Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7ERY9qP5Qd03EQ4GdFH5mBVYHPs.roa
File: 7ERY9qP5Qd03EQ4GdFH5mBVYHPs.roa (raw, json)
Hash identifier: dBhD7FRujykMkZuuNRicHUoCFq8ckgHCvdxVLsxNdSM=
Subject key identifier: EC:44:58:F6:A3:F9:41:DD:37:11:0E:06:74:51:F9:98:15:58:1C:FB
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F3AB86F846DB4D210D48E3E8F64CACFAB
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7ERY9qP5Qd03EQ4GdFH5mBVYHPs.roa
Signing time: Thu 02 May 2024 19:11:56 +0000
ROA not before: Thu 02 May 2024 19:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3a:b8:6f:84:6d:b4:d2:10:d4:8e:3e:8f:64:ca:cf:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 2 19:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec4458f6a3f941dd37110e067451f99815581cfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:19:7d:f6:bc:7a:f7:1e:cd:5d:71:44:74:b3:
9d:9c:6d:74:7f:7e:37:fe:58:e0:c4:d0:75:16:e8:
53:78:58:a1:05:da:57:d1:1d:21:cf:ac:78:fa:96:
46:62:d1:07:64:a5:58:11:8e:da:7d:7b:e6:f6:cb:
a6:20:1b:eb:5c:0a:29:d8:a2:b6:f4:67:70:d7:dd:
7c:ca:55:8d:c2:ad:d6:a0:fb:37:e4:a5:2e:ca:66:
a3:fb:8a:79:22:59:0d:7e:2d:f9:d6:af:6b:7b:a2:
4b:8f:40:c7:80:82:77:f3:48:30:96:a0:c2:72:1e:
98:d7:c5:bc:c3:ee:26:93:e2:a6:8f:d9:f5:60:f1:
6b:6e:49:0d:eb:15:eb:1b:30:34:27:03:bd:6e:3f:
4d:92:12:08:50:c9:d8:0f:b6:7d:e3:2b:15:81:d6:
c7:94:6b:b9:37:99:45:39:19:0d:a1:2d:89:c9:f1:
80:9f:d5:4c:0f:4a:b2:60:ba:fd:bd:e6:5f:b0:76:
b5:e3:d0:f9:34:b1:ef:89:a7:72:79:5c:4d:78:2e:
22:37:f6:bf:65:c1:11:9c:b0:18:d6:1e:3b:9b:40:
49:f2:53:3d:15:92:e6:8c:e9:ef:63:78:76:f0:f4:
04:44:09:b0:28:6a:2f:4b:03:52:97:04:80:40:da:
e6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:44:58:F6:A3:F9:41:DD:37:11:0E:06:74:51:F9:98:15:58:1C:FB
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7ERY9qP5Qd03EQ4GdFH5mBVYHPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:8d:44:1a:18:f9:59:3f:f3:0a:7e:07:fe:fe:7e:14:ba:79:
7b:5b:40:af:54:0f:bb:e6:dc:d4:27:66:73:cb:1f:48:8a:4f:
b3:16:de:92:e2:78:97:3a:37:c8:ba:11:d1:9f:dd:60:68:31:
88:4b:83:81:b2:35:fd:54:b6:63:af:fe:1e:9a:df:2a:a5:5d:
90:f7:74:cc:18:c6:eb:76:81:88:a7:b4:16:32:7a:4c:1f:3e:
2f:c5:06:5a:4c:96:a9:ed:73:c4:5c:e3:fd:db:4f:d5:de:7a:
6b:7e:fa:a4:04:b0:4a:f8:d8:bb:2b:58:ad:37:1f:67:cd:42:
ee:9d:80:87:9a:a1:83:c4:eb:06:ce:b3:19:88:89:69:d5:83:
bf:88:20:e3:ff:7f:c5:d6:e9:89:7e:18:eb:1e:ba:99:af:9a:
15:a4:9b:a9:57:06:a9:6f:7f:b2:d2:8d:97:eb:a0:70:76:79:
35:fa:8f:04:74:1d:2c:e4:6c:ff:06:c9:0b:00:bb:23:c2:ae:
9a:8f:cd:4e:1c:8f:59:58:3f:5a:c5:eb:8d:f9:31:66:55:3f:
5e:0c:a2:b0:e9:f4:90:28:8e:4d:34:ae:7c:1b:4a:2b:59:d8:
91:e0:e3:1f:e8:e2:4c:6a:7c:83:a8:04:b8:00:07:7f:a1:3f:
12:40:9b:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY86uG+EbbTSENSOPo9kys+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAyMTkxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzQ0NThmNmEzZjk0MWRkMzcxMTBlMDY3NDUxZjk5ODE1NTgxY2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Rl99rx69x7NXXFEdLOdnG10f343
/ljgxNB1FuhTeFihBdpX0R0hz6x4+pZGYtEHZKVYEY7afXvm9sumIBvrXAop2KK2
9Gdw1918ylWNwq3WoPs35KUuymaj+4p5IlkNfi351q9re6JLj0DHgIJ380gwlqDC
ch6Y18W8w+4mk+Kmj9n1YPFrbkkN6xXrGzA0JwO9bj9NkhIIUMnYD7Z94ysVgdbH
lGu5N5lFORkNoS2JyfGAn9VMD0qyYLr9veZfsHa149D5NLHviadyeVxNeC4iN/a/
ZcERnLAY1h47m0BJ8lM9FZLmjOnvY3h28PQERAmwKGovSwNSlwSAQNrmOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOxEWPaj+UHdNxEOBnRR+ZgVWBz7MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvN0VSWTlxUDVRZDAzRVE0R2RGSDVtQlZZSFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAONRBoY+Vk/8wp+B/7+
fhS6eXtbQK9UD7vm3NQnZnPLH0iKT7MW3pLieJc6N8i6EdGf3WBoMYhLg4GyNf1U
tmOv/h6a3yqlXZD3dMwYxut2gYintBYyekwfPi/FBlpMlqntc8Rc4/3bT9Xeemt+
+qQEsEr42LsrWK03H2fNQu6dgIeaoYPE6wbOsxmIiWnVg7+IIOP/f8XW6Yl+GOse
upmvmhWkm6lXBqlvf7LSjZfroHB2eTX6jwR0HSzkbP8GyQsAuyPCrpqPzU4cj1lY
P1rF6435MWZVP14MorDp9JAojk00rnwbSitZ2JHg4x/o4kxqfIOoBLgAB3+hPxJA
m2U=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:58:59 2025 by rpki-client