Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3rIneccSjv6H--xG_nwcEH3b7YA.roa
File: 3rIneccSjv6H--xG_nwcEH3b7YA.roa (raw, json)
Hash identifier: Dfhqg2aH5PtIykHrlpjCOnCNBBTD6m3M1KbywzsQhbw=
Subject key identifier: DE:B2:27:79:C7:12:8E:FE:87:FB:EC:46:FE:7C:1C:10:7D:DB:ED:80
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F4FF5C0B62082FD8943F085C773BB29F7
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3rIneccSjv6H--xG_nwcEH3b7YA.roa
Signing time: Mon 06 May 2024 22:10:56 +0000
ROA not before: Mon 06 May 2024 22:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4f:f5:c0:b6:20:82:fd:89:43:f0:85:c7:73:bb:29:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 6 22:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=deb22779c7128efe87fbec46fe7c1c107ddbed80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d0:d1:9e:6c:26:63:f2:0d:db:a9:f7:08:c9:
a2:a7:78:17:80:05:40:d2:15:1f:a7:6f:08:b4:32:
86:04:55:68:36:e2:2f:69:79:a7:8d:8f:a0:3d:26:
9d:b1:4a:0a:0e:0b:38:90:00:85:4b:91:0c:7f:f5:
07:0f:76:e7:90:01:eb:4a:73:06:01:7f:91:ea:cc:
57:8f:fd:52:64:2d:45:93:b7:f7:bf:aa:43:bd:4c:
55:dd:fe:aa:41:67:96:54:a7:7c:d3:66:fc:fa:df:
0f:3b:b6:05:ea:50:06:ae:60:f8:a2:b5:ef:94:a6:
39:c2:65:e2:11:b2:fc:46:10:24:6e:f9:74:af:54:
0a:40:f0:c4:85:3d:36:8c:ff:a5:28:1d:bf:ca:bc:
d7:0b:2b:b5:5a:21:53:a3:60:22:c8:fc:dd:34:c6:
d5:1d:16:38:e7:ee:6e:54:be:74:34:15:02:82:f3:
e2:1e:8a:c2:11:0c:d9:9f:9a:ad:b2:b4:ac:22:74:
9e:12:fc:e7:ad:25:ed:56:52:63:dd:39:4a:40:e4:
23:57:cb:75:9a:cc:5a:03:79:bb:78:38:1f:ef:6a:
a6:0c:a2:45:71:77:c1:53:c9:a3:66:51:7c:83:3d:
aa:df:fa:c3:8f:37:ee:ab:41:30:14:60:ae:d6:e7:
40:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B2:27:79:C7:12:8E:FE:87:FB:EC:46:FE:7C:1C:10:7D:DB:ED:80
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3rIneccSjv6H--xG_nwcEH3b7YA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:33:27:ee:e5:de:9a:9f:5b:ab:c9:b9:54:82:0f:8e:cb:4e:
27:96:f5:b5:6f:c7:b1:a3:6a:7f:91:cf:45:ff:b9:d8:ca:91:
ea:ac:6e:71:34:98:9c:96:2f:6e:82:25:76:5b:88:6a:f0:d2:
c2:c3:dc:1d:89:a9:71:2e:fa:03:cd:46:21:74:08:16:27:c0:
7b:62:94:c2:73:96:73:b9:24:96:5d:4e:eb:42:6d:ad:36:7f:
94:fb:fb:14:64:61:11:88:5e:9d:4c:75:e1:f5:33:5c:1f:ce:
c8:c1:5e:37:14:93:92:69:34:a2:39:b9:8d:8d:10:13:81:b2:
f2:8a:84:27:a8:26:f1:72:07:16:59:20:e6:17:61:d0:fb:c8:
b4:49:77:fa:ea:60:9f:c0:9a:ae:b6:05:0a:03:31:78:94:ad:
8d:6e:ae:ed:74:33:2f:c6:9f:41:b1:18:60:12:54:4e:ee:fc:
b1:53:6a:61:5a:eb:02:99:2f:06:7c:21:6d:6d:c9:0c:48:2a:
e9:fa:39:ce:8c:3b:81:fb:ee:d6:2f:3e:12:c9:26:78:3e:7a:
03:d8:ce:08:27:63:12:81:05:09:0b:60:1e:5a:37:7f:ff:16:
49:8b:1f:c2:5f:74:04:94:f7:e7:2a:ab:99:2b:4e:20:d7:c3:
fb:53:8a:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9P9cC2IIL9iUPwhcdzuyn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA2MjIxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWIyMjc3OWM3MTI4ZWZlODdmYmVjNDZmZTdjMWMxMDdkZGJlZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNDRnmwmY/IN26n3CMmip3gXgAVA
0hUfp28ItDKGBFVoNuIvaXmnjY+gPSadsUoKDgs4kACFS5EMf/UHD3bnkAHrSnMG
AX+R6sxXj/1SZC1Fk7f3v6pDvUxV3f6qQWeWVKd802b8+t8PO7YF6lAGrmD4orXv
lKY5wmXiEbL8RhAkbvl0r1QKQPDEhT02jP+lKB2/yrzXCyu1WiFTo2AiyPzdNMbV
HRY45+5uVL50NBUCgvPiHorCEQzZn5qtsrSsInSeEvznrSXtVlJj3TlKQOQjV8t1
msxaA3m7eDgf72qmDKJFcXfBU8mjZlF8gz2q3/rDjzfuq0EwFGCu1udAdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN6yJ3nHEo7+h/vsRv58HBB92+2AMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvM3JJbmVjY1NqdjZILS14R19ud2NFSDNiN1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJwzJ+7l3pqfW6vJuVSC
D47LTieW9bVvx7Gjan+Rz0X/udjKkeqsbnE0mJyWL26CJXZbiGrw0sLD3B2JqXEu
+gPNRiF0CBYnwHtilMJzlnO5JJZdTutCba02f5T7+xRkYRGIXp1MdeH1M1wfzsjB
XjcUk5JpNKI5uY2NEBOBsvKKhCeoJvFyBxZZIOYXYdD7yLRJd/rqYJ/Amq62BQoD
MXiUrY1uru10My/Gn0GxGGASVE7u/LFTamFa6wKZLwZ8IW1tyQxIKun6Oc6MO4H7
7tYvPhLJJng+egPYzggnYxKBBQkLYB5aN3//FkmLH8JfdASU9+cqq5krTiDXw/tT
ioM=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:35:37 2025 by rpki-client