Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/IdMi0iujWx4pjw1fKhhLf-P6upI.roa
File: IdMi0iujWx4pjw1fKhhLf-P6upI.roa (raw, json)
Hash identifier: d2o6sJDAUrXV0ad1qfr4ZH4qvhOlbp8jkJ3iZSfwOSM=
Subject key identifier: 21:D3:22:D2:2B:A3:5B:1E:29:8F:0D:5F:2A:18:4B:7F:E3:FA:BA:92
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F65D349BBFE06D95A72807432113EE9DC
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/IdMi0iujWx4pjw1fKhhLf-P6upI.roa
Signing time: Sat 11 May 2024 04:04:56 +0000
ROA not before: Sat 11 May 2024 04:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:65d2:c3bb/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:65:d3:49:bb:fe:06:d9:5a:72:80:74:32:11:3e:e9:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 11 04:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21d322d22ba35b1e298f0d5f2a184b7fe3faba92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5d:d7:9f:b7:c5:1e:d3:39:aa:c0:76:47:6f:
c4:72:14:fc:46:92:1e:af:f0:c3:52:aa:d3:ea:fe:
3e:92:15:e4:4e:be:4f:27:e7:8d:e4:db:cc:f2:7e:
e3:86:89:4d:a8:b1:73:2f:6d:0d:24:5f:9f:ac:cc:
41:44:32:d6:37:0d:2b:d7:1f:ab:c2:56:9f:8c:63:
9c:b6:55:62:10:84:fd:0a:81:51:17:06:53:98:a7:
62:d7:1f:09:b7:23:a4:06:53:a3:c4:6b:49:a2:3e:
3b:94:39:b0:87:3b:21:3e:b8:e6:22:6f:e1:ea:67:
49:69:02:a0:bd:17:cc:57:86:52:7b:e1:f8:1a:fd:
75:df:f3:18:d4:e4:77:81:ba:36:a3:1e:69:a6:08:
32:22:ff:61:6e:77:fb:5c:12:5c:5d:26:b8:84:55:
60:4e:9e:ba:58:f6:70:a2:98:4e:ca:2c:9a:7d:46:
f7:b4:08:8d:79:ac:a4:0e:80:7a:46:43:9d:e6:23:
54:6a:ee:31:0a:fb:4c:8e:4c:a8:74:58:dc:54:5b:
57:9e:d1:6e:fa:97:0f:be:f0:2e:f7:99:77:be:51:
03:a2:62:96:ca:20:d5:d3:4f:75:cf:73:ca:17:61:
4d:98:68:39:d1:02:58:ef:56:94:17:33:c0:7a:09:
1a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D3:22:D2:2B:A3:5B:1E:29:8F:0D:5F:2A:18:4B:7F:E3:FA:BA:92
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/IdMi0iujWx4pjw1fKhhLf-P6upI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bb:59:3e:59:a4:7f:0d:45:57:29:37:16:5f:6c:41:ba:61:95:
3c:b1:e7:b6:72:5f:61:4c:6c:90:a4:ca:55:68:05:59:0f:71:
3e:49:66:bb:90:b0:b1:66:34:0e:87:f5:e4:4e:b3:09:36:b1:
32:79:70:57:fd:7a:e5:e8:89:44:5e:21:20:5b:69:3b:13:b9:
d5:6e:20:89:bb:0b:0a:ae:49:3e:6f:53:50:79:db:5b:8d:a1:
5e:5d:a8:df:ed:fe:0d:2d:7e:b7:68:47:69:b0:21:4c:c6:6e:
ba:4f:65:ed:58:43:02:30:d3:cf:8a:79:00:41:4a:c0:ad:80:
67:1b:0d:d0:6e:40:80:c8:09:67:e1:ff:a5:2b:24:b5:27:5e:
90:8e:ea:46:c4:c0:cb:ec:a6:b5:82:ec:34:f7:ce:d3:0e:22:
95:ee:fc:5f:56:c1:c6:b1:42:53:13:90:5d:83:f2:76:ab:4b:
4e:be:6d:f4:8d:b0:c6:8b:63:d1:d0:17:6d:c2:3c:d9:9e:6b:
56:5b:30:86:1a:87:b1:48:d1:fe:a3:f5:ed:e3:e8:01:03:3c:
ea:2f:a2:43:a7:06:3c:19:2e:48:13:d8:79:d1:10:43:89:16:
2c:42:11:3f:7f:8b:a3:19:cb:df:92:fd:0d:e2:35:a1:25:98:
27:c4:c9:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9l00m7/gbZWnKAdDIRPuncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTExMDQwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQzMjJkMjJiYTM1YjFlMjk4ZjBkNWYyYTE4NGI3ZmUzZmFiYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV3Xn7fFHtM5qsB2R2/EchT8RpIe
r/DDUqrT6v4+khXkTr5PJ+eN5NvM8n7jholNqLFzL20NJF+frMxBRDLWNw0r1x+r
wlafjGOctlViEIT9CoFRFwZTmKdi1x8JtyOkBlOjxGtJoj47lDmwhzshPrjmIm/h
6mdJaQKgvRfMV4ZSe+H4Gv113/MY1OR3gbo2ox5ppggyIv9hbnf7XBJcXSa4hFVg
Tp66WPZwophOyiyafUb3tAiNeaykDoB6RkOd5iNUau4xCvtMjkyodFjcVFtXntFu
+pcPvvAu95l3vlEDomKWyiDV0091z3PKF2FNmGg50QJY71aUFzPAegkaqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCHTItIro1seKY8NXyoYS3/j+rqSMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvSWRNaTBpdWpXeDRwancxZktoaExmLVA2dXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALtZPlmkfw1FVyk3Fl9s
QbphlTyx57ZyX2FMbJCkylVoBVkPcT5JZruQsLFmNA6H9eROswk2sTJ5cFf9euXo
iUReISBbaTsTudVuIIm7CwquST5vU1B521uNoV5dqN/t/g0tfrdoR2mwIUzGbrpP
Ze1YQwIw08+KeQBBSsCtgGcbDdBuQIDICWfh/6UrJLUnXpCO6kbEwMvsprWC7DT3
ztMOIpXu/F9WwcaxQlMTkF2D8narS06+bfSNsMaLY9HQF23CPNmea1ZbMIYah7FI
0f6j9e3j6AEDPOovokOnBjwZLkgT2HnREEOJFixCET9/i6MZy9+S/Q3iNaElmCfE
yag=
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:43:28 2025 by rpki-client