Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Aon27oqIORykZbvBi6ABS0nbmaY.roa
File: Aon27oqIORykZbvBi6ABS0nbmaY.roa (raw, json)
Hash identifier: mIyfMr3NBa5T0XyuQARJXPbeYkN73smHAEWCdION2Lo=
Subject key identifier: 02:89:F6:EE:8A:88:39:1C:A4:65:BB:C1:8B:A0:01:4B:49:DB:99:A6
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F69B00E39EC52EB8285C8F9F8103288D8
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Aon27oqIORykZbvBi6ABS0nbmaY.roa
Signing time: Sat 11 May 2024 22:04:56 +0000
ROA not before: Sat 11 May 2024 22:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:69af:870e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:69:b0:0e:39:ec:52:eb:82:85:c8:f9:f8:10:32:88:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 11 22:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0289f6ee8a88391ca465bbc18ba0014b49db99a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:45:f4:78:fb:80:da:45:b2:9e:68:ca:fe:fb:
93:86:ca:72:96:d3:a2:32:0b:b6:ce:12:22:ac:b4:
45:2b:71:7f:2b:6c:59:ae:93:ef:d3:92:75:c6:3d:
94:7d:e7:85:6b:f4:09:0b:2a:b4:05:4a:ac:ef:3b:
85:45:a0:8f:ad:5e:b2:d7:cf:a9:ef:74:dc:52:a0:
8a:6f:b7:6e:11:92:eb:15:ae:7c:cd:54:63:8a:6f:
f8:66:73:08:c2:54:f2:1a:e5:31:64:af:54:20:9e:
26:5d:db:03:0f:32:2c:d9:c9:28:30:15:8c:ff:48:
3f:a4:61:94:76:5e:b1:6c:ca:26:6c:13:42:02:ab:
0a:0d:c6:c8:1e:7e:ad:07:af:ab:4c:fe:5c:b7:e7:
f8:a0:b0:c4:9b:c6:18:2d:83:62:97:5d:c4:09:94:
9d:09:64:5d:03:cc:5c:64:5e:02:a7:b9:d2:d7:81:
da:ff:c1:e7:b1:11:ba:a6:27:ac:e5:c3:59:02:a9:
b9:f1:c2:1e:2f:e2:f6:ec:b7:ed:01:fe:0c:d9:ec:
26:61:70:28:5c:49:9c:fc:ea:e1:30:81:ab:a4:af:
5c:97:a5:86:d2:af:ab:eb:6f:b3:a1:c2:c6:ca:b3:
6b:2e:34:39:dc:17:c6:be:68:77:86:86:0f:73:78:
37:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:89:F6:EE:8A:88:39:1C:A4:65:BB:C1:8B:A0:01:4B:49:DB:99:A6
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Aon27oqIORykZbvBi6ABS0nbmaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:98:1f:bf:9b:a8:69:f5:9c:e2:fd:36:d6:1f:d5:2c:f3:7a:
ca:4a:38:bd:e9:6c:6a:33:6c:66:90:7d:b6:6d:5c:a9:c4:9e:
4a:0a:82:a1:a6:99:37:cf:e8:b2:78:e9:0b:56:2e:a1:f1:57:
3e:28:8d:b3:1f:71:d1:ad:f1:1b:b6:57:da:02:0e:8e:5f:11:
77:fc:bb:2c:8e:6f:7c:1e:73:c6:55:b2:84:4a:3b:d6:30:09:
21:ad:d5:f2:ae:9a:74:34:43:84:12:be:ef:2c:48:63:5c:9c:
51:8e:fc:06:94:3b:68:fe:58:c4:df:79:5c:52:76:96:e6:66:
96:18:e0:23:2c:9c:70:8e:c7:01:cb:62:c2:af:07:1d:d7:ea:
fd:7c:ba:52:b8:cd:e1:81:7d:fa:88:da:7b:64:f8:62:71:2d:
a0:d0:b8:0c:26:9e:1a:18:a0:fd:63:c4:97:01:8b:36:ca:f8:
96:2f:4f:43:fd:07:11:4c:93:f6:53:5c:aa:30:85:a1:36:16:
d5:ee:ef:17:38:c3:a7:ed:79:28:06:96:5c:e5:e7:a8:bd:46:
c8:45:e0:d9:3d:81:67:19:91:52:47:0d:81:20:a5:29:b2:8a:
bf:8a:fb:ef:87:e8:d8:18:56:1c:b5:d9:cf:9e:2b:86:69:b9:
e6:66:65:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9psA457FLrgoXI+fgQMojYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTExMjIwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjg5ZjZlZThhODgzOTFjYTQ2NWJiYzE4YmEwMDE0YjQ5ZGI5OWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUX0ePuA2kWynmjK/vuThspyltOi
Mgu2zhIirLRFK3F/K2xZrpPv05J1xj2UfeeFa/QJCyq0BUqs7zuFRaCPrV6y18+p
73TcUqCKb7duEZLrFa58zVRjim/4ZnMIwlTyGuUxZK9UIJ4mXdsDDzIs2ckoMBWM
/0g/pGGUdl6xbMombBNCAqsKDcbIHn6tB6+rTP5ct+f4oLDEm8YYLYNil13ECZSd
CWRdA8xcZF4Cp7nS14Ha/8HnsRG6pies5cNZAqm58cIeL+L27LftAf4M2ewmYXAo
XEmc/OrhMIGrpK9cl6WG0q+r62+zocLGyrNrLjQ53BfGvmh3hoYPc3g3bQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAKJ9u6KiDkcpGW7wYugAUtJ25mmMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvQW9uMjdvcUlPUnlrWmJ2Qmk2QUJTMG5ibWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGyYH7+bqGn1nOL9NtYf
1SzzespKOL3pbGozbGaQfbZtXKnEnkoKgqGmmTfP6LJ46QtWLqHxVz4ojbMfcdGt
8Ru2V9oCDo5fEXf8uyyOb3wec8ZVsoRKO9YwCSGt1fKumnQ0Q4QSvu8sSGNcnFGO
/AaUO2j+WMTfeVxSdpbmZpYY4CMsnHCOxwHLYsKvBx3X6v18ulK4zeGBffqI2ntk
+GJxLaDQuAwmnhoYoP1jxJcBizbK+JYvT0P9BxFMk/ZTXKowhaE2FtXu7xc4w6ft
eSgGllzl56i9RshF4Nk9gWcZkVJHDYEgpSmyir+K+++H6NgYVhy12c+eK4ZpueZm
ZXo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:38:06 2025 by rpki-client