJWHYcKvkSCaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:fa:5e:d9:c9:01:d5:08:23:ca:1b:96:95:a1:89:7b:a1:ae:
32:5a:80:3f:a3:34:3b:3a:5f:95:33:b8:fb:1c:79:3f:43:8e:
f8:78:2c:5a:c4:c4:e1:fd:36:98:df:20:28:2f:4c:a1:d3:b2:
3e:58:9b:f5:ff:7b:33:3d:bc:c9:38:d4:cd:66:16:fe:82:48:
97:99:9e:22:7f:fc:8a:e4:12:93:a4:71:d9:c4:0c:fd:d7:e3:
5f:b5:e0:2d:35:dd:e6:fb:f2:2f:c8:1d:e8:56:44:a6:ec:bf:
2c:36:c0:aa:30:e7:e9:47:75:94:a6:a5:e3:29:13:01:a8:a2:
a9:91:c3:e0:c6:0e:9f:0b:00:04:84:eb:d1:a6:06:57:79:65:
e7:f0:f3:34:67:6f:15:1f:f0:ed:e9:59:91:fb:47:26:1b:53:
d9:ad:75:78:87:ea:8f:99:c8:f4:d3:cc:46:87:5f:b7:31:88:
a7:dd:11:e9:d8:78:6b:95:35:3f:0b:e6:bc:ad:40:11:89:a2:
9b:4b:f1:ba:1a:2a:60:50:dc:82:fd:4b:76:4a:23:e2:92:0b:
a3:73:fa:df:fa:be:d3:a8:37:2b:c6:fc:dd:1f:52:de:f4:8e:
77:f4:30:3f:d2:91:5b:85:3d:82:c8:1f:92:ca:0f:b2:a6:eb:
08:96:30:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+DrGXXc69VHPUXGr+yU/89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE2MjMxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWVmYWVjNmM4YzU5ZTY0NDM4NmRhODk1ODc2MWMyYWY5MTIwOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyh6tkFNqqD0FldxV6jJmRgKKHX2T
MOVNKj+Qt6l0ssLuAb3sTMdvGdc8fl8LfR03o+s7Ehv5bJd1wAJm5/7/gSbvHWX7
zQ0a1FZshkiAIBjrfga4uwxRRrqv+h7n3aaX4B198hMmNylB7+V1chbsZ59hprXX
+C2Lyl/Q4P9K2yHffSJzs2CFZ60llrzQ0xKqrGYJ+iQkgUBw0/oJyyBiN96HQCWR
KJqTejg38YGrfWCpzn1nwSKomemEujLu6VshuUVyvy/+XSwr3nHtNhMXiI9cu/3b
O7QIstfe8Uer/mxYa3ONUHIfTeGwHBLKZ/dcwsHLZFhamxtHqzABHkHL7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIrvrsbIxZ5kQ4baiVh2HCr5EgmkMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvaXUtdXhzakZubVJEaHRxSldIWWNLdmtTQ2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAET6XtnJAdUII8oblpWh
iXuhrjJagD+jNDs6X5UzuPsceT9Djvh4LFrExOH9NpjfICgvTKHTsj5Ym/X/ezM9
vMk41M1mFv6CSJeZniJ//IrkEpOkcdnEDP3X41+14C013eb78i/IHehWRKbsvyw2
wKow5+lHdZSmpeMpEwGooqmRw+DGDp8LAASE69GmBld5Zefw8zRnbxUf8O3pWZH7
RyYbU9mtdXiH6o+ZyPTTzEaHX7cxiKfdEenYeGuVNT8L5rytQBGJoptL8boaKmBQ
3IL9S3ZKI+KSC6Nz+t/6vtOoNyvG/N0fUt70jnf0MD/SkVuFPYLIH5LKD7Km6wiW
MLg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org