Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/HqZ2ws00pnlTdDDc1-i4FKS6CDw.roa
File: HqZ2ws00pnlTdDDc1-i4FKS6CDw.roa (raw, json)
Hash identifier: gCoZgwgalQgNPhNugt6B05iMm9aSAkhAThr5TtH5iao=
Subject key identifier: 1E:A6:76:C2:CD:34:A6:79:53:74:30:DC:D7:E8:B8:14:A4:BA:08:3C
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9F952C2E2AA5DAE4F667580D0CF50772
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/HqZ2ws00pnlTdDDc1-i4FKS6CDw.roa
Signing time: Wed 22 May 2024 09:15:04 +0000
ROA not before: Wed 22 May 2024 09:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:95:2c:2e:2a:a5:da:e4:f6:67:58:0d:0c:f5:07:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 22 09:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ea676c2cd34a679537430dcd7e8b814a4ba083c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ff:49:e7:17:08:33:31:f9:0f:79:1e:58:40:
c4:00:c0:62:13:d6:20:1b:10:fd:93:ad:bd:a8:7e:
64:93:5c:fd:1a:32:ef:b5:63:c0:c0:56:49:25:c1:
ff:aa:04:29:aa:e2:7a:9b:19:a7:6b:17:3b:98:53:
c4:2b:5b:8a:3e:3c:76:18:87:39:2f:66:5a:d8:9e:
68:81:23:e9:32:29:16:15:fa:fa:27:9a:b5:23:2d:
bd:32:90:f7:d3:68:fd:76:96:8a:e0:f7:87:41:43:
80:e0:ee:3f:97:06:d0:5f:69:81:47:41:7f:7c:1f:
65:49:99:ee:10:bd:1a:46:78:9d:3e:a3:7e:5d:ed:
e3:ec:3d:6b:e5:95:be:5f:2a:84:8f:0e:55:b5:53:
72:56:b7:2a:e0:1f:88:a8:dc:fe:c3:f3:e6:ba:84:
3b:fe:30:32:af:da:71:e5:a0:03:c7:5f:a5:b9:ae:
b8:b0:93:29:d9:f9:2e:bc:04:bc:10:2e:58:a8:0f:
2a:e7:f6:b3:81:e5:9e:9a:2b:69:fa:d4:2d:06:ac:
96:e1:14:c5:40:16:0f:f6:98:b0:6f:7a:03:97:3b:
b5:84:4d:f7:ce:42:91:87:54:94:26:45:8e:ff:42:
c9:4b:95:14:de:c1:b5:3f:83:bb:0b:77:46:89:d5:
5b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A6:76:C2:CD:34:A6:79:53:74:30:DC:D7:E8:B8:14:A4:BA:08:3C
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/HqZ2ws00pnlTdDDc1-i4FKS6CDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:56:50:fc:72:14:db:ae:f7:8d:9b:04:ab:4c:d9:78:18:97:
25:24:74:48:61:b5:9a:7d:25:14:77:d6:1a:04:99:da:60:eb:
2d:1c:13:d0:95:f8:d0:3e:85:31:65:0d:a5:df:09:37:b4:86:
d5:07:20:d6:7c:79:0b:0a:49:d0:3a:43:51:1d:35:9e:ce:4e:
29:9a:9b:20:88:e3:8c:76:7a:1e:e4:ad:df:58:6e:db:74:50:
5c:4e:98:34:b3:b3:a0:56:34:20:8f:7c:42:57:b7:28:9e:a2:
cf:f5:c8:8e:9e:73:11:e5:67:73:8b:90:95:ed:14:71:da:dd:
cd:42:1b:c2:fc:01:75:8a:3b:0f:78:44:f3:e2:1d:7d:e8:aa:
45:b9:9b:38:c1:2e:c6:08:c6:91:b7:ad:5b:e1:fe:f1:e6:fe:
06:15:81:87:b9:d1:9d:00:ad:75:66:ca:52:3e:a5:d8:e0:72:
86:76:d2:ef:b3:2a:d4:40:88:25:5e:5e:65:80:05:b1:15:40:
a5:c7:75:51:00:fb:77:60:79:8d:41:39:8f:46:1a:df:c4:40:
9e:93:0d:2d:35:83:98:50:81:b8:c1:38:92:5a:f4:06:7e:cb:
8d:93:94:44:e6:f7:e1:1d:88:01:81:d9:1f:16:8c:4c:ee:c1:
b4:14:7d:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+flSwuKqXa5PZnWA0M9QdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIyMDkxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWE2NzZjMmNkMzRhNjc5NTM3NDMwZGNkN2U4YjgxNGE0YmEwODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzv9J5xcIMzH5D3keWEDEAMBiE9Yg
GxD9k629qH5kk1z9GjLvtWPAwFZJJcH/qgQpquJ6mxmnaxc7mFPEK1uKPjx2GIc5
L2Za2J5ogSPpMikWFfr6J5q1Iy29MpD302j9dpaK4PeHQUOA4O4/lwbQX2mBR0F/
fB9lSZnuEL0aRnidPqN+Xe3j7D1r5ZW+XyqEjw5VtVNyVrcq4B+IqNz+w/PmuoQ7
/jAyr9px5aADx1+lua64sJMp2fkuvAS8EC5YqA8q5/azgeWemitp+tQtBqyW4RTF
QBYP9piwb3oDlzu1hE33zkKRh1SUJkWO/0LJS5UU3sG1P4O7C3dGidVb1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB6mdsLNNKZ5U3Qw3NfouBSkugg8MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvSHFaMndzMDBwbmxUZEREYzEtaTRGS1M2Q0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEJWUPxyFNuu942bBKtM
2XgYlyUkdEhhtZp9JRR31hoEmdpg6y0cE9CV+NA+hTFlDaXfCTe0htUHINZ8eQsK
SdA6Q1EdNZ7OTimamyCI44x2eh7krd9Ybtt0UFxOmDSzs6BWNCCPfEJXtyieos/1
yI6ecxHlZ3OLkJXtFHHa3c1CG8L8AXWKOw94RPPiHX3oqkW5mzjBLsYIxpG3rVvh
/vHm/gYVgYe50Z0ArXVmylI+pdjgcoZ20u+zKtRAiCVeXmWABbEVQKXHdVEA+3dg
eY1BOY9GGt/EQJ6TDS01g5hQgbjBOJJa9AZ+y42TlETm9+EdiAGB2R8WjEzuwbQU
fWw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:26:57 2025 by rpki-client