Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Es2d1N5jvD97LHL6f64jBFB7Zec.roa
File: Es2d1N5jvD97LHL6f64jBFB7Zec.roa (raw, json)
Hash identifier: uhtqZrQX0ci4/H4YmN1XXo79bIUXjoTWBPr3y6hNwbE=
Subject key identifier: 12:CD:9D:D4:DE:63:BC:3F:7B:2C:72:FA:7F:AE:23:04:50:7B:65:E7
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9B12B19C023D2EFD1FFB8580ECFAF65C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Es2d1N5jvD97LHL6f64jBFB7Zec.roa
Signing time: Tue 21 May 2024 12:14:04 +0000
ROA not before: Tue 21 May 2024 12:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:12:b1:9c:02:3d:2e:fd:1f:fb:85:80:ec:fa:f6:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 12:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12cd9dd4de63bc3f7b2c72fa7fae2304507b65e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ef:59:e2:05:ec:d0:15:76:15:af:d5:a9:ff:
f0:31:47:25:b2:5b:f6:aa:86:9a:42:b3:07:21:0f:
b8:cd:90:7e:e4:ca:02:4e:74:00:28:c4:72:72:40:
a2:2e:1e:0c:26:e0:76:ab:24:d1:45:db:a9:d6:ae:
c0:67:df:ad:dc:9a:5c:ab:8a:d0:f0:33:94:e5:a9:
99:7b:ab:b7:44:b1:89:05:b9:b5:f5:35:c2:72:c7:
8e:51:13:4c:71:f7:70:d6:f6:c5:ae:5c:45:ab:bf:
07:09:fe:29:9a:66:c4:33:db:cc:0f:2a:14:f9:29:
24:41:a4:9b:17:36:a3:94:b0:40:fa:a1:16:64:d0:
44:31:76:c5:e3:56:1e:35:42:63:b5:d8:f4:26:98:
ac:9e:d9:2f:51:e5:21:22:c4:fd:16:13:dd:78:f7:
9c:a3:38:7e:b3:de:0a:06:51:38:0f:e2:ff:0d:4e:
2e:38:09:4e:4b:80:5f:da:b9:bb:f0:c0:39:23:9e:
42:2e:d5:b6:00:51:00:87:02:0c:54:07:4e:7d:e6:
67:f4:60:5b:4f:09:43:fc:83:77:a8:6c:8d:70:a9:
f7:3b:87:27:ce:6b:4b:4b:02:bb:58:0b:92:b5:e1:
0c:fa:b5:9d:59:61:6c:9b:1f:1a:2d:51:63:9e:a5:
9c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CD:9D:D4:DE:63:BC:3F:7B:2C:72:FA:7F:AE:23:04:50:7B:65:E7
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Es2d1N5jvD97LHL6f64jBFB7Zec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:3b:40:33:40:db:04:aa:e9:83:df:63:60:de:c1:6f:5c:e8:
af:9d:84:ca:00:6b:98:cd:c5:b1:17:df:0c:cf:21:24:e4:ae:
98:b1:5b:23:0a:ac:b5:2b:bc:9d:c4:c7:ca:61:fe:1c:bf:ac:
4c:06:3e:ce:f5:ac:fa:2b:e5:cc:ba:45:b8:da:52:72:22:f3:
11:72:42:3d:b3:66:50:d1:4f:23:05:07:0f:7b:bd:a3:07:ec:
44:99:14:f4:75:b3:67:fd:5b:64:d3:33:45:e7:dc:e0:b3:ed:
35:ea:ff:6e:4c:36:82:7c:69:dd:55:26:67:55:c7:d3:8b:f4:
47:f9:df:a8:9d:66:97:82:36:06:39:f5:93:ae:aa:a8:15:72:
3c:02:c4:b7:2d:3a:2a:91:af:79:63:c1:ba:35:cd:2b:b4:61:
cb:f1:13:dd:95:65:3a:31:8a:c4:d4:a0:02:ea:68:c0:65:9b:
fa:2a:f5:50:8e:98:39:7a:19:10:00:35:4d:cc:c7:8e:ca:1d:
85:e5:cf:c0:6b:c2:a6:ba:c1:49:56:b5:b9:95:74:c8:31:48:
d4:33:a5:ee:1c:a5:dc:9f:e5:df:38:34:c3:f4:50:96:6b:19:
57:91:0b:b2:16:6d:c5:c6:0b:7e:05:6c:5e:9b:29:24:b1:7d:
64:b3:a0:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+bErGcAj0u/R/7hYDs+vZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMTIxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmNkOWRkNGRlNjNiYzNmN2IyYzcyZmE3ZmFlMjMwNDUwN2I2NWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxu9Z4gXs0BV2Fa/Vqf/wMUclslv2
qoaaQrMHIQ+4zZB+5MoCTnQAKMRyckCiLh4MJuB2qyTRRdup1q7AZ9+t3Jpcq4rQ
8DOU5amZe6u3RLGJBbm19TXCcseOURNMcfdw1vbFrlxFq78HCf4pmmbEM9vMDyoU
+SkkQaSbFzajlLBA+qEWZNBEMXbF41YeNUJjtdj0JpisntkvUeUhIsT9FhPdePec
ozh+s94KBlE4D+L/DU4uOAlOS4Bf2rm78MA5I55CLtW2AFEAhwIMVAdOfeZn9GBb
TwlD/IN3qGyNcKn3O4cnzmtLSwK7WAuSteEM+rWdWWFsmx8aLVFjnqWcAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBLNndTeY7w/eyxy+n+uIwRQe2XnMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvRXMyZDFONWp2RDk3TEhMNmY2NGpCRkI3WmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB07QDNA2wSq6YPfY2De
wW9c6K+dhMoAa5jNxbEX3wzPISTkrpixWyMKrLUrvJ3Ex8ph/hy/rEwGPs71rPor
5cy6RbjaUnIi8xFyQj2zZlDRTyMFBw97vaMH7ESZFPR1s2f9W2TTM0Xn3OCz7TXq
/25MNoJ8ad1VJmdVx9OL9Ef536idZpeCNgY59ZOuqqgVcjwCxLctOiqRr3ljwbo1
zSu0YcvxE92VZToxisTUoALqaMBlm/oq9VCOmDl6GRAANU3Mx47KHYXlz8Brwqa6
wUlWtbmVdMgxSNQzpe4cpdyf5d84NMP0UJZrGVeRC7IWbcXGC34FbF6bKSSxfWSz
oA8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:53:05 2025 by rpki-client