Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/75G85zdF0-osvU5f8D9qysX_4rE.roa
File: 75G85zdF0-osvU5f8D9qysX_4rE.roa (raw, json)
Hash identifier: +HUgs5RLwE5jBKFiwAaBPvQUQK8dLFX/3DXiH+STa6I=
Subject key identifier: EF:91:BC:E7:37:45:D3:EA:2C:BD:4E:5F:F0:3F:6A:CA:C5:FF:E2:B1
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F811937F4CF1633BD7B340C05EE12C556
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/75G85zdF0-osvU5f8D9qysX_4rE.roa
Signing time: Thu 16 May 2024 11:11:04 +0000
ROA not before: Thu 16 May 2024 11:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:19:37:f4:cf:16:33:bd:7b:34:0c:05:ee:12:c5:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 16 11:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef91bce73745d3ea2cbd4e5ff03f6acac5ffe2b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:37:b1:5e:61:3e:b0:92:bf:be:db:9c:1e:7a:
43:05:dc:72:3b:52:cf:33:49:aa:05:43:95:3f:72:
e8:ed:a1:e3:fc:0d:a5:43:2a:f3:b6:27:43:26:9a:
ca:26:0c:1c:6a:4e:c2:23:7d:80:cd:b1:99:c8:3e:
80:19:bc:7e:b4:2b:5a:19:8c:eb:2f:a3:05:a4:01:
6d:ac:70:89:e5:e7:e9:d4:22:ef:21:26:2f:f9:e5:
24:19:1d:90:2e:52:ca:3d:5a:42:6b:34:b3:a8:4e:
2d:3a:80:6a:dc:5a:57:49:e4:29:6b:66:28:72:85:
64:6a:93:15:3e:4e:82:70:77:81:aa:fb:01:7e:e2:
de:6b:91:de:8f:97:e0:d7:2d:cc:f4:f8:bf:56:fb:
82:c9:f2:ce:a9:19:35:ce:ba:d3:c3:ae:ec:ab:9e:
89:66:45:6e:ae:ad:00:04:dd:84:2f:35:3b:72:79:
5a:74:e7:88:a0:15:98:4a:cc:49:3c:7e:3c:17:fa:
f2:af:0b:bd:e4:68:f1:f8:e7:a0:41:7b:0d:83:2b:
92:b6:6f:47:62:c6:14:c1:ee:c9:90:d4:4c:8e:72:
d9:c4:6f:9b:f4:2d:38:5e:a7:8e:ef:4e:f2:c9:75:
43:9f:6a:f9:7c:2f:bd:50:f6:41:9c:9a:cb:33:23:
0b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:91:BC:E7:37:45:D3:EA:2C:BD:4E:5F:F0:3F:6A:CA:C5:FF:E2:B1
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/75G85zdF0-osvU5f8D9qysX_4rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:6b:65:05:70:f6:e1:a4:c1:27:b7:05:b3:20:a1:79:e1:19:
60:c0:a7:f5:15:9c:a3:35:f9:21:60:8e:fb:3c:ee:83:af:21:
25:47:79:d2:a5:31:1f:3c:1e:0c:79:e1:eb:4a:3c:98:68:51:
0e:f2:90:2f:99:56:24:0a:bf:58:0a:e3:12:f8:23:ef:35:ae:
33:41:b2:f6:d6:3c:08:b8:04:67:2f:33:cd:e0:a1:ec:6b:ed:
a0:42:2b:e9:a3:98:15:ba:09:06:eb:a3:46:4f:86:65:9f:5b:
fb:26:fe:b7:a9:fb:d4:6e:65:1c:33:c4:2d:40:00:d4:4e:73:
85:23:c5:e0:dc:5b:0e:ae:5a:96:c1:d8:7f:69:1e:41:8e:ec:
a4:ad:b7:3f:51:e9:27:90:19:d6:bf:b7:af:4a:41:e7:a0:5c:
1f:25:4e:86:20:69:90:21:d6:6d:4a:80:8d:a4:6c:1a:bc:00:
07:0d:9b:5a:57:5a:a7:49:e1:04:fc:86:77:01:86:e7:88:1e:
66:bc:a2:5f:f1:08:2b:4b:a5:08:76:ec:6f:a2:43:8b:ad:6d:
32:71:42:31:28:fb:f5:77:fa:97:71:39:2f:a1:d2:44:04:a0:
70:5a:a4:58:ad:90:74:ea:1e:7c:92:9d:20:b8:cb:db:18:90:
c6:65:15:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+BGTf0zxYzvXs0DAXuEsVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE2MTExMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjkxYmNlNzM3NDVkM2VhMmNiZDRlNWZmMDNmNmFjYWM1ZmZlMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTexXmE+sJK/vtucHnpDBdxyO1LP
M0mqBUOVP3Lo7aHj/A2lQyrztidDJprKJgwcak7CI32AzbGZyD6AGbx+tCtaGYzr
L6MFpAFtrHCJ5efp1CLvISYv+eUkGR2QLlLKPVpCazSzqE4tOoBq3FpXSeQpa2Yo
coVkapMVPk6CcHeBqvsBfuLea5Hej5fg1y3M9Pi/VvuCyfLOqRk1zrrTw67sq56J
ZkVurq0ABN2ELzU7cnladOeIoBWYSsxJPH48F/ryrwu95Gjx+OegQXsNgyuStm9H
YsYUwe7JkNRMjnLZxG+b9C04XqeO707yyXVDn2r5fC+9UPZBnJrLMyMLeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO+RvOc3RdPqLL1OX/A/asrF/+KxMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvNzVHODV6ZEYwLW9zdlU1ZjhEOXF5c1hfNHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA1rZQVw9uGkwSe3BbMg
oXnhGWDAp/UVnKM1+SFgjvs87oOvISVHedKlMR88Hgx54etKPJhoUQ7ykC+ZViQK
v1gK4xL4I+81rjNBsvbWPAi4BGcvM83goexr7aBCK+mjmBW6CQbro0ZPhmWfW/sm
/rep+9RuZRwzxC1AANROc4UjxeDcWw6uWpbB2H9pHkGO7KSttz9R6SeQGda/t69K
QeegXB8lToYgaZAh1m1KgI2kbBq8AAcNm1pXWqdJ4QT8hncBhueIHma8ol/xCCtL
pQh27G+iQ4utbTJxQjEo+/V3+pdxOS+h0kQEoHBapFitkHTqHnySnSC4y9sYkMZl
FU8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:33 2025 by rpki-client