Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/IrUdD0NToIL18rNozp0kkbC5iDY.roa
File: IrUdD0NToIL18rNozp0kkbC5iDY.roa (raw, json)
Hash identifier: kNJthpyTpZnzzoZxQffqiQEmPtSovSCddrZTzTxwA58=
Subject key identifier: 22:B5:1D:0F:43:53:A0:82:F5:F2:B3:68:CE:9D:24:91:B0:B9:88:36
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F58FC8BF8C71B9099B75C0FF747882882
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/IrUdD0NToIL18rNozp0kkbC5iDY.roa
Signing time: Wed 08 May 2024 16:14:56 +0000
ROA not before: Wed 08 May 2024 16:14:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:fc:8b:f8:c7:1b:90:99:b7:5c:0f:f7:47:88:28:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 8 16:14:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22b51d0f4353a082f5f2b368ce9d2491b0b98836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:91:8e:09:51:33:07:91:54:d4:b7:5e:03:e8:
e4:52:87:ac:07:66:71:60:da:34:6b:0d:b0:aa:ac:
bf:8c:08:86:df:20:bb:9a:8c:9b:20:4e:3b:38:36:
32:ce:1e:d8:14:39:eb:da:e8:1b:3f:78:07:24:d6:
f2:e3:fb:08:72:bd:95:42:24:f6:eb:01:66:64:ba:
d1:0f:3e:a8:55:32:dc:e8:f4:e1:d9:40:03:f2:5e:
c4:28:59:8a:28:d9:09:99:bb:c0:b3:41:bc:ec:57:
ba:ca:4e:75:71:b5:f6:48:bb:d5:50:08:aa:13:0e:
5c:6f:d5:4d:a4:0c:32:9b:e0:63:65:67:22:5a:82:
21:08:d1:6f:28:0f:0a:45:9b:ab:f1:db:9b:c7:6f:
62:2c:1e:d6:d9:8a:60:0c:d5:38:b7:a5:9e:72:2f:
20:34:88:18:aa:60:17:84:b7:4e:20:ba:96:7d:48:
fb:d9:ed:1b:4f:bc:fc:fc:eb:ce:8c:6a:f6:bd:93:
dc:4d:91:40:ac:b4:bc:df:85:fe:1a:e1:ea:cd:d0:
20:57:df:6f:f3:2e:e7:35:6e:dd:8a:9e:f1:d2:c5:
34:67:e2:d0:2b:aa:6c:0a:9e:6d:2b:fb:8e:be:af:
9a:91:ed:48:ce:4d:6d:8b:cb:86:f3:53:63:cf:5d:
f8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B5:1D:0F:43:53:A0:82:F5:F2:B3:68:CE:9D:24:91:B0:B9:88:36
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/IrUdD0NToIL18rNozp0kkbC5iDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:69:f7:99:74:72:ee:08:18:4a:ce:57:21:7e:a9:82:da:bc:
09:f9:5d:44:58:4a:a1:de:92:cb:03:f7:26:60:ab:45:33:02:
61:5a:20:d9:b2:69:cf:2d:ca:51:37:1b:07:4e:02:f3:0a:58:
16:a7:c7:d8:42:9a:cb:21:a8:bf:ba:06:c0:ae:9e:95:75:06:
f7:7a:80:6b:a1:e0:c5:47:b1:ac:ab:32:b2:33:f2:06:e8:13:
57:ca:c0:62:34:98:a5:92:be:a3:5a:c1:5f:51:79:28:5f:2f:
d7:50:4c:a1:18:fa:7f:4e:42:ef:99:e0:07:64:cb:c5:85:58:
c1:be:81:a0:49:e5:d7:c7:6e:72:37:22:95:7e:00:0a:58:21:
29:5a:3c:5e:12:be:59:75:59:3e:1f:a6:e8:d3:8d:d5:67:f7:
ae:60:45:84:5b:5a:4f:08:67:2a:a4:af:b4:6b:c4:35:2b:83:
b7:e2:ae:52:03:6a:78:bf:46:94:38:f9:c3:ee:ba:8a:b4:7f:
ee:9f:ee:24:50:2e:87:a4:69:e2:4a:ff:6a:1a:52:fa:3f:42:
f5:f4:97:00:86:b8:ee:34:c7:55:61:f8:71:5a:30:54:84:ed:
75:e9:0e:34:c5:7d:56:a9:03:d6:1b:ce:f3:1b:ec:bc:17:d7:
ea:38:d7:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9Y/Iv4xxuQmbdcD/dHiCiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA4MTYxNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmI1MWQwZjQzNTNhMDgyZjVmMmIzNjhjZTlkMjQ5MWIwYjk4ODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpGOCVEzB5FU1LdeA+jkUoesB2Zx
YNo0aw2wqqy/jAiG3yC7moybIE47ODYyzh7YFDnr2ugbP3gHJNby4/sIcr2VQiT2
6wFmZLrRDz6oVTLc6PTh2UAD8l7EKFmKKNkJmbvAs0G87Fe6yk51cbX2SLvVUAiq
Ew5cb9VNpAwym+BjZWciWoIhCNFvKA8KRZur8dubx29iLB7W2YpgDNU4t6Weci8g
NIgYqmAXhLdOILqWfUj72e0bT7z8/OvOjGr2vZPcTZFArLS834X+GuHqzdAgV99v
8y7nNW7dip7x0sU0Z+LQK6psCp5tK/uOvq+ake1Izk1ti8uG81Njz1348wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCK1HQ9DU6CC9fKzaM6dJJGwuYg2MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvSXJVZEQwTlRvSUwxOHJOb3pwMGtrYkM1aURZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHNp95l0cu4IGErOVyF+
qYLavAn5XURYSqHekssD9yZgq0UzAmFaINmyac8tylE3GwdOAvMKWBanx9hCmssh
qL+6BsCunpV1Bvd6gGuh4MVHsayrMrIz8gboE1fKwGI0mKWSvqNawV9ReShfL9dQ
TKEY+n9OQu+Z4Adky8WFWMG+gaBJ5dfHbnI3IpV+AApYISlaPF4Svll1WT4fpujT
jdVn965gRYRbWk8IZyqkr7RrxDUrg7firlIDani/RpQ4+cPuuoq0f+6f7iRQLoek
aeJK/2oaUvo/QvX0lwCGuO40x1Vh+HFaMFSE7XXpDjTFfVapA9YbzvMb7LwX1+o4
140=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:34:11 2025 by rpki-client