Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/5sKQ5ruGyrhTlygqtnm5YaAsvC4.roa
File: 5sKQ5ruGyrhTlygqtnm5YaAsvC4.roa (raw, json)
Hash identifier: slpX65fHQdWQ5f396B7Uif8Hyu/pGAyIOyu22S4kX50=
Subject key identifier: E6:C2:90:E6:BB:86:CA:B8:53:97:28:2A:B6:79:B9:61:A0:2C:BC:2E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F773B9AA6C064B3C0969716BF7AD95EFB
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/5sKQ5ruGyrhTlygqtnm5YaAsvC4.roa
Signing time: Tue 14 May 2024 13:12:25 +0000
ROA not before: Tue 14 May 2024 13:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:77:3b:9a:a6:c0:64:b3:c0:96:97:16:bf:7a:d9:5e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 14 13:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6c290e6bb86cab85397282ab679b961a02cbc2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:60:58:ac:06:92:1e:98:8a:59:bd:dc:12:71:
5d:ca:50:dd:e5:9a:76:10:bb:64:7a:df:c9:ea:87:
0b:36:f6:f4:5e:26:4a:cb:67:cf:17:6e:47:9b:f5:
54:c1:15:00:d1:92:8d:35:01:bc:c7:fd:29:9f:30:
cb:39:af:4b:90:75:d9:42:6b:7d:f0:b0:bc:ea:c0:
ed:73:22:82:24:1b:35:9d:14:67:1d:4d:aa:43:bb:
d2:56:89:b2:d7:a8:3b:3e:96:d7:dd:93:a1:e1:59:
42:94:97:a6:88:4f:7f:7a:f7:32:7a:e3:bd:16:5e:
e1:55:8c:79:95:a4:a9:26:f4:b3:1d:94:bc:5a:1a:
00:9c:a4:01:2f:f2:8a:85:b6:76:d4:e8:f3:b0:a0:
97:8b:63:15:2e:50:62:11:d7:20:5a:25:ca:ba:f8:
e0:29:18:4e:0d:65:49:8a:00:1e:e4:8a:fc:7d:cb:
5e:30:98:a0:b4:00:b8:52:ea:ff:60:2b:95:54:5a:
34:d2:03:c7:f5:88:24:41:3e:90:4d:2d:54:e5:56:
53:32:34:50:ae:f2:a1:52:0e:e7:59:fb:60:14:80:
90:15:e6:16:b3:c5:af:fc:60:5c:15:0d:10:e4:be:
8a:51:90:e8:22:71:d7:f2:7d:c3:a8:82:85:be:85:
28:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C2:90:E6:BB:86:CA:B8:53:97:28:2A:B6:79:B9:61:A0:2C:BC:2E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/5sKQ5ruGyrhTlygqtnm5YaAsvC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:27:ef:e7:90:19:8b:fb:fb:1b:a0:f3:dd:77:41:85:72:f1:
14:b5:37:97:68:f4:cf:ee:95:95:8c:e8:2f:bd:a1:e6:a3:4b:
05:25:c8:2e:1d:74:c8:14:f9:79:08:0c:4b:43:2a:f0:18:36:
38:ee:50:07:ed:42:16:18:d9:51:c9:31:9c:62:43:52:93:0e:
c2:aa:05:8a:8e:0e:ed:22:7e:b9:e5:5f:1e:10:05:f5:c5:7b:
38:9b:28:36:77:fe:17:ab:1d:5c:85:bc:44:40:15:b1:d9:1a:
38:99:e1:14:c1:34:8a:24:b8:13:88:d7:e3:42:f1:29:40:00:
8e:01:de:f6:c8:cd:5a:e6:83:8a:e0:57:ad:e8:f6:08:38:85:
b9:50:4a:e5:77:69:39:5b:5b:5d:79:ff:30:3c:27:d1:20:5b:
92:ff:83:e5:dc:91:18:79:50:29:ee:4a:b9:6f:25:33:ea:0c:
5b:ea:03:2f:8d:d1:7d:a8:0e:29:26:3a:94:99:c0:e6:80:82:
c4:77:9a:d2:26:2b:f4:3a:6c:9e:b5:83:0d:b3:3d:74:0e:c8:
ca:f3:c4:f9:b1:03:d7:42:7d:c0:12:5e:cb:c3:d2:1b:65:5f:
3f:af:d9:85:59:2a:70:e9:74:03:4b:fe:41:74:51:67:d2:90:
63:61:5f:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY93O5qmwGSzwJaXFr962V77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE0MTMxMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmMyOTBlNmJiODZjYWI4NTM5NzI4MmFiNjc5Yjk2MWEwMmNiYzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGBYrAaSHpiKWb3cEnFdylDd5Zp2
ELtket/J6ocLNvb0XiZKy2fPF25Hm/VUwRUA0ZKNNQG8x/0pnzDLOa9LkHXZQmt9
8LC86sDtcyKCJBs1nRRnHU2qQ7vSVomy16g7PpbX3ZOh4VlClJemiE9/evcyeuO9
Fl7hVYx5laSpJvSzHZS8WhoAnKQBL/KKhbZ21OjzsKCXi2MVLlBiEdcgWiXKuvjg
KRhODWVJigAe5Ir8fcteMJigtAC4Uur/YCuVVFo00gPH9YgkQT6QTS1U5VZTMjRQ
rvKhUg7nWftgFICQFeYWs8Wv/GBcFQ0Q5L6KUZDoInHX8n3DqIKFvoUoTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFObCkOa7hsq4U5coKrZ5uWGgLLwuMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvNXNLUTVydUd5cmhUbHlncXRubTVZYUFzdkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFon7+eQGYv7+xug8913
QYVy8RS1N5do9M/ulZWM6C+9oeajSwUlyC4ddMgU+XkIDEtDKvAYNjjuUAftQhYY
2VHJMZxiQ1KTDsKqBYqODu0ifrnlXx4QBfXFezibKDZ3/herHVyFvERAFbHZGjiZ
4RTBNIokuBOI1+NC8SlAAI4B3vbIzVrmg4rgV63o9gg4hblQSuV3aTlbW115/zA8
J9EgW5L/g+XckRh5UCnuSrlvJTPqDFvqAy+N0X2oDikmOpSZwOaAgsR3mtImK/Q6
bJ61gw2zPXQOyMrzxPmxA9dCfcASXsvD0htlXz+v2YVZKnDpdANL/kF0UWfSkGNh
X6I=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:22:34 2025 by rpki-client