Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/28PvfHfE2pwzSwsw31O3KtoQqD8.roa
File: 28PvfHfE2pwzSwsw31O3KtoQqD8.roa (raw, json)
Hash identifier: kx8kj1XxThqTR225H+ynEBYkYCDKrT1rcP6Lq1ujxzE=
Subject key identifier: DB:C3:EF:7C:77:C4:DA:9C:33:4B:0B:30:DF:53:B7:2A:DA:10:A8:3F
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F4E3F37630DD2FCFE82FD162C19EC5C6B
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/28PvfHfE2pwzSwsw31O3KtoQqD8.roa
Signing time: Mon 06 May 2024 14:11:56 +0000
ROA not before: Mon 06 May 2024 14:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4e:3f:37:63:0d:d2:fc:fe:82:fd:16:2c:19:ec:5c:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 6 14:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbc3ef7c77c4da9c334b0b30df53b72ada10a83f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7d:8d:69:01:16:30:e8:3a:3c:02:22:e6:ea:
68:d4:1b:ed:57:3e:1e:fb:5e:b4:08:a2:96:de:b2:
db:ca:6c:a3:bb:f8:e6:31:03:cf:98:3d:39:8d:dd:
00:0b:05:52:df:fa:2f:d3:1c:a5:74:f4:cb:b6:33:
b0:e3:d6:34:8f:f6:e1:72:31:dd:4e:10:0d:de:05:
9d:7d:03:94:7b:e0:ed:a0:55:5d:46:e0:22:07:8b:
b2:73:5a:87:f8:7b:93:df:74:48:5f:cd:82:0c:30:
89:fd:9e:8e:d6:52:a2:f9:79:d4:32:28:f9:08:3b:
7a:c5:13:c3:f5:a3:5b:8c:4f:01:73:0f:1a:ec:09:
26:7f:55:fa:2b:5e:ba:00:39:24:81:24:34:7d:bb:
01:0e:ed:11:46:8e:c7:70:a3:54:96:bf:ec:06:38:
aa:ac:0d:95:d6:11:47:92:4e:00:8f:b7:b9:aa:a4:
79:5e:e6:80:40:42:fd:bc:17:16:07:50:4e:7f:97:
45:29:1d:ab:cd:05:cb:e8:6b:1f:dd:64:22:52:ed:
ab:21:49:d0:99:4e:84:0d:62:40:7c:1b:6e:26:e3:
6c:64:37:d7:78:a3:30:c8:f7:73:d1:04:b0:c2:17:
5b:d2:ac:7d:34:fc:cb:01:33:20:47:ed:07:3c:c2:
95:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C3:EF:7C:77:C4:DA:9C:33:4B:0B:30:DF:53:B7:2A:DA:10:A8:3F
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/28PvfHfE2pwzSwsw31O3KtoQqD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:b8:81:2d:08:57:7b:dc:e0:d5:4a:18:99:e0:0a:75:df:d6:
a4:5d:3b:65:fc:0d:f8:88:9d:fd:c5:ae:08:99:48:7b:3c:00:
00:bb:c6:61:f3:c2:1e:bd:6b:f6:e3:06:b7:98:89:aa:16:c6:
78:5d:e7:ca:94:5f:49:75:62:07:96:52:e1:75:09:af:f2:c5:
93:a3:a1:96:70:5d:b7:10:3a:82:d3:fc:9a:b1:f5:9b:39:e0:
59:1c:1b:03:87:37:f5:db:2e:ef:f6:69:30:22:d6:b9:b7:3e:
4b:b2:5c:40:e6:00:ff:5e:ab:4a:33:dd:d9:e9:3e:40:0d:7d:
b9:16:f6:06:25:ef:ae:62:76:e6:19:a9:81:15:a8:01:13:c5:
29:f2:44:31:b5:41:f9:81:22:ca:ea:ae:a1:76:13:63:b4:88:
02:00:eb:90:c8:18:e8:04:d6:54:77:75:da:73:3f:00:44:ef:
a1:5f:e2:84:ad:c4:31:4d:9d:d3:3f:47:c5:60:cb:9c:ac:13:
6e:39:25:b2:ff:95:bf:5a:5d:8f:95:d5:03:62:dc:65:29:69:
22:9c:7b:8d:26:01:0d:c2:91:65:87:80:f5:d1:99:00:0a:61:
a6:e9:4b:e2:53:4b:81:cb:7e:b0:e5:a4:15:bc:25:e3:27:76:
2f:d6:d1:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9OPzdjDdL8/oL9FiwZ7FxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA2MTQxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmMzZWY3Yzc3YzRkYTljMzM0YjBiMzBkZjUzYjcyYWRhMTBhODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX2NaQEWMOg6PAIi5upo1BvtVz4e
+160CKKW3rLbymyju/jmMQPPmD05jd0ACwVS3/ov0xyldPTLtjOw49Y0j/bhcjHd
ThAN3gWdfQOUe+DtoFVdRuAiB4uyc1qH+HuT33RIX82CDDCJ/Z6O1lKi+XnUMij5
CDt6xRPD9aNbjE8Bcw8a7Akmf1X6K166ADkkgSQ0fbsBDu0RRo7HcKNUlr/sBjiq
rA2V1hFHkk4Aj7e5qqR5XuaAQEL9vBcWB1BOf5dFKR2rzQXL6Gsf3WQiUu2rIUnQ
mU6EDWJAfBtuJuNsZDfXeKMwyPdz0QSwwhdb0qx9NPzLATMgR+0HPMKV5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNvD73x3xNqcM0sLMN9TtyraEKg/MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvMjhQdmZIZkUycHd6U3dzdzMxTzNLdG9RcUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF+4gS0IV3vc4NVKGJng
CnXf1qRdO2X8DfiInf3FrgiZSHs8AAC7xmHzwh69a/bjBreYiaoWxnhd58qUX0l1
YgeWUuF1Ca/yxZOjoZZwXbcQOoLT/Jqx9Zs54FkcGwOHN/XbLu/2aTAi1rm3Pkuy
XEDmAP9eq0oz3dnpPkANfbkW9gYl765iduYZqYEVqAETxSnyRDG1QfmBIsrqrqF2
E2O0iAIA65DIGOgE1lR3ddpzPwBE76Ff4oStxDFNndM/R8Vgy5ysE245JbL/lb9a
XY+V1QNi3GUpaSKce40mAQ3CkWWHgPXRmQAKYabpS+JTS4HLfrDlpBW8JeMndi/W
0RU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:11:16 2025 by rpki-client