Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/PiB8azqpdU7kzt4K53rL4_I_kW0.roa
File: PiB8azqpdU7kzt4K53rL4_I_kW0.roa (raw, json)
Hash identifier: +9ngbANZ1/muQPL5WSUIm1ZHjvz/w7lZi3eQQ0sSOsI=
Subject key identifier: 3E:20:7C:6B:3A:A9:75:4E:E4:CE:DE:0A:E7:7A:CB:E3:F2:3F:91:6D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F14F5A2B4621FDE5CAC15456684B3D383
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/PiB8azqpdU7kzt4K53rL4_I_kW0.roa
Signing time: Thu 25 Apr 2024 11:13:13 +0000
ROA not before: Thu 25 Apr 2024 11:13:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:f5:a2:b4:62:1f:de:5c:ac:15:45:66:84:b3:d3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 25 11:13:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e207c6b3aa9754ee4cede0ae77acbe3f23f916d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:75:e2:f7:75:c2:81:6c:86:17:2e:b4:ef:d3:
b2:de:06:8e:78:9d:c4:1a:86:be:56:fc:64:1e:d8:
9d:21:ae:50:3c:7b:8a:a4:43:2b:76:e3:6b:1a:e4:
0d:c4:18:52:92:c0:99:44:dc:13:0a:f9:90:36:74:
6c:3c:81:37:be:bd:58:2c:53:8a:1e:5b:64:a0:7c:
62:40:7d:a5:ab:c4:b7:96:59:58:c9:00:dd:4b:c1:
a1:e4:56:91:4a:99:cf:07:b9:0a:c5:0c:2f:0d:8f:
31:d0:fd:d9:58:34:1f:e8:3c:45:b6:0e:85:a6:df:
af:03:d6:2d:c0:9d:c0:ab:3b:6d:95:98:c6:49:1c:
4b:4b:cd:fa:92:71:de:b1:2a:16:1f:43:05:2f:de:
93:83:ba:4c:94:01:b5:c9:aa:c7:75:fc:d2:1f:b2:
08:15:64:f9:89:6c:f1:58:ba:5c:42:30:a1:63:40:
96:b6:5b:0f:d0:e2:5e:1f:59:c0:b8:c2:9b:96:37:
ff:d3:33:6e:f2:de:b1:75:2c:3d:9b:64:94:01:48:
80:5c:ba:57:61:14:4f:a5:f3:9a:d3:7a:2f:a2:cb:
76:6c:6d:75:4d:56:52:aa:19:6e:17:eb:d8:8d:91:
c6:18:3c:46:01:58:fd:70:15:be:13:04:4c:5d:7d:
6d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:20:7C:6B:3A:A9:75:4E:E4:CE:DE:0A:E7:7A:CB:E3:F2:3F:91:6D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/PiB8azqpdU7kzt4K53rL4_I_kW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
2e:26:7c:9b:cd:cf:27:64:52:d7:f3:9e:15:ce:42:b1:02:23:
b1:bf:b7:ab:a7:03:e8:08:c3:05:3e:58:96:b6:c9:ba:5b:e8:
98:e3:2a:63:77:39:20:27:ed:95:d8:30:a9:af:e3:f0:fa:30:
10:8c:a5:f8:b2:b5:86:8a:6b:62:53:47:1f:5e:4a:d7:21:6a:
d0:1b:6b:9e:e9:50:98:d8:7b:4b:e9:9e:88:08:c8:e5:9b:6d:
c9:e8:93:9c:01:9f:14:84:c3:6b:41:cf:4b:eb:5a:3b:af:9e:
2c:fa:a9:d9:28:29:21:48:75:b0:81:d2:7f:f3:00:7a:bb:ac:
25:ec:ad:16:63:0b:3d:56:89:58:4e:b5:ee:e1:10:a8:12:5f:
c2:c5:76:8d:88:9b:06:c4:fe:79:65:93:d1:30:24:89:24:9f:
5e:f4:c1:d7:64:1b:b4:ec:64:40:9d:ef:77:20:7c:3b:e1:cb:
0d:c5:47:1c:a8:e0:bc:9a:17:8c:f7:79:9f:a7:c1:8f:41:ad:
45:29:c1:f3:42:66:46:30:d8:b9:17:9c:6e:c3:c6:d6:31:ca:
9a:dd:b4:e3:2c:e7:64:85:36:1e:67:f9:22:8c:cc:29:0b:9d:
ae:6b:f3:d1:f8:68:69:18:11:76:6e:fe:0b:6f:fb:7c:6b:76:
31:95:73:3e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8U9aK0Yh/eXKwVRWaEs9ODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI1MTExMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTIwN2M2YjNhYTk3NTRlZTRjZWRlMGFlNzdhY2JlM2YyM2Y5MTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXXi93XCgWyGFy6079Oy3gaOeJ3E
Goa+VvxkHtidIa5QPHuKpEMrduNrGuQNxBhSksCZRNwTCvmQNnRsPIE3vr1YLFOK
HltkoHxiQH2lq8S3lllYyQDdS8Gh5FaRSpnPB7kKxQwvDY8x0P3ZWDQf6DxFtg6F
pt+vA9YtwJ3AqzttlZjGSRxLS836knHesSoWH0MFL96Tg7pMlAG1yarHdfzSH7II
FWT5iWzxWLpcQjChY0CWtlsP0OJeH1nAuMKbljf/0zNu8t6xdSw9m2SUAUiAXLpX
YRRPpfOa03ovost2bG11TVZSqhluF+vYjZHGGDxGAVj9cBW+EwRMXX1t9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD4gfGs6qXVO5M7eCud6y+PyP5FtMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUGlCOGF6cXBkVTdrenQ0SzUzckw0X0lfa1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQAuJnyb
zc8nZFLX854VzkKxAiOxv7erpwPoCMMFPliWtsm6W+iY4ypjdzkgJ+2V2DCpr+Pw
+jAQjKX4srWGimtiU0cfXkrXIWrQG2ue6VCY2HtL6Z6ICMjlm23J6JOcAZ8UhMNr
Qc9L61o7r54s+qnZKCkhSHWwgdJ/8wB6u6wl7K0WYws9VolYTrXu4RCoEl/CxXaN
iJsGxP55ZZPRMCSJJJ9e9MHXZBu07GRAne93IHw74csNxUccqOC8mheM93mfp8GP
Qa1FKcHzQmZGMNi5F5xuw8bWMcqa3bTjLOdkhTYeZ/kijMwpC52ua/PR+GhpGBF2
bv4Lb/t8a3YxlXM+
-----END CERTIFICATE-----
Generated at Fri Jun 13 01:39:05 2025 by rpki-client