Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/4WCtpyxt5FlqbJ4jIY_hWpLxDzs.roa
File: 4WCtpyxt5FlqbJ4jIY_hWpLxDzs.roa (raw, json)
Hash identifier: OerCgyQGkuAKqS6QnqOKX4nFy5w70qkKavEJRyyS8i8=
Subject key identifier: E1:60:AD:A7:2C:6D:E4:59:6A:6C:9E:23:21:8F:E1:5A:92:F1:0F:3B
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8D1F386A49BB4ECC3A857DE54E2D0BCF
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/4WCtpyxt5FlqbJ4jIY_hWpLxDzs.roa
Signing time: Sat 18 May 2024 19:13:04 +0000
ROA not before: Sat 18 May 2024 19:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8d:1f:38:6a:49:bb:4e:cc:3a:85:7d:e5:4e:2d:0b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 18 19:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e160ada72c6de4596a6c9e23218fe15a92f10f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4b:52:3e:64:d6:61:c4:dd:3f:91:28:45:ec:
6d:6d:fc:7b:2d:0f:11:e7:ac:04:b1:81:0a:0a:f7:
a7:e4:c4:78:a4:12:bb:ef:3f:2b:c1:f7:a1:2c:d4:
e5:68:c5:bb:37:aa:2a:b4:b5:ab:29:f4:d6:96:89:
dc:06:80:81:25:af:c0:a6:fc:11:8e:fd:3d:9b:a7:
7d:68:68:06:28:43:52:35:a8:14:52:97:2a:bc:6c:
4e:b2:7f:9d:1e:ce:b0:91:96:82:cd:ba:16:35:1d:
55:9e:73:93:b5:04:08:04:1a:a4:f1:8f:19:ab:b5:
4b:73:51:d2:f2:28:c5:be:e1:f0:04:d0:ce:af:2c:
7d:6e:77:d4:db:fc:41:33:c8:01:76:5e:21:24:02:
0a:f9:72:cd:50:37:86:68:27:85:28:75:13:2d:bb:
79:53:82:ec:e0:4b:41:35:a8:22:c0:2e:91:40:92:
58:04:4c:4c:ec:f6:4b:f9:90:93:a4:c7:3a:4e:63:
84:27:68:86:aa:b2:e4:88:58:c9:f3:f3:ea:93:6f:
9c:47:62:97:e7:2b:3d:b5:f3:50:79:b6:37:ba:3f:
43:d9:9f:b4:01:f0:85:65:08:9e:9b:44:a1:4b:4e:
5f:ac:fb:81:23:dd:3e:bd:21:7b:77:4a:df:d8:e0:
81:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:60:AD:A7:2C:6D:E4:59:6A:6C:9E:23:21:8F:E1:5A:92:F1:0F:3B
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/4WCtpyxt5FlqbJ4jIY_hWpLxDzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:31:ac:2e:c5:fc:e9:64:b8:b4:ee:32:cd:62:0e:27:d7:ee:
12:93:76:e9:7a:a5:de:b8:3c:66:8d:8e:15:c8:2e:f3:e6:97:
aa:2a:1e:9e:f7:9e:c7:6a:c2:01:85:ad:b8:5d:22:b5:4e:63:
55:84:8a:13:48:89:9c:d6:3e:e7:a1:aa:1b:ea:20:1a:74:62:
5d:05:e9:3a:29:a3:74:bd:9a:3c:6d:8d:48:51:c6:e2:23:7e:
33:40:73:81:15:36:3c:ac:51:17:3a:aa:67:c5:be:02:47:b1:
8e:00:94:4b:9c:fb:4a:d9:0b:27:36:0b:e3:ba:3d:08:d3:33:
49:be:2c:5a:4c:75:bd:e1:c3:f3:98:b9:c1:2b:73:fc:d4:08:
45:0e:de:2c:2f:7e:69:49:51:e5:95:ab:96:43:96:11:34:71:
5f:40:f8:fa:11:f6:93:8f:c9:94:d4:8c:f5:5c:23:76:e7:55:
68:4c:98:a0:7e:32:49:5d:78:8b:b2:d6:de:19:40:23:68:bb:
9a:77:d4:b3:ce:57:a2:e5:6b:53:eb:10:3a:b8:f5:4d:36:87:
e3:e2:80:1a:97:80:09:50:d0:5c:7b:c3:ba:65:3d:e9:c2:78:
4d:e1:a6:21:da:c4:80:c4:3e:c0:36:ad:4b:6e:df:d6:e4:be:
0b:1e:c1:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+NHzhqSbtOzDqFfeVOLQvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE4MTkxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTYwYWRhNzJjNmRlNDU5NmE2YzllMjMyMThmZTE1YTkyZjEwZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUtSPmTWYcTdP5EoRextbfx7LQ8R
56wEsYEKCven5MR4pBK77z8rwfehLNTlaMW7N6oqtLWrKfTWloncBoCBJa/ApvwR
jv09m6d9aGgGKENSNagUUpcqvGxOsn+dHs6wkZaCzboWNR1VnnOTtQQIBBqk8Y8Z
q7VLc1HS8ijFvuHwBNDOryx9bnfU2/xBM8gBdl4hJAIK+XLNUDeGaCeFKHUTLbt5
U4Ls4EtBNagiwC6RQJJYBExM7PZL+ZCTpMc6TmOEJ2iGqrLkiFjJ8/Pqk2+cR2KX
5ys9tfNQebY3uj9D2Z+0AfCFZQiem0ShS05frPuBI90+vSF7d0rf2OCBVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOFgracsbeRZamyeIyGP4VqS8Q87MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvNFdDdHB5eHQ1RmxxYko0aklZX2hXcEx4RHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD0xrC7F/OlkuLTuMs1i
DifX7hKTdul6pd64PGaNjhXILvPml6oqHp73nsdqwgGFrbhdIrVOY1WEihNIiZzW
PuehqhvqIBp0Yl0F6Topo3S9mjxtjUhRxuIjfjNAc4EVNjysURc6qmfFvgJHsY4A
lEuc+0rZCyc2C+O6PQjTM0m+LFpMdb3hw/OYucErc/zUCEUO3iwvfmlJUeWVq5ZD
lhE0cV9A+PoR9pOPyZTUjPVcI3bnVWhMmKB+MkldeIuy1t4ZQCNou5p31LPOV6Ll
a1PrEDq49U02h+PigBqXgAlQ0Fx7w7plPenCeE3hpiHaxIDEPsA2rUtu39bkvgse
wYw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:21 2025 by rpki-client