Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sts1DKqD5qcmtJ2FwWe5SAwWetQ.roa
File: sts1DKqD5qcmtJ2FwWe5SAwWetQ.roa (raw, json)
Hash identifier: ZS/hAH1q1xAyxzN8RT2GVdnsUE+sMV/Ws1YC62tEivU=
Subject key identifier: B2:DB:35:0C:AA:83:E6:A7:26:B4:9D:85:C1:67:B9:48:0C:16:7A:D4
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F268D4158B07A0842F89A15D2A38B4717
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sts1DKqD5qcmtJ2FwWe5SAwWetQ.roa
Signing time: Sun 28 Apr 2024 21:12:22 +0000
ROA not before: Sun 28 Apr 2024 21:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:26:8d:41:58:b0:7a:08:42:f8:9a:15:d2:a3:8b:47:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 28 21:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2db350caa83e6a726b49d85c167b9480c167ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ae:00:4b:51:df:65:12:48:7d:38:cf:bf:69:
3c:05:b2:80:ba:e6:87:4d:68:ba:ba:df:e0:db:ce:
f9:a4:ee:66:71:71:5f:a5:01:5b:b6:c3:55:32:36:
42:dc:ce:06:a8:66:9f:db:a8:cd:12:aa:fa:7f:8f:
03:9e:54:99:cd:8b:30:14:ce:2e:b7:14:c5:bc:84:
0c:37:bd:1b:1a:e6:8c:e4:82:5a:94:44:f2:f1:cb:
11:02:6d:f9:94:00:41:30:2e:b8:47:e1:ea:9a:bb:
c9:87:7d:e5:c2:b5:6f:a5:47:9f:50:72:2d:6e:12:
84:f0:d3:82:7d:98:62:9b:f3:6f:5c:59:73:d0:06:
b3:6e:66:15:ec:de:69:fc:5c:88:d8:95:7c:3d:e2:
4b:a6:54:7f:48:58:74:15:21:1c:64:6a:45:36:19:
ed:7d:a5:12:ef:cf:b8:11:db:7c:63:8b:a7:f8:04:
ad:81:88:53:58:4e:62:90:0b:fb:7c:5d:b4:64:4c:
f5:54:e9:cf:70:9f:b3:87:00:1a:ee:ea:8e:1a:7d:
84:fe:d1:85:21:c6:76:dd:d8:71:32:d4:d4:4c:f8:
ef:68:f6:b1:36:34:72:49:28:52:ce:c4:7c:c3:13:
4c:09:bd:ea:a6:65:5a:4a:af:45:d0:33:af:f5:d7:
d7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DB:35:0C:AA:83:E6:A7:26:B4:9D:85:C1:67:B9:48:0C:16:7A:D4
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sts1DKqD5qcmtJ2FwWe5SAwWetQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
b3:d8:da:a4:8d:70:a9:d6:53:e9:a5:35:4c:65:1e:42:de:b3:
5a:be:fc:52:ea:db:86:0f:46:48:65:a2:c4:d9:e5:72:72:1e:
7c:95:c7:3e:b2:71:ac:d8:8f:c9:f4:75:68:56:2b:b6:d7:86:
2d:78:e7:07:e9:ab:a9:40:d7:a7:17:73:39:02:14:fa:c8:1d:
72:cd:4b:4f:ba:41:7b:6b:07:2a:af:dc:9c:f1:44:41:34:2c:
2f:2d:28:55:5b:2e:2f:5c:5e:c1:84:8a:14:a2:be:80:3f:b1:
6f:bf:10:75:f5:80:2f:48:27:7f:c3:44:bf:0c:e5:c7:0e:a0:
75:cc:72:59:b5:49:a7:50:9e:da:91:d6:02:ee:7a:6a:bd:f8:
86:26:df:b5:6d:80:0c:91:67:15:8f:dd:24:30:e6:4c:32:ad:
1a:fb:de:bd:19:b0:85:09:ec:34:9a:4f:11:91:9d:2a:38:7f:
e5:9b:0f:67:58:7d:20:8d:ee:cf:01:d7:23:5a:03:ca:e2:cf:
6e:55:05:c6:37:ed:2d:b5:18:51:19:19:3b:1e:1b:32:f1:67:
82:95:34:e7:97:c7:00:d5:e0:7e:9b:dd:be:b2:b1:6e:3d:47:
74:fd:02:b9:76:11:5b:e2:bc:aa:9f:74:a5:6a:05:1d:b3:e0:
56:21:ac:97
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8mjUFYsHoIQviaFdKji0cXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI4MjExMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmRiMzUwY2FhODNlNmE3MjZiNDlkODVjMTY3Yjk0ODBjMTY3YWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq4AS1HfZRJIfTjPv2k8BbKAuuaH
TWi6ut/g2875pO5mcXFfpQFbtsNVMjZC3M4GqGaf26jNEqr6f48DnlSZzYswFM4u
txTFvIQMN70bGuaM5IJalETy8csRAm35lABBMC64R+HqmrvJh33lwrVvpUefUHIt
bhKE8NOCfZhim/NvXFlz0AazbmYV7N5p/FyI2JV8PeJLplR/SFh0FSEcZGpFNhnt
faUS78+4Edt8Y4un+AStgYhTWE5ikAv7fF20ZEz1VOnPcJ+zhwAa7uqOGn2E/tGF
IcZ23dhxMtTUTPjvaPaxNjRySShSzsR8wxNMCb3qpmVaSq9F0DOv9dfXOwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLLbNQyqg+anJrSdhcFnuUgMFnrUMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvc3RzMURLcUQ1cWNtdEoyRndXZTVTQXdXZXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQCz2Nqk
jXCp1lPppTVMZR5C3rNavvxS6tuGD0ZIZaLE2eVych58lcc+snGs2I/J9HVoViu2
14YteOcH6aupQNenF3M5AhT6yB1yzUtPukF7awcqr9yc8URBNCwvLShVWy4vXF7B
hIoUor6AP7FvvxB19YAvSCd/w0S/DOXHDqB1zHJZtUmnUJ7akdYC7npqvfiGJt+1
bYAMkWcVj90kMOZMMq0a+969GbCFCew0mk8RkZ0qOH/lmw9nWH0gje7PAdcjWgPK
4s9uVQXGN+0ttRhRGRk7Hhsy8WeClTTnl8cA1eB+m92+srFuPUd0/QK5dhFb4ryq
n3SlagUds+BWIayX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org