Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rpUxjGRYfcqJGqF7Z9G-7zAes1k.roa
File: rpUxjGRYfcqJGqF7Z9G-7zAes1k.roa (raw, json)
Hash identifier: aFi7c2BsgxkZ1hsNNK7GLE6o8DcnijK4eaKY4Ync6iE=
Subject key identifier: AE:95:31:8C:64:58:7D:CA:89:1A:A1:7B:67:D1:BE:EF:30:1E:B3:59
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA25C33C3F8927368C70A574366EEEFE7
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rpUxjGRYfcqJGqF7Z9G-7zAes1k.roa
Signing time: Wed 22 May 2024 22:11:42 +0000
ROA not before: Wed 22 May 2024 22:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a2:5c:33:c3:f8:92:73:68:c7:0a:57:43:66:ee:ef:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 22 22:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae95318c64587dca891aa17b67d1beef301eb359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:dd:8e:f1:c0:b7:46:c8:76:4a:59:7f:75:59:
79:c2:96:bc:4a:a9:5f:ba:c4:7f:47:b8:ed:70:2d:
e7:ec:bc:69:db:8f:29:44:5c:18:13:aa:5c:af:18:
e3:60:d2:76:eb:8c:e1:3a:23:23:e5:c9:7b:85:7e:
31:a9:c8:a0:44:4c:bc:70:6e:19:66:de:5f:f2:49:
3b:66:5c:6e:4c:64:57:54:92:e2:0c:ed:e6:e5:aa:
74:32:c7:0d:74:62:4b:50:a8:66:33:cf:e6:c5:e9:
01:49:86:90:7f:2d:09:a0:ee:fc:b9:41:bc:1f:a9:
27:a3:50:86:04:21:00:8d:38:1d:83:78:5b:fc:24:
b5:55:ba:a7:1d:87:fd:e1:1d:23:b3:05:55:27:89:
97:5a:48:a6:3a:81:09:92:a9:44:a2:85:ec:09:f7:
66:37:97:d2:e6:da:42:93:11:75:56:7d:d6:dd:8f:
bd:7f:fb:f4:c9:df:5e:0a:cc:73:96:c3:96:83:7d:
c3:c7:99:3c:e6:7e:15:10:6c:0d:01:f9:ff:39:86:
24:d1:92:80:b5:9b:60:59:ef:0a:7f:10:96:5e:c2:
87:c0:d0:77:8e:ec:69:46:7e:59:cd:3c:3d:ef:4c:
98:02:b3:3a:8c:4f:36:1c:b6:b6:f1:cb:56:18:6a:
8c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:95:31:8C:64:58:7D:CA:89:1A:A1:7B:67:D1:BE:EF:30:1E:B3:59
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rpUxjGRYfcqJGqF7Z9G-7zAes1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:85:6a:f7:ef:cf:8a:35:da:29:e4:32:39:e1:45:d9:5e:73:
81:16:55:1f:54:5d:1c:11:74:ae:7a:b7:c8:d8:1f:a9:8f:15:
40:60:6e:4a:33:05:d4:44:d2:41:0b:b1:ce:dd:fa:69:af:67:
53:f2:f4:e7:f4:be:18:b7:10:b0:3c:b0:65:41:06:3b:6d:e8:
dc:bc:6e:1f:88:d2:10:92:03:3e:79:af:e8:0a:2b:a0:83:7d:
8f:d2:bb:1c:67:95:f4:40:3f:3d:9c:5f:1a:f3:8a:27:f0:f4:
1b:c2:a2:90:3e:12:59:9b:bb:52:1c:93:b2:e1:c2:36:4f:dc:
66:d3:85:c0:27:f8:16:95:9c:f1:41:58:b5:d8:a8:76:5d:e8:
91:4c:26:16:d2:44:66:83:f3:3f:9d:15:9c:c9:0f:31:4b:25:
b7:ed:c6:63:a2:78:83:74:f3:f3:ec:2e:a8:39:c5:db:2f:c4:
d9:1c:fe:cb:fa:d3:91:a5:e5:e8:2c:3c:06:80:fa:0b:eb:a4:
e5:5c:c1:46:63:72:d5:15:95:4c:6f:83:77:1d:28:a2:b5:a1:
89:e1:a7:b1:ae:a7:9b:d5:cf:db:50:f4:45:c5:b4:98:53:65:
07:85:d0:ef:e3:1c:cc:62:88:0a:1a:33:e6:94:38:5a:97:38:
76:f0:f7:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+iXDPD+JJzaMcKV0Nm7u/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIyMjIxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTk1MzE4YzY0NTg3ZGNhODkxYWExN2I2N2QxYmVlZjMwMWViMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx92O8cC3Rsh2Sll/dVl5wpa8Sqlf
usR/R7jtcC3n7Lxp248pRFwYE6pcrxjjYNJ264zhOiMj5cl7hX4xqcigREy8cG4Z
Zt5f8kk7ZlxuTGRXVJLiDO3m5ap0MscNdGJLUKhmM8/mxekBSYaQfy0JoO78uUG8
H6kno1CGBCEAjTgdg3hb/CS1VbqnHYf94R0jswVVJ4mXWkimOoEJkqlEooXsCfdm
N5fS5tpCkxF1Vn3W3Y+9f/v0yd9eCsxzlsOWg33Dx5k85n4VEGwNAfn/OYYk0ZKA
tZtgWe8KfxCWXsKHwNB3juxpRn5ZzTw970yYArM6jE82HLa28ctWGGqMgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK6VMYxkWH3KiRqhe2fRvu8wHrNZMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvcnBVeGpHUllmY3FKR3FGN1o5Ry03ekFlczFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAISFavfvz4o12inkMjnh
Rdlec4EWVR9UXRwRdK56t8jYH6mPFUBgbkozBdRE0kELsc7d+mmvZ1Py9Of0vhi3
ELA8sGVBBjtt6Ny8bh+I0hCSAz55r+gKK6CDfY/SuxxnlfRAPz2cXxrziifw9BvC
opA+Elmbu1Ick7LhwjZP3GbThcAn+BaVnPFBWLXYqHZd6JFMJhbSRGaD8z+dFZzJ
DzFLJbftxmOieIN08/PsLqg5xdsvxNkc/sv605Gl5egsPAaA+gvrpOVcwUZjctUV
lUxvg3cdKKK1oYnhp7Gup5vVz9tQ9EXFtJhTZQeF0O/jHMxiiAoaM+aUOFqXOHbw
9w0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org