Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/USX97iSeERPwP6AwD7Jeslsdq-w.roa
File: USX97iSeERPwP6AwD7Jeslsdq-w.roa (raw, json)
Hash identifier: LhEX+KH4odOnSCfqIg2wMt6YycVGVUTtkqgTF33pZXw=
Subject key identifier: 51:25:FD:EE:24:9E:11:13:F0:3F:A0:30:0F:B2:5E:B2:5B:1D:AB:EC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA640DECB267FF0BA0252E8EEF9CA6E28
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/USX97iSeERPwP6AwD7Jeslsdq-w.roa
Signing time: Tue 26 Dec 2023 13:11:58 +0000
ROA not before: Tue 26 Dec 2023 13:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a6:40:de:cb:26:7f:f0:ba:02:52:e8:ee:f9:ca:6e:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 26 13:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5125fdee249e1113f03fa0300fb25eb25b1dabec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c0:88:9f:b7:97:6a:a3:cb:40:f9:70:aa:05:
f1:4a:51:ca:55:4b:80:db:2d:ee:84:63:1a:75:db:
c5:95:d9:f2:29:3e:36:5f:3c:51:13:c7:d3:58:3f:
06:ba:44:ef:ce:e3:0f:d0:b8:0b:d0:ff:50:2a:ad:
fb:c3:86:d9:07:f0:2b:8f:6a:7c:05:ad:d7:11:7a:
5d:50:c0:4a:f6:8a:f7:12:6f:9c:70:f1:14:e8:d4:
47:51:80:29:75:d3:9c:03:3c:74:1e:5a:d3:60:3c:
6c:b1:8c:34:4c:72:9d:ba:91:7d:65:2b:85:66:69:
e7:5e:9c:43:4f:a8:45:0d:de:58:66:ee:a7:43:7d:
10:18:08:50:8e:0d:f3:f5:55:a4:86:3d:30:4c:da:
94:b5:9f:18:8e:41:7f:27:19:35:23:fd:c8:fa:c5:
44:02:b6:81:e7:16:b2:8e:7a:19:b0:d7:a2:e4:03:
32:f3:de:38:a8:a2:7d:4e:f0:6a:de:ab:6e:47:a6:
d8:9b:e8:d8:3d:5b:44:63:d3:20:53:44:7f:4f:4a:
75:82:d6:bb:e4:70:e7:0e:0a:46:18:d7:13:ec:75:
d2:33:68:fb:03:05:da:1c:12:2c:41:f9:33:49:56:
9f:8f:96:6d:43:22:22:a9:0a:f7:69:b3:0c:94:6b:
17:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:25:FD:EE:24:9E:11:13:F0:3F:A0:30:0F:B2:5E:B2:5B:1D:AB:EC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/USX97iSeERPwP6AwD7Jeslsdq-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:37:7e:1a:69:90:dd:05:5d:40:89:bc:0d:49:c3:76:19:3e:
e6:54:2f:34:5a:aa:2b:ae:bd:08:b6:12:3d:03:6e:a2:06:4e:
ec:f4:d2:21:99:82:61:fb:ca:1a:c2:04:94:83:d1:7f:0e:cc:
e8:27:11:b5:50:e4:cf:9d:dc:f9:b0:1c:f4:a5:d0:42:3e:8f:
8c:44:0e:2a:9f:d9:54:5f:4e:42:9d:03:3e:de:c1:36:16:97:
85:17:72:62:73:97:1d:30:9d:f2:96:b7:21:b5:ff:66:1d:c5:
19:44:d0:5b:ae:55:2b:92:30:a9:7f:62:c5:0a:26:b0:5d:67:
63:5d:3f:88:2b:9c:d6:27:6e:a9:14:10:4f:3e:76:af:a7:ce:
ec:5e:64:36:cb:76:ae:5d:f5:ee:e5:7a:d5:e1:fe:cc:56:cd:
86:0d:01:f1:97:09:14:41:71:db:30:89:2c:5a:47:0e:0b:96:
99:d5:ce:88:37:5f:82:cc:ab:41:50:74:f7:39:c1:a4:3e:f1:
9d:09:29:34:03:9c:af:1d:34:ec:8e:03:d9:25:f5:3c:99:66:
aa:a5:f1:8a:db:cb:62:c8:db:06:8b:b0:3b:36:93:64:dc:4c:
02:f4:5b:59:cc:c8:95:26:d0:0f:0d:21:d3:35:2e:96:00:4c:
53:96:20:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYymQN7LJn/wugJS6O75ym4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI2MTMxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTI1ZmRlZTI0OWUxMTEzZjAzZmEwMzAwZmIyNWViMjViMWRhYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcCIn7eXaqPLQPlwqgXxSlHKVUuA
2y3uhGMaddvFldnyKT42XzxRE8fTWD8GukTvzuMP0LgL0P9QKq37w4bZB/Arj2p8
Ba3XEXpdUMBK9or3Em+ccPEU6NRHUYApddOcAzx0HlrTYDxssYw0THKdupF9ZSuF
ZmnnXpxDT6hFDd5YZu6nQ30QGAhQjg3z9VWkhj0wTNqUtZ8YjkF/Jxk1I/3I+sVE
AraB5xayjnoZsNei5AMy8944qKJ9TvBq3qtuR6bYm+jYPVtEY9MgU0R/T0p1gta7
5HDnDgpGGNcT7HXSM2j7AwXaHBIsQfkzSVafj5ZtQyIiqQr3abMMlGsXvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFEl/e4knhET8D+gMA+yXrJbHavsMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVVNYOTdpU2VFUlB3UDZBd0Q3SmVzbHNkcS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABM3fhppkN0FXUCJvA1J
w3YZPuZULzRaqiuuvQi2Ej0DbqIGTuz00iGZgmH7yhrCBJSD0X8OzOgnEbVQ5M+d
3PmwHPSl0EI+j4xEDiqf2VRfTkKdAz7ewTYWl4UXcmJzlx0wnfKWtyG1/2YdxRlE
0FuuVSuSMKl/YsUKJrBdZ2NdP4grnNYnbqkUEE8+dq+nzuxeZDbLdq5d9e7letXh
/sxWzYYNAfGXCRRBcdswiSxaRw4LlpnVzog3X4LMq0FQdPc5waQ+8Z0JKTQDnK8d
NOyOA9kl9TyZZqql8Yrby2LI2waLsDs2k2TcTAL0W1nMyJUm0A8NIdM1LpYATFOW
IMM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org