Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/A-Q64VCTLiLMNVPTdwo8LodXhHc.roa
File: A-Q64VCTLiLMNVPTdwo8LodXhHc.roa (raw, json)
Hash identifier: FLBN8DkUbCl+wh5HJHR190UAQC6kIZPiVerJLdGr/qQ=
Subject key identifier: 03:E4:3A:E1:50:93:2E:22:CC:35:53:D3:77:0A:3C:2E:87:57:84:77
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F40EB0B42EFC510BDD2691D5ED8BFB89F
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/A-Q64VCTLiLMNVPTdwo8LodXhHc.roa
Signing time: Sat 04 May 2024 00:04:56 +0000
ROA not before: Sat 04 May 2024 00:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:40ea:971d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:40:eb:0b:42:ef:c5:10:bd:d2:69:1d:5e:d8:bf:b8:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 4 00:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03e43ae150932e22cc3553d3770a3c2e87578477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f0:e3:57:87:cf:3d:dc:50:5e:13:ef:a7:d2:
05:69:2e:ce:50:a2:c7:92:74:a5:25:dd:bd:18:6d:
08:cd:5f:94:af:69:a0:a8:f4:c8:fb:37:a6:57:a3:
08:60:87:3e:97:75:3e:f8:ab:4f:35:b4:d9:ed:18:
58:6f:34:b7:81:08:56:f4:95:72:0d:7d:81:9a:a9:
42:8f:e9:65:7e:10:7b:33:f2:95:06:0e:a8:db:1c:
64:4c:19:ca:6e:46:91:f9:7f:ea:e6:78:75:63:2e:
72:e3:09:99:d8:c0:ea:e8:b7:08:4b:31:06:ad:f5:
f3:54:b3:88:43:e1:9e:6b:5b:1d:8a:46:16:cf:2d:
98:d5:55:3c:3d:3d:fe:e7:4c:95:df:dd:00:00:64:
31:97:ba:eb:65:b6:0b:61:7f:ce:ab:db:16:db:4f:
31:ec:56:94:62:c3:09:30:2d:94:43:9a:e4:67:26:
30:59:c0:b6:1f:6d:a1:99:0d:22:ee:32:de:69:18:
0b:10:a7:99:09:26:63:4a:1c:80:5f:41:e4:7e:50:
dc:a6:7a:aa:c6:63:1d:19:5f:44:c7:cf:34:2f:b5:
39:22:57:69:fe:07:f0:8c:4c:f1:24:7b:01:c4:02:
15:ec:c4:e5:e0:29:0f:7d:22:c7:32:62:1b:21:08:
51:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E4:3A:E1:50:93:2E:22:CC:35:53:D3:77:0A:3C:2E:87:57:84:77
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/A-Q64VCTLiLMNVPTdwo8LodXhHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bd:8b:03:96:fd:e2:67:eb:e5:8c:78:a8:85:f3:0a:4f:fe:bd:
48:9c:20:83:69:69:26:1d:70:95:4a:c2:1e:70:c8:0b:26:89:
57:ba:8b:6c:8f:98:b7:6d:2d:d0:82:98:09:5f:9d:34:b8:08:
bf:66:f6:34:fa:1b:e1:e2:be:20:e1:bb:47:50:2f:96:ce:13:
1c:e4:2f:df:7b:ed:56:0e:7a:a6:4b:5e:ad:08:e2:c3:62:b1:
f2:d5:07:da:b0:29:1e:7c:a0:dd:51:24:0c:18:6d:e2:ae:be:
62:15:f9:e1:e9:3b:b3:cd:53:05:09:75:36:2f:da:50:cb:c5:
36:72:95:59:65:32:47:e6:ac:df:81:04:73:b5:f3:96:2e:27:
49:45:be:26:b2:c8:30:76:22:44:0b:c5:2f:48:12:1a:77:07:
e6:da:37:b2:af:26:28:5d:22:27:1d:79:5b:21:36:12:2c:dc:
66:40:25:7c:c2:eb:c8:6f:9f:1e:24:b4:a6:43:66:50:d5:bc:
9a:23:1b:cc:64:83:d1:f2:af:e6:09:94:7a:44:18:5a:e4:0d:
fc:b0:51:97:6a:1e:a0:b9:57:b5:0c:ad:62:85:cf:cb:19:70:
02:43:4e:38:98:ef:76:4b:b4:e0:fd:9d:cf:e4:b7:be:d2:e6:
5a:6b:49:56
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9A6wtC78UQvdJpHV7Yv7ifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA0MDAwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2U0M2FlMTUwOTMyZTIyY2MzNTUzZDM3NzBhM2MyZTg3NTc4NDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovDjV4fPPdxQXhPvp9IFaS7OUKLH
knSlJd29GG0IzV+Ur2mgqPTI+zemV6MIYIc+l3U++KtPNbTZ7RhYbzS3gQhW9JVy
DX2BmqlCj+llfhB7M/KVBg6o2xxkTBnKbkaR+X/q5nh1Yy5y4wmZ2MDq6LcISzEG
rfXzVLOIQ+Gea1sdikYWzy2Y1VU8PT3+50yV390AAGQxl7rrZbYLYX/Oq9sW208x
7FaUYsMJMC2UQ5rkZyYwWcC2H22hmQ0i7jLeaRgLEKeZCSZjShyAX0HkflDcpnqq
xmMdGV9Ex880L7U5Ildp/gfwjEzxJHsBxAIV7MTl4CkPfSLHMmIbIQhRfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAPkOuFQky4izDVT03cKPC6HV4R3MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvQS1RNjRWQ1RMaUxNTlZQVGR3bzhMb2RYaEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL2LA5b94mfr5Yx4qIXz
Ck/+vUicIINpaSYdcJVKwh5wyAsmiVe6i2yPmLdtLdCCmAlfnTS4CL9m9jT6G+Hi
viDhu0dQL5bOExzkL9977VYOeqZLXq0I4sNisfLVB9qwKR58oN1RJAwYbeKuvmIV
+eHpO7PNUwUJdTYv2lDLxTZylVllMkfmrN+BBHO185YuJ0lFviayyDB2IkQLxS9I
Ehp3B+baN7KvJihdIicdeVshNhIs3GZAJXzC68hvnx4ktKZDZlDVvJojG8xkg9Hy
r+YJlHpEGFrkDfywUZdqHqC5V7UMrWKFz8sZcAJDTjiY73ZLtOD9nc/kt77S5lpr
SVY=
-----END CERTIFICATE-----
Generated at Thu May 9 03:55:00 2024 by rpki-client on console.sobornost.net