Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/IWzHR4YVOEsqrORMsxtyo8k4mOU.roa
File: IWzHR4YVOEsqrORMsxtyo8k4mOU.roa (raw, json)
Hash identifier: XSGfodQoBXQsuXbrznKL6nitHu5L6oqwWu1nAHO1w40=
Subject key identifier: 21:6C:C7:47:86:15:38:4B:2A:AC:E4:4C:B3:1B:72:A3:C9:38:98:E5
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9A2EBA26E8965D1B6ED1FB9F41855A63
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/IWzHR4YVOEsqrORMsxtyo8k4mOU.roa
Signing time: Tue 21 May 2024 08:05:04 +0000
ROA not before: Tue 21 May 2024 08:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
2001:67c:64:ffff:0:18f:9a2e:76f7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9a:2e:ba:26:e8:96:5d:1b:6e:d1:fb:9f:41:85:5a:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 08:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=216cc7478615384b2aace44cb31b72a3c93898e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:35:f7:68:d4:dc:19:54:c4:c8:14:87:96:16:
5b:07:dd:b4:dd:28:18:1a:e1:9d:c6:af:57:ad:25:
9c:44:d4:fa:d7:f8:5f:6f:fc:8d:17:0b:a1:3e:fa:
e1:53:64:52:d0:b9:37:6e:b1:c1:f5:a9:cd:2e:48:
a4:01:34:9f:55:4e:90:5b:29:70:09:c6:0a:2e:c3:
4f:f2:b5:bc:32:b7:bb:fa:16:27:86:4b:45:70:0f:
46:25:7f:25:45:fe:11:a3:2d:e9:fa:37:a1:78:cb:
ab:78:11:d7:1b:63:4a:8e:a5:01:dc:6c:45:a6:bd:
10:7e:b6:23:ad:61:bb:51:c2:a4:38:36:ad:37:56:
21:fe:47:5c:84:f2:c2:62:d7:a2:08:65:55:d6:bf:
12:48:fd:bc:83:31:6d:1a:ed:c8:60:50:8b:d9:9c:
4c:9c:dd:0a:75:5f:a9:77:5b:45:50:5c:4f:92:82:
bc:a3:11:cb:a0:9b:39:2e:de:e4:07:4c:34:a2:60:
0f:23:18:1c:cc:d1:e5:4e:35:8d:f1:15:df:fe:42:
38:60:dc:d9:4b:1e:6f:33:71:38:e8:3a:54:f3:63:
e2:0f:e4:ee:71:42:a6:2a:a4:43:49:19:91:bc:76:
36:75:c7:6a:73:d5:c0:f9:67:3a:1e:ec:5b:f5:c7:
20:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:6C:C7:47:86:15:38:4B:2A:AC:E4:4C:B3:1B:72:A3:C9:38:98:E5
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/IWzHR4YVOEsqrORMsxtyo8k4mOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:24:53:ab:35:df:2f:51:d0:85:39:dc:58:0f:d0:e1:44:b9:
a9:55:3b:c6:95:33:e0:48:f8:26:d4:bd:91:3a:ed:29:8d:aa:
36:9f:85:34:a8:28:c6:3c:72:43:99:6a:f5:02:b0:52:ee:53:
57:4f:02:26:26:55:3e:6f:27:c3:bc:65:13:72:3a:f6:f7:99:
1f:77:6e:dd:e1:db:03:38:5c:53:93:b6:d1:0b:8f:ca:5d:d3:
aa:0c:8e:c6:69:34:69:f5:3d:96:09:1c:d2:06:b3:2a:09:51:
05:78:f3:7a:85:11:5b:0b:c0:48:83:a0:6a:02:5d:89:b5:29:
d8:05:aa:c0:60:cc:b5:79:80:f3:47:8d:8c:db:63:80:8b:e6:
3f:a6:d7:22:18:b1:94:38:ef:ba:36:7c:92:c9:6e:29:d1:8e:
01:2f:51:cb:db:50:38:f0:fd:e0:8d:55:6b:3f:ea:07:6b:e1:
54:e0:eb:18:6c:ee:5c:a0:f5:60:fd:74:aa:b3:dc:8f:db:76:
91:2b:79:92:17:b5:67:a1:c7:e0:d5:38:6e:6b:d2:af:af:e2:
9b:71:fa:a8:50:7d:9f:e4:af:9a:58:b9:91:d4:28:a7:2c:db:
b1:dc:a4:be:1e:60:c1:20:14:35:66:83:26:92:ba:05:3c:21:
4f:10:af:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+aLrom6JZdG27R+59BhVpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMDgwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTZjYzc0Nzg2MTUzODRiMmFhY2U0NGNiMzFiNzJhM2M5Mzg5OGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDX3aNTcGVTEyBSHlhZbB9203SgY
GuGdxq9XrSWcRNT61/hfb/yNFwuhPvrhU2RS0Lk3brHB9anNLkikATSfVU6QWylw
CcYKLsNP8rW8Mre7+hYnhktFcA9GJX8lRf4Roy3p+jeheMureBHXG2NKjqUB3GxF
pr0QfrYjrWG7UcKkODatN1Yh/kdchPLCYteiCGVV1r8SSP28gzFtGu3IYFCL2ZxM
nN0KdV+pd1tFUFxPkoK8oxHLoJs5Lt7kB0w0omAPIxgczNHlTjWN8RXf/kI4YNzZ
Sx5vM3E46DpU82PiD+TucUKmKqRDSRmRvHY2dcdqc9XA+Wc6Huxb9ccgKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCFsx0eGFThLKqzkTLMbcqPJOJjlMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvSVd6SFI0WVZPRXNxck9STXN4dHlvOGs0bU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADYkU6s13y9R0IU53FgP
0OFEualVO8aVM+BI+CbUvZE67SmNqjafhTSoKMY8ckOZavUCsFLuU1dPAiYmVT5v
J8O8ZRNyOvb3mR93bt3h2wM4XFOTttELj8pd06oMjsZpNGn1PZYJHNIGsyoJUQV4
83qFEVsLwEiDoGoCXYm1KdgFqsBgzLV5gPNHjYzbY4CL5j+m1yIYsZQ477o2fJLJ
binRjgEvUcvbUDjw/eCNVWs/6gdr4VTg6xhs7lyg9WD9dKqz3I/bdpEreZIXtWeh
x+DVOG5r0q+v4ptx+qhQfZ/kr5pYuZHUKKcs27HcpL4eYMEgFDVmgyaSugU8IU8Q
r0c=
-----END CERTIFICATE-----
Generated at Sun Jul 27 14:55:11 2025 by rpki-client