Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7_XKTPbAGwhkDv5ArGL0yRDtjrY.roa
File: 7_XKTPbAGwhkDv5ArGL0yRDtjrY.roa (raw, json)
Hash identifier: caznxED+b8TmkjdPiLQ6H/uYouvDhrOfQy/CieccPPw=
Subject key identifier: EF:F5:CA:4C:F6:C0:1B:08:64:0E:FE:40:AC:62:F4:C9:10:ED:8E:B6
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8187FF4E0385C65A837F23A861B9479C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7_XKTPbAGwhkDv5ArGL0yRDtjrY.roa
Signing time: Thu 16 May 2024 13:12:04 +0000
ROA not before: Thu 16 May 2024 13:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:87:ff:4e:03:85:c6:5a:83:7f:23:a8:61:b9:47:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 16 13:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eff5ca4cf6c01b08640efe40ac62f4c910ed8eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:46:fc:dc:7b:87:47:e1:e2:e7:fe:bc:6e:6b:
06:5f:1f:20:88:5f:32:f8:38:f0:47:8b:03:07:59:
e7:6e:63:96:54:93:5d:34:72:78:cf:1e:76:d2:96:
69:22:40:4d:2d:e0:a4:e8:88:d4:17:bb:f1:ac:22:
e1:f2:40:ea:c6:e5:03:d2:99:6f:cb:c4:9f:47:5a:
c6:93:45:1d:c4:c4:43:98:77:32:2d:48:c0:b9:5d:
09:a0:e6:97:dd:fb:68:10:9d:2e:d7:e1:15:7f:46:
47:55:09:97:c9:3f:1a:42:71:b3:4a:aa:ca:54:d4:
25:ce:70:8d:f0:dc:90:55:1f:5d:b2:16:9c:9c:fe:
74:a9:e1:81:0f:e7:ac:4c:56:34:a1:91:3c:33:74:
02:ea:27:36:f7:96:b2:95:0d:d2:1f:57:e2:06:86:
3e:8a:ff:da:05:73:0a:8e:0a:53:24:84:2b:a8:0c:
35:4b:1f:dd:c9:00:bb:0f:40:a2:81:55:6a:84:8c:
ac:0a:81:f4:2c:60:40:51:74:08:2a:fa:12:0d:9e:
c9:63:84:ca:01:74:52:e1:fa:e5:cd:ba:14:a8:07:
2f:55:d2:59:80:58:20:a8:0c:b1:59:4c:60:92:00:
20:de:2f:d7:b6:b5:7d:0a:07:cc:9c:2f:a2:39:b9:
75:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:F5:CA:4C:F6:C0:1B:08:64:0E:FE:40:AC:62:F4:C9:10:ED:8E:B6
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7_XKTPbAGwhkDv5ArGL0yRDtjrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:8a:df:0a:7d:2b:45:56:b6:5a:e3:06:3c:f7:c7:f8:83:eb:
f9:f9:ec:e8:83:d0:57:ff:61:03:b4:50:d1:66:ca:23:23:fb:
43:d6:e1:12:f4:72:a4:aa:ad:c7:cf:e3:2d:fd:27:ea:07:f9:
c2:d7:28:09:d8:9e:fe:95:5e:c0:c5:2b:c6:a8:8f:b5:77:03:
e6:bc:78:e7:bd:68:00:0a:ff:7b:05:0b:48:5f:5f:40:6e:2c:
fd:9b:a7:0a:27:5f:d9:3e:ae:65:ff:c8:34:4c:32:eb:d1:e4:
36:e9:83:d8:80:f7:d6:d0:cb:1d:9d:1a:b6:85:1d:51:a1:1e:
ad:b0:b8:1a:a7:3e:eb:60:7e:a3:6f:44:1b:31:0a:3c:bf:65:
14:2d:c9:1a:e2:12:28:21:08:9c:21:b6:da:87:13:aa:96:6a:
85:0a:aa:d1:7b:5c:c3:d9:ec:cd:d3:28:b9:44:6a:0e:6c:5a:
9c:14:5e:7c:12:6d:a9:97:44:30:fe:90:a5:be:b7:c3:3e:64:
04:0e:92:d8:72:0a:ce:aa:ec:89:ea:5f:5d:19:5d:9b:46:b3:
dd:74:9a:bb:cf:fb:4e:2e:c8:d8:95:ab:12:57:18:86:18:95:
3d:be:40:54:e2:47:2a:55:70:03:86:0c:00:92:67:8d:00:7c:
45:d6:b4:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+Bh/9OA4XGWoN/I6hhuUecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE2MTMxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmY1Y2E0Y2Y2YzAxYjA4NjQwZWZlNDBhYzYyZjRjOTEwZWQ4ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkb83HuHR+Hi5/68bmsGXx8giF8y
+DjwR4sDB1nnbmOWVJNdNHJ4zx520pZpIkBNLeCk6IjUF7vxrCLh8kDqxuUD0plv
y8SfR1rGk0UdxMRDmHcyLUjAuV0JoOaX3ftoEJ0u1+EVf0ZHVQmXyT8aQnGzSqrK
VNQlznCN8NyQVR9dshacnP50qeGBD+esTFY0oZE8M3QC6ic295aylQ3SH1fiBoY+
iv/aBXMKjgpTJIQrqAw1Sx/dyQC7D0CigVVqhIysCoH0LGBAUXQIKvoSDZ7JY4TK
AXRS4frlzboUqAcvVdJZgFggqAyxWUxgkgAg3i/XtrV9CgfMnC+iObl1QQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO/1ykz2wBsIZA7+QKxi9MkQ7Y62MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvN19YS1RQYkFHd2hrRHY1QXJHTDB5UkR0anJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAESK3wp9K0VWtlrjBjz3
x/iD6/n57OiD0Ff/YQO0UNFmyiMj+0PW4RL0cqSqrcfP4y39J+oH+cLXKAnYnv6V
XsDFK8aoj7V3A+a8eOe9aAAK/3sFC0hfX0BuLP2bpwonX9k+rmX/yDRMMuvR5Dbp
g9iA99bQyx2dGraFHVGhHq2wuBqnPutgfqNvRBsxCjy/ZRQtyRriEighCJwhttqH
E6qWaoUKqtF7XMPZ7M3TKLlEag5sWpwUXnwSbamXRDD+kKW+t8M+ZAQOkthyCs6q
7InqX10ZXZtGs910mrvP+04uyNiVqxJXGIYYlT2+QFTiRypVcAOGDACSZ40AfEXW
tGQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:07:25 2025 by rpki-client