Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2VgbGpfWRh_b6pcZZbrn55mTNwM.roa
File: 2VgbGpfWRh_b6pcZZbrn55mTNwM.roa (raw, json)
Hash identifier: uogJinwvFph2H9Go9GZr6IyEpvSU5/E3Qr5pc2HbqnI=
Subject key identifier: D9:58:1B:1A:97:D6:46:1F:DB:EA:97:19:65:BA:E7:E7:99:93:37:03
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8B2B7F1D0410C5CDD553708B072D9730
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2VgbGpfWRh_b6pcZZbrn55mTNwM.roa
Signing time: Sat 18 May 2024 10:07:14 +0000
ROA not before: Sat 18 May 2024 10:07:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:8b28:b92d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8b:2b:7f:1d:04:10:c5:cd:d5:53:70:8b:07:2d:97:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 18 10:07:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9581b1a97d6461fdbea971965bae7e799933703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:53:b2:b0:4a:95:01:02:bf:ba:2c:53:79:c1:
2b:b0:bc:e3:85:ab:90:d1:d3:0e:5b:f7:49:fb:a2:
f1:8d:60:b9:da:d2:5d:90:55:e9:0b:64:1e:02:e6:
e7:fc:b0:0e:6c:3e:1a:2e:70:32:2a:f2:9d:65:f6:
e2:93:b5:1c:f8:20:92:ef:d7:a9:7d:b2:bd:c6:ef:
f5:e3:79:fc:77:e3:d1:54:62:74:46:dc:12:4e:ad:
b3:33:bc:94:58:fe:5e:f2:4d:39:b9:a0:23:c9:bd:
10:70:5e:9e:f7:8c:38:c6:1a:09:65:38:a4:89:88:
70:a4:d6:b2:ca:ec:f2:ee:bd:48:0e:59:71:05:df:
26:28:17:1c:89:9b:26:76:36:de:b8:93:a4:54:b3:
56:44:6f:cf:95:be:87:9a:c4:11:ab:e0:dc:81:d7:
52:b7:d9:1c:a6:40:fb:5a:5f:a6:30:ac:0f:de:33:
ed:fd:b9:be:9c:00:dd:28:ff:bf:09:bd:e3:67:06:
83:0d:41:40:45:3a:d3:29:71:04:d8:8d:14:7a:8b:
87:e0:c5:dc:d9:7c:aa:b2:75:3c:eb:35:cd:86:71:
52:80:a8:30:7f:9e:27:3f:b6:18:0c:5a:6f:e9:05:
ce:e7:8d:a6:8a:78:57:61:6f:25:12:4a:a6:83:ec:
1d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:58:1B:1A:97:D6:46:1F:DB:EA:97:19:65:BA:E7:E7:99:93:37:03
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2VgbGpfWRh_b6pcZZbrn55mTNwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:13:32:2e:84:36:4c:0c:60:39:a5:32:43:2a:52:ca:b3:2b:
99:37:eb:77:3d:01:9c:d1:ed:69:a8:f0:90:4b:7f:65:5d:85:
d7:99:1a:59:ae:67:52:34:40:30:db:3c:63:38:05:b7:bf:de:
32:d2:fb:be:fc:4d:90:ea:37:a3:93:e0:09:4f:cc:c4:20:22:
11:ea:b2:dc:8b:32:71:76:0a:4f:a4:94:e1:13:89:04:13:5f:
de:52:d4:65:5c:60:a7:a7:48:8a:9d:ce:ec:3f:e9:c1:23:75:
43:81:37:8f:db:47:4e:39:c2:aa:1c:92:25:88:9e:f6:a4:c1:
c4:5c:16:42:26:f2:ea:c6:b2:9e:82:9a:12:d3:b3:e8:84:af:
80:00:5a:ac:86:5b:1d:a9:fc:c4:ff:bb:6a:9e:16:da:ea:18:
8b:52:ed:9a:e3:d1:c6:97:24:bd:93:d6:0d:72:48:9f:2c:4d:
1d:5f:17:e3:e9:76:97:32:c7:92:c4:f4:64:c0:4f:6a:98:43:
29:7f:8f:1a:e4:f7:09:30:30:f9:ab:32:3a:7c:a1:5f:fe:61:
1b:58:ab:88:db:f8:ab:d7:e0:26:9a:0d:5e:b0:27:f4:c8:2a:
0a:10:b1:0f:9c:00:a9:ce:25:fc:73:30:e9:55:44:ea:ff:0b:
d2:eb:68:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+LK38dBBDFzdVTcIsHLZcwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE4MTAwNzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTU4MWIxYTk3ZDY0NjFmZGJlYTk3MTk2NWJhZTdlNzk5OTMzNzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslOysEqVAQK/uixTecErsLzjhauQ
0dMOW/dJ+6LxjWC52tJdkFXpC2QeAubn/LAObD4aLnAyKvKdZfbik7Uc+CCS79ep
fbK9xu/143n8d+PRVGJ0RtwSTq2zM7yUWP5e8k05uaAjyb0QcF6e94w4xhoJZTik
iYhwpNayyuzy7r1IDllxBd8mKBcciZsmdjbeuJOkVLNWRG/Plb6HmsQRq+DcgddS
t9kcpkD7Wl+mMKwP3jPt/bm+nADdKP+/Cb3jZwaDDUFARTrTKXEE2I0UeouH4MXc
2XyqsnU86zXNhnFSgKgwf54nP7YYDFpv6QXO542minhXYW8lEkqmg+wdKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNlYGxqX1kYf2+qXGWW65+eZkzcDMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvMlZnYkdwZldSaF9iNnBjWlpicm41NW1UTndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD4TMi6ENkwMYDmlMkMq
UsqzK5k363c9AZzR7Wmo8JBLf2VdhdeZGlmuZ1I0QDDbPGM4Bbe/3jLS+778TZDq
N6OT4AlPzMQgIhHqstyLMnF2Ck+klOETiQQTX95S1GVcYKenSIqdzuw/6cEjdUOB
N4/bR045wqockiWInvakwcRcFkIm8urGsp6CmhLTs+iEr4AAWqyGWx2p/MT/u2qe
FtrqGItS7Zrj0caXJL2T1g1ySJ8sTR1fF+Ppdpcyx5LE9GTAT2qYQyl/jxrk9wkw
MPmrMjp8oV/+YRtYq4jb+KvX4CaaDV6wJ/TIKgoQsQ+cAKnOJfxzMOlVROr/C9Lr
aJk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:08 2025 by rpki-client