Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/RbpXTOOXM-_oa7PAF1Zh2QVfafA.roa
File: RbpXTOOXM-_oa7PAF1Zh2QVfafA.roa (raw, json)
Hash identifier: kkDBoomxBm3BuBrqG+CUqC69CiMlZ7OO1zsd5ySy3Cs=
Subject key identifier: 45:BA:57:4C:E3:97:33:EF:E8:6B:B3:C0:17:56:61:D9:05:5F:69:F0
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F34B484468F9F091885E9FFE929ECFF68
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/RbpXTOOXM-_oa7PAF1Zh2QVfafA.roa
Signing time: Wed 01 May 2024 15:09:56 +0000
ROA not before: Wed 01 May 2024 15:09:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:34:b4:84:46:8f:9f:09:18:85:e9:ff:e9:29:ec:ff:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 1 15:09:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45ba574ce39733efe86bb3c0175661d9055f69f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8b:c4:5e:d4:0d:cb:00:98:00:af:8d:91:57:
7e:a5:3c:25:aa:1d:d6:f0:79:77:35:10:96:20:de:
b7:cc:32:99:8d:a6:ba:3b:a7:40:37:04:17:52:17:
8f:65:a3:47:c0:23:00:d4:f4:59:44:48:8a:f3:2e:
58:47:a8:a0:af:96:13:28:ad:38:15:59:0a:55:40:
a4:fe:ba:c9:80:75:28:49:c7:7e:5c:6d:a0:50:d6:
cf:b7:71:93:f0:f7:9e:fb:7e:f7:cd:66:9c:c8:d0:
f4:49:c8:a8:f6:19:77:73:37:79:2e:85:1d:37:37:
76:4f:c2:65:f2:99:09:19:97:ee:f9:ad:45:0b:cb:
40:d2:26:33:3d:0b:7c:d0:4f:d7:36:5a:91:63:06:
83:0a:07:66:16:b2:75:d4:d4:61:21:09:d5:40:ca:
37:12:40:f4:70:9c:0b:70:f5:f8:88:76:b3:77:02:
de:02:2d:18:33:cc:a1:de:1c:7c:3f:44:7f:f5:9d:
69:ff:b3:be:96:f0:a9:23:eb:8f:e4:28:d1:36:4c:
79:aa:5d:64:0f:2e:34:b3:73:65:dc:e1:93:38:37:
de:bd:85:91:a5:ce:e5:b5:79:ba:09:b5:5e:65:5a:
ff:b2:6f:e3:68:98:0e:9e:6d:07:5f:55:a7:00:81:
a0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:BA:57:4C:E3:97:33:EF:E8:6B:B3:C0:17:56:61:D9:05:5F:69:F0
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/RbpXTOOXM-_oa7PAF1Zh2QVfafA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c0:0d:60:e2:f7:c9:33:7f:43:57:5f:e5:a6:5e:81:ca:37:f1:
8a:d3:9e:a9:af:ef:1f:90:60:8c:d0:dd:2a:1e:4d:c6:49:1a:
54:99:ad:8a:db:34:c3:d8:f0:b0:e5:b2:1c:df:59:76:3d:c1:
8d:aa:ca:55:7c:e2:cd:46:f5:e9:35:aa:23:f7:95:61:2b:ec:
93:99:14:fc:c1:e5:b2:07:96:69:ca:ca:9a:9c:17:a2:e1:dd:
98:d6:37:27:fd:25:1c:be:10:29:a0:bf:1b:d4:46:69:07:ad:
54:90:4e:93:a9:39:83:3f:fb:6c:5a:51:f5:e7:47:56:cd:b4:
f5:b1:ad:9d:75:e1:6d:34:71:49:e1:0e:1f:2e:e4:76:ad:65:
70:46:48:c9:44:6a:9a:a7:ee:5e:e8:1c:70:a7:20:89:66:c8:
0d:02:df:05:1b:77:26:9a:bf:0e:df:6b:2f:64:7d:9b:6d:6b:
21:d4:4f:f2:d9:4f:77:51:6b:f4:18:06:2c:59:28:a7:5f:d1:
67:f1:7d:92:76:36:8e:fc:5d:1c:d5:7e:46:df:63:5b:73:75:
d4:23:7c:be:52:6f:71:9b:bd:22:d8:6d:de:f9:f2:ac:73:8d:
f1:1c:07:16:1f:25:c4:66:48:46:67:d3:bf:9c:36:25:1f:25:
88:9f:8e:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY80tIRGj58JGIXp/+kp7P9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAxMTUwOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWJhNTc0Y2UzOTczM2VmZTg2YmIzYzAxNzU2NjFkOTA1NWY2OWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIvEXtQNywCYAK+NkVd+pTwlqh3W
8Hl3NRCWIN63zDKZjaa6O6dANwQXUhePZaNHwCMA1PRZREiK8y5YR6igr5YTKK04
FVkKVUCk/rrJgHUoScd+XG2gUNbPt3GT8Pee+373zWacyND0Scio9hl3czd5LoUd
Nzd2T8Jl8pkJGZfu+a1FC8tA0iYzPQt80E/XNlqRYwaDCgdmFrJ11NRhIQnVQMo3
EkD0cJwLcPX4iHazdwLeAi0YM8yh3hx8P0R/9Z1p/7O+lvCpI+uP5CjRNkx5ql1k
Dy40s3Nl3OGTODfevYWRpc7ltXm6CbVeZVr/sm/jaJgOnm0HX1WnAIGgBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEW6V0zjlzPv6GuzwBdWYdkFX2nwMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUmJwWFRPT1hNLV9vYTdQQUYxWmgyUVZmYWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMANYOL3yTN/Q1df5aZe
gco38YrTnqmv7x+QYIzQ3SoeTcZJGlSZrYrbNMPY8LDlshzfWXY9wY2qylV84s1G
9ek1qiP3lWEr7JOZFPzB5bIHlmnKypqcF6Lh3ZjWNyf9JRy+ECmgvxvURmkHrVSQ
TpOpOYM/+2xaUfXnR1bNtPWxrZ114W00cUnhDh8u5HatZXBGSMlEapqn7l7oHHCn
IIlmyA0C3wUbdyaavw7fay9kfZttayHUT/LZT3dRa/QYBixZKKdf0WfxfZJ2No78
XRzVfkbfY1tzddQjfL5Sb3GbvSLYbd758qxzjfEcBxYfJcRmSEZn07+cNiUfJYif
jt4=
-----END CERTIFICATE-----
Generated at Sun Jul 27 14:46:41 2025 by rpki-client