Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Fl2svKq9NEShd4Za7ljHFleY294.roa
File: Fl2svKq9NEShd4Za7ljHFleY294.roa (raw, json)
Hash identifier: kOFGmdPjlWNKUJlN+ZhcAHmRMZCcN46yMS23jCvF8E4=
Subject key identifier: 16:5D:AC:BC:AA:BD:34:44:A1:77:86:5A:EE:58:C7:16:57:98:DB:DE
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F67912592EE4B218C16B12E74EC5D73B6
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Fl2svKq9NEShd4Za7ljHFleY294.roa
Signing time: Sat 11 May 2024 12:11:56 +0000
ROA not before: Sat 11 May 2024 12:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:67:91:25:92:ee:4b:21:8c:16:b1:2e:74:ec:5d:73:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 11 12:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=165dacbcaabd3444a177865aee58c7165798dbde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5e:11:3d:73:25:c3:c7:3d:4a:f1:6e:39:4d:
10:97:a3:30:3b:83:ef:7e:00:85:bf:e2:91:f5:f1:
98:3a:50:98:2a:3b:62:5a:ea:f8:1c:97:c3:b8:e2:
f6:9e:44:a4:89:e9:81:b4:e6:d0:7e:b0:3b:b6:b6:
69:53:4a:12:68:33:2b:14:d2:1c:21:4f:e6:a1:94:
02:5b:47:14:00:26:a6:96:0b:8e:82:a7:ab:a8:ab:
ff:78:9a:8d:db:f2:98:e0:38:35:7a:9e:c9:c2:e7:
8c:e3:86:57:d2:66:a7:05:18:be:fc:bc:57:e8:06:
17:95:8d:93:cb:c2:df:d0:3a:6d:1e:7b:a5:fd:6d:
fc:68:ea:e4:04:29:77:57:81:c5:62:30:b6:2d:f0:
ca:51:94:e7:4b:1e:de:62:73:c1:fa:fd:92:38:b8:
e0:5f:05:2d:59:8b:da:d4:e3:99:63:15:8f:6c:55:
31:2c:22:e4:92:52:a4:86:a6:ae:0e:2b:b6:58:bc:
4a:ca:93:f7:a5:80:b8:c8:17:3e:42:06:f5:e5:7e:
4f:b7:fe:86:92:ac:56:66:96:8d:07:01:f8:12:1f:
75:c6:63:54:a7:be:69:be:7f:c2:80:6e:aa:4e:7c:
75:eb:9c:44:2a:b4:10:a6:82:c8:a8:d5:80:6a:8d:
de:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:5D:AC:BC:AA:BD:34:44:A1:77:86:5A:EE:58:C7:16:57:98:DB:DE
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Fl2svKq9NEShd4Za7ljHFleY294.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:51:5f:73:86:2f:6c:bd:c4:f5:25:65:1f:13:d3:e9:e0:6a:
12:a8:95:84:97:a4:20:e1:aa:1f:47:b9:de:44:91:24:7f:d1:
0a:f8:fd:6f:1e:90:95:9a:e9:a2:71:57:c5:5e:27:8e:ba:cb:
3e:05:77:06:76:8d:f0:bf:fa:be:3c:8a:1a:7a:e6:df:7f:11:
cc:9a:cf:dd:4f:4e:bb:da:8d:09:be:e8:87:c1:41:9a:ab:8d:
d9:92:7e:97:e9:10:cc:e8:55:87:9d:1f:8b:19:07:7b:3d:b6:
71:7e:5d:3e:4e:6e:f2:7d:c6:2f:4f:55:ce:2a:29:c1:96:26:
a5:f3:d8:fe:32:1e:6d:a5:43:a3:a4:7c:02:90:5d:46:73:f5:
fe:19:32:d1:b1:75:39:a4:00:a9:72:90:eb:57:dc:27:cb:87:
18:65:1d:b9:77:92:bd:d5:ab:80:2a:d4:07:54:60:f1:2d:3c:
77:8b:46:33:50:b9:c5:ed:9a:f8:87:aa:23:60:de:8b:9e:3c:
b6:5c:61:21:3b:82:8c:a6:4c:87:e7:82:e0:5a:64:85:25:d6:
06:09:c5:64:ee:86:f9:e4:e1:c5:1f:39:de:b5:32:12:f0:c6:
79:f5:d5:ed:13:9e:c5:72:aa:49:2f:b2:38:fd:78:e3:66:b9:
2c:c3:3c:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9nkSWS7kshjBaxLnTsXXO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTExMTIxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjVkYWNiY2FhYmQzNDQ0YTE3Nzg2NWFlZTU4YzcxNjU3OThkYmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6F4RPXMlw8c9SvFuOU0Ql6MwO4Pv
fgCFv+KR9fGYOlCYKjtiWur4HJfDuOL2nkSkiemBtObQfrA7trZpU0oSaDMrFNIc
IU/moZQCW0cUACamlguOgqerqKv/eJqN2/KY4Dg1ep7JwueM44ZX0manBRi+/LxX
6AYXlY2Ty8Lf0DptHnul/W38aOrkBCl3V4HFYjC2LfDKUZTnSx7eYnPB+v2SOLjg
XwUtWYva1OOZYxWPbFUxLCLkklKkhqauDiu2WLxKypP3pYC4yBc+Qgb15X5Pt/6G
kqxWZpaNBwH4Eh91xmNUp75pvn/CgG6qTnx165xEKrQQpoLIqNWAao3evQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBZdrLyqvTREoXeGWu5YxxZXmNveMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvRmwyc3ZLcTlORVNoZDRaYTdsakhGbGVZMjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHtRX3OGL2y9xPUlZR8T
0+ngahKolYSXpCDhqh9Hud5EkSR/0Qr4/W8ekJWa6aJxV8VeJ466yz4FdwZ2jfC/
+r48ihp65t9/Ecyaz91PTrvajQm+6IfBQZqrjdmSfpfpEMzoVYedH4sZB3s9tnF+
XT5ObvJ9xi9PVc4qKcGWJqXz2P4yHm2lQ6OkfAKQXUZz9f4ZMtGxdTmkAKlykOtX
3CfLhxhlHbl3kr3Vq4Aq1AdUYPEtPHeLRjNQucXtmviHqiNg3ouePLZcYSE7goym
TIfnguBaZIUl1gYJxWTuhvnk4cUfOd61MhLwxnn11e0TnsVyqkkvsjj9eONmuSzD
POM=
-----END CERTIFICATE-----