Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3fBIsmCqIUHHFlxc4wJC7nckggA.roa
File: 3fBIsmCqIUHHFlxc4wJC7nckggA.roa (raw, json)
Hash identifier: ldslFu8tOX+GF6hQ2+So7+OiGGiVSaRxhdZfOOf5qmo=
Subject key identifier: DD:F0:48:B2:60:AA:21:41:C7:16:5C:5C:E3:02:42:EE:77:24:82:00
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F47C8DB53E74074CBBB50FB2B19EA03E8
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3fBIsmCqIUHHFlxc4wJC7nckggA.roa
Signing time: Sun 05 May 2024 08:04:56 +0000
ROA not before: Sun 05 May 2024 08:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:47c8:2678/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:47:c8:db:53:e7:40:74:cb:bb:50:fb:2b:19:ea:03:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 5 08:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddf048b260aa2141c7165c5ce30242ee77248200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:92:98:cb:79:91:33:cd:0d:28:07:96:1d:36:
ca:78:0d:e3:e1:e2:14:65:3e:c0:1d:32:a1:33:51:
7a:4a:88:3e:31:24:9f:6c:27:29:c2:02:c2:72:a6:
85:6b:cd:73:a5:19:ae:83:07:dc:e8:85:26:5c:40:
e3:35:b6:87:fc:ba:43:94:36:0f:de:0d:ec:9d:4f:
1a:d0:41:12:cc:34:bf:bb:d0:13:1c:36:6b:52:55:
4a:f5:c7:cc:21:87:13:2b:e5:ab:5f:e6:89:af:ea:
08:34:9a:85:2f:af:7b:9a:77:9d:23:91:ed:6f:bd:
0b:26:2d:4f:7e:5a:d3:4b:f9:d7:ad:9b:41:14:90:
36:62:68:40:f0:eb:ab:02:de:9e:96:26:ce:71:87:
20:53:00:7a:b2:f7:18:07:bb:16:d5:a7:30:c2:c9:
f0:22:3d:e5:e1:2c:68:76:21:04:90:46:70:d7:e9:
96:49:3e:38:d4:43:00:33:a6:8f:3b:b0:19:df:5d:
67:b2:e6:57:32:cc:43:6b:9f:cc:cf:6b:cb:a6:29:
6e:c0:3c:78:86:00:a7:13:09:03:14:e4:0e:bd:b8:
22:ad:c0:8e:34:e5:ad:20:92:43:e1:09:8c:fd:81:
c1:d6:a2:2f:cb:ab:f9:6e:87:e2:84:7d:e3:7c:0d:
94:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F0:48:B2:60:AA:21:41:C7:16:5C:5C:E3:02:42:EE:77:24:82:00
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3fBIsmCqIUHHFlxc4wJC7nckggA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:bb:9f:ec:66:a5:99:91:f9:8c:da:bf:6e:eb:1f:b5:38:1b:
79:cb:4e:a4:a7:79:b3:55:f4:89:fa:98:58:f7:5e:3d:96:7b:
fb:ce:42:4e:74:d4:ef:84:cd:66:5e:cf:78:d9:43:ce:e7:f0:
d4:88:e5:f2:74:d7:92:76:b1:26:e4:10:47:e9:f7:50:6f:66:
5f:ec:fd:65:2f:a3:59:63:d1:51:91:1d:a1:e2:9b:de:1a:81:
34:97:3c:bb:12:5d:cc:35:ec:1c:92:81:68:66:c9:1c:6b:1d:
7e:7d:15:b8:ec:ee:a0:8e:66:e5:8b:a9:2f:3a:18:ad:25:68:
e7:ab:da:17:77:0c:04:de:5d:85:f0:75:04:de:d0:fd:28:fd:
70:95:53:da:37:96:62:61:4c:2f:d3:51:7a:58:04:f0:bc:b7:
b1:93:ea:3a:24:f8:3f:45:e8:e2:ff:90:1c:c4:f8:43:f2:f5:
60:fd:0d:ba:15:51:94:0c:ef:dd:3a:02:af:e6:ff:6a:1b:07:
8d:0b:17:e2:6c:85:47:cf:06:e2:b3:86:6a:c6:8f:90:4b:0c:
10:02:c6:61:12:83:04:d6:a9:92:a6:a1:6c:5d:c3:bb:6c:5f:
13:28:1b:dd:6d:e1:30:fe:0a:dc:37:7f:d0:fb:b1:a6:d3:37:
b5:e2:46:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9HyNtT50B0y7tQ+ysZ6gPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA1MDgwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGYwNDhiMjYwYWEyMTQxYzcxNjVjNWNlMzAyNDJlZTc3MjQ4MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpKYy3mRM80NKAeWHTbKeA3j4eIU
ZT7AHTKhM1F6Sog+MSSfbCcpwgLCcqaFa81zpRmugwfc6IUmXEDjNbaH/LpDlDYP
3g3snU8a0EESzDS/u9ATHDZrUlVK9cfMIYcTK+WrX+aJr+oINJqFL697mnedI5Ht
b70LJi1PflrTS/nXrZtBFJA2YmhA8OurAt6elibOcYcgUwB6svcYB7sW1acwwsnw
Ij3l4SxodiEEkEZw1+mWST441EMAM6aPO7AZ311nsuZXMsxDa5/Mz2vLpiluwDx4
hgCnEwkDFOQOvbgircCONOWtIJJD4QmM/YHB1qIvy6v5bofihH3jfA2UWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN3wSLJgqiFBxxZcXOMCQu53JIIAMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvM2ZCSXNtQ3FJVUhIRmx4YzR3SkM3bmNrZ2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABi7n+xmpZmR+Yzav27r
H7U4G3nLTqSnebNV9In6mFj3Xj2We/vOQk501O+EzWZez3jZQ87n8NSI5fJ015J2
sSbkEEfp91BvZl/s/WUvo1lj0VGRHaHim94agTSXPLsSXcw17BySgWhmyRxrHX59
Fbjs7qCOZuWLqS86GK0laOer2hd3DATeXYXwdQTe0P0o/XCVU9o3lmJhTC/TUXpY
BPC8t7GT6jok+D9F6OL/kBzE+EPy9WD9DboVUZQM7906Aq/m/2obB40LF+JshUfP
BuKzhmrGj5BLDBACxmESgwTWqZKmoWxdw7tsXxMoG91t4TD+Ctw3f9D7sabTN7Xi
RmU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:33 2025 by rpki-client