Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/YzYfhwD4NdYmh0VZIIfMhSW0V0I.roa
File: YzYfhwD4NdYmh0VZIIfMhSW0V0I.roa (raw, json)
Hash identifier: HRcjQbqNSLdDx9kvmilcwQimoCuRJKrbYhJ5hLGTEK8=
Subject key identifier: 63:36:1F:87:00:F8:35:D6:26:87:45:59:20:87:CC:85:25:B4:57:42
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F103C2721187E0A729D50EC354C629A2B
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/YzYfhwD4NdYmh0VZIIfMhSW0V0I.roa
Signing time: Wed 24 Apr 2024 13:12:08 +0000
ROA not before: Wed 24 Apr 2024 13:12:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:3c:27:21:18:7e:0a:72:9d:50:ec:35:4c:62:9a:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 24 13:12:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63361f8700f835d6268745592087cc8525b45742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:db:a9:b4:41:0a:4f:f5:67:38:9a:17:8d:2d:
72:c8:1e:a3:48:43:a1:6c:07:ad:2c:c6:b0:d3:4f:
c6:42:ba:56:08:5f:cf:97:7c:91:49:32:14:cf:98:
bd:5d:60:14:ea:28:dc:2b:98:61:30:20:c9:ce:25:
14:8a:9a:55:a9:3c:2a:7b:24:ec:f4:18:b3:1f:bd:
ca:bf:6f:ea:cf:fb:cb:85:a2:fc:a5:08:fb:a9:12:
75:c5:8c:18:d3:20:56:a3:e5:fa:95:83:d8:3f:ac:
41:cc:5d:50:44:5d:ed:e8:0b:b5:4a:2a:bd:8d:91:
00:d9:15:58:92:d2:1b:bd:53:3e:96:54:32:f3:1e:
aa:94:83:78:9e:20:f5:e1:a1:1e:e9:b2:a6:30:dd:
bf:40:aa:93:49:07:dc:e1:b1:8f:29:82:54:db:04:
db:8a:b1:19:9d:81:85:f5:02:c4:df:7a:f7:cb:9e:
da:95:ac:bd:cb:34:6b:65:03:b7:9f:2a:94:32:bf:
c6:be:14:46:ae:73:7c:9d:9a:d1:54:63:80:d2:f8:
a8:31:53:c3:24:7f:84:fc:b0:42:a5:28:11:e3:b8:
24:6a:12:79:82:6a:51:b4:c9:b1:55:aa:28:3c:14:
b2:bf:98:ec:c2:a0:dd:56:08:fd:d0:a8:bf:9d:12:
a4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:36:1F:87:00:F8:35:D6:26:87:45:59:20:87:CC:85:25:B4:57:42
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/YzYfhwD4NdYmh0VZIIfMhSW0V0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
bd:9c:f2:30:d3:6c:c3:88:d8:c4:f1:11:2b:d0:0a:e0:7d:53:
82:c8:62:63:6c:74:4a:05:6c:a3:93:f2:58:4f:e1:fd:63:8a:
9f:fb:0b:31:34:b4:ff:15:a7:ac:9e:11:01:c0:d5:f4:ee:0e:
c5:11:87:ba:45:75:21:da:57:95:46:59:05:a7:2c:77:08:3a:
a5:9a:05:ee:1b:d0:cc:58:5e:c2:ed:fc:da:1a:da:30:1e:d5:
8a:8f:6c:62:2a:ae:ac:e4:eb:82:93:cd:f5:9e:eb:74:22:96:
cf:1d:f3:82:6e:8a:c5:5b:36:2a:d0:39:89:e6:4a:86:5c:2d:
f4:f5:53:52:e5:4f:85:90:3a:64:70:95:fc:10:6d:00:f6:21:
cc:35:f2:af:b9:c9:8b:92:b6:4a:2d:36:79:df:cb:e0:6e:73:
ca:23:38:d3:3d:a7:67:cf:08:8d:26:ec:d2:2b:1b:48:fb:a3:
76:9e:5a:11:56:1d:e8:59:a6:a1:40:c4:9e:c0:cc:01:11:c7:
36:5d:7b:6e:18:fa:a9:7c:37:56:46:82:57:db:d3:29:b6:2e:
c9:08:91:28:fc:02:b6:b3:19:fb:cf:9a:e1:0c:ad:c4:91:94:
71:f1:7b:5f:33:8b:1f:0d:69:1a:85:b7:95:de:77:02:d7:10:
73:c0:f6:00
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8QPCchGH4Kcp1Q7DVMYporMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI0MTMxMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzM2MWY4NzAwZjgzNWQ2MjY4NzQ1NTkyMDg3Y2M4NTI1YjQ1NzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtduptEEKT/VnOJoXjS1yyB6jSEOh
bAetLMaw00/GQrpWCF/Pl3yRSTIUz5i9XWAU6ijcK5hhMCDJziUUippVqTwqeyTs
9BizH73Kv2/qz/vLhaL8pQj7qRJ1xYwY0yBWo+X6lYPYP6xBzF1QRF3t6Au1Siq9
jZEA2RVYktIbvVM+llQy8x6qlIN4niD14aEe6bKmMN2/QKqTSQfc4bGPKYJU2wTb
irEZnYGF9QLE33r3y57alay9yzRrZQO3nyqUMr/GvhRGrnN8nZrRVGOA0vioMVPD
JH+E/LBCpSgR47gkahJ5gmpRtMmxVaooPBSyv5jswqDdVgj90Ki/nRKkuwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGM2H4cA+DXWJodFWSCHzIUltFdCMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvWXpZZmh3RDROZFltaDBWWklJZk1oU1cwVjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQC9nPIw
02zDiNjE8REr0ArgfVOCyGJjbHRKBWyjk/JYT+H9Y4qf+wsxNLT/FaesnhEBwNX0
7g7FEYe6RXUh2leVRlkFpyx3CDqlmgXuG9DMWF7C7fzaGtowHtWKj2xiKq6s5OuC
k831nut0IpbPHfOCborFWzYq0DmJ5kqGXC309VNS5U+FkDpkcJX8EG0A9iHMNfKv
ucmLkrZKLTZ538vgbnPKIzjTPadnzwiNJuzSKxtI+6N2nloRVh3oWaahQMSewMwB
Ecc2XXtuGPqpfDdWRoJX29Mpti7JCJEo/AK2sxn7z5rhDK3EkZRx8XtfM4sfDWka
hbeV3ncC1xBzwPYA
-----END CERTIFICATE-----
Generated at Sun Jul 27 14:55:50 2025 by rpki-client