Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/nSBja_1BoX817gszj7sOzFB6nxs.roa
File: nSBja_1BoX817gszj7sOzFB6nxs.roa (raw, json)
Hash identifier: ak6EKnPIcU8I8iSGo7pY+3nqTnI3a5ovQtj7clYicVA=
Subject key identifier: 9D:20:63:6B:FD:41:A1:7F:35:EE:0B:33:8F:BB:0E:CC:50:7A:9F:1B
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8E66FBBF1DECAD49B42B008BF4A7576D
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/nSBja_1BoX817gszj7sOzFB6nxs.roa
Signing time: Sun 19 May 2024 01:11:04 +0000
ROA not before: Sun 19 May 2024 01:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8e:66:fb:bf:1d:ec:ad:49:b4:2b:00:8b:f4:a7:57:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 19 01:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d20636bfd41a17f35ee0b338fbb0ecc507a9f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:61:7c:e1:07:57:64:a9:6c:b1:1b:ad:8b:cd:
b8:27:44:fa:13:e7:b9:7b:a8:53:1f:bd:7a:00:28:
c2:f5:90:93:b4:9f:11:c4:e2:ef:38:14:59:48:96:
82:ea:6b:bd:61:52:49:53:a1:ee:d5:c3:60:ac:c2:
fd:b0:e8:4f:91:3b:7a:c6:5f:01:4b:d1:bf:b8:83:
a0:b4:e2:c0:28:c0:7b:8e:52:0a:5b:11:b5:58:ac:
02:e8:f6:d2:64:38:b9:10:42:c9:d6:1d:77:e0:10:
c3:bb:dd:01:fd:51:34:ee:e7:c1:a0:8d:e7:1a:9e:
b0:49:99:61:2f:12:a7:1c:b4:ac:90:2e:78:fe:18:
6e:e6:20:3b:dd:fe:e2:f0:89:ed:37:27:67:57:95:
36:47:cb:fe:61:4b:72:a5:dc:43:e0:6e:b1:87:ba:
0d:df:3c:5b:b3:8d:51:28:be:9b:da:43:93:6d:aa:
53:30:fc:49:0b:2c:9b:13:1b:1e:03:8c:08:1c:f6:
d7:29:f7:c4:be:51:64:32:3f:6c:8d:d1:a0:46:f9:
54:4c:9d:32:4b:1e:2c:d0:95:e6:72:82:91:4d:f2:
12:ae:21:26:d1:f5:36:29:48:86:45:4e:c6:54:e2:
3a:fe:91:7c:14:b6:5b:05:cf:d2:b4:ac:c9:3a:e2:
68:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:20:63:6B:FD:41:A1:7F:35:EE:0B:33:8F:BB:0E:CC:50:7A:9F:1B
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/nSBja_1BoX817gszj7sOzFB6nxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:f7:fa:11:dc:0b:70:eb:89:c0:22:5b:e3:49:54:28:4c:18:
4e:b3:bc:ee:23:27:b6:a2:25:6c:9b:85:af:85:6c:62:32:f2:
a9:c3:aa:80:fa:74:c8:78:a1:0e:ab:93:49:1a:64:c0:6f:33:
a8:34:c8:4b:4a:79:a2:03:9f:16:56:f7:43:07:9f:6d:aa:40:
90:04:98:b5:11:0c:da:36:7c:29:92:c7:4c:11:2c:7a:45:74:
ff:11:44:31:c7:11:cb:06:ae:b1:70:3d:99:88:2e:3d:78:5d:
6b:f2:8b:0d:c7:e6:0e:6d:9a:51:45:ce:fb:d1:53:eb:9e:09:
3a:ae:f3:a4:e3:60:bc:e7:6d:a3:54:97:b3:2d:eb:88:25:9b:
b8:b2:bf:76:fa:40:82:e2:fc:b4:a7:70:e6:0b:e9:91:b4:48:
d2:53:47:17:9d:ed:de:14:98:50:78:21:96:67:4a:b2:b7:3a:
bc:83:5e:9f:ba:9c:d4:8d:bb:ea:42:f8:ca:73:4c:b6:e9:49:
6c:eb:f6:19:a8:d7:30:fc:2a:de:64:ae:66:43:49:b1:7a:cb:
ea:d7:fc:bb:02:87:d4:1b:93:d5:8b:66:7e:66:d2:91:c4:96:
6d:f1:8f:33:65:a5:01:ad:f3:dc:30:14:86:ad:04:6e:a6:93:
64:cc:5e:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+OZvu/HeytSbQrAIv0p1dtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE5MDExMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDIwNjM2YmZkNDFhMTdmMzVlZTBiMzM4ZmJiMGVjYzUwN2E5ZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GF84QdXZKlssRuti824J0T6E+e5
e6hTH716ACjC9ZCTtJ8RxOLvOBRZSJaC6mu9YVJJU6Hu1cNgrML9sOhPkTt6xl8B
S9G/uIOgtOLAKMB7jlIKWxG1WKwC6PbSZDi5EELJ1h134BDDu90B/VE07ufBoI3n
Gp6wSZlhLxKnHLSskC54/hhu5iA73f7i8IntNydnV5U2R8v+YUtypdxD4G6xh7oN
3zxbs41RKL6b2kOTbapTMPxJCyybExseA4wIHPbXKffEvlFkMj9sjdGgRvlUTJ0y
Sx4s0JXmcoKRTfISriEm0fU2KUiGRU7GVOI6/pF8FLZbBc/StKzJOuJokwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ0gY2v9QaF/Ne4LM4+7DsxQep8bMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvblNCamFfMUJvWDgxN2dzemo3c096RkI2bnhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFD3+hHcC3DricAiW+NJ
VChMGE6zvO4jJ7aiJWybha+FbGIy8qnDqoD6dMh4oQ6rk0kaZMBvM6g0yEtKeaID
nxZW90MHn22qQJAEmLURDNo2fCmSx0wRLHpFdP8RRDHHEcsGrrFwPZmILj14XWvy
iw3H5g5tmlFFzvvRU+ueCTqu86TjYLznbaNUl7Mt64glm7iyv3b6QILi/LSncOYL
6ZG0SNJTRxed7d4UmFB4IZZnSrK3OryDXp+6nNSNu+pC+MpzTLbpSWzr9hmo1zD8
Kt5krmZDSbF6y+rX/LsCh9Qbk9WLZn5m0pHElm3xjzNlpQGt89wwFIatBG6mk2TM
Xi8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org