Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/QaeDX-pRgjTpOQW0DKHUJny-B5E.roa
File: QaeDX-pRgjTpOQW0DKHUJny-B5E.roa (raw, json)
Hash identifier: fIKs+K6pR+LkbRjQYAo0yr9b9+ULUyxW/dSGPju67mw=
Subject key identifier: 41:A7:83:5F:EA:51:82:34:E9:39:05:B4:0C:A1:D4:26:7C:BE:07:91
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9EEDA296FB818068D29E7AF94E4634A9
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/QaeDX-pRgjTpOQW0DKHUJny-B5E.roa
Signing time: Wed 22 May 2024 06:12:04 +0000
ROA not before: Wed 22 May 2024 06:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9e:ed:a2:96:fb:81:80:68:d2:9e:7a:f9:4e:46:34:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 22 06:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41a7835fea518234e93905b40ca1d4267cbe0791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:18:bf:f9:03:ee:42:ee:e6:75:75:ff:89:8b:
7b:bd:08:7a:01:4e:6e:e8:14:9f:9c:ca:ef:be:8a:
cb:c3:8f:44:a6:57:c1:87:64:ce:ed:af:2d:18:59:
00:81:7a:40:4e:9d:ec:c1:5c:17:c3:70:70:c7:a7:
22:21:09:20:d8:b7:2d:5c:cd:33:b5:0c:d7:51:15:
48:82:01:a3:72:78:a5:a5:aa:bb:58:5a:7d:d0:24:
c7:e7:65:2d:03:3d:69:33:eb:3a:ce:f9:0c:0b:e0:
dc:86:f5:b9:1a:b7:17:55:6e:da:31:d2:1f:c5:b5:
46:8c:81:05:11:13:9a:68:88:56:71:8b:63:62:91:
c4:2c:a7:41:06:de:77:39:69:68:3d:a5:b5:e8:52:
47:a9:fd:b7:6a:a3:fa:59:77:e7:b0:b1:5e:75:a4:
05:f3:4b:24:43:81:3f:95:58:2f:74:66:b8:ef:f8:
08:48:93:00:1c:fb:cf:51:61:0b:82:a6:c6:fd:c5:
54:7f:75:03:be:58:9d:86:59:d0:ba:13:86:ff:c8:
00:54:14:71:66:b8:6e:91:fb:52:c5:2d:cb:1c:54:
7a:c5:13:b0:63:81:1c:cd:bf:89:fc:6a:b0:a9:c1:
15:87:6b:62:e8:e0:ac:a3:4d:d2:55:35:93:7c:cc:
d5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A7:83:5F:EA:51:82:34:E9:39:05:B4:0C:A1:D4:26:7C:BE:07:91
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/QaeDX-pRgjTpOQW0DKHUJny-B5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:ab:f5:8c:93:e4:e8:f2:ff:cb:d6:3e:77:e3:e7:3a:2b:7d:
43:89:ee:6c:3a:07:07:2e:74:22:26:8b:92:41:02:ca:2e:d3:
eb:3a:4b:51:a1:3f:c2:4b:25:78:d7:5e:08:2c:ef:27:7b:2d:
50:65:e1:fb:2d:f3:43:6d:d0:8b:c0:17:80:cc:ef:35:e1:71:
a3:3f:00:b6:5e:c4:53:42:df:f0:49:b9:94:aa:36:b5:f5:a4:
6f:3b:9b:e4:c6:7a:d8:8e:b5:94:e7:ff:00:a5:da:33:22:f6:
3d:ec:2b:da:39:6a:f0:3f:d6:3b:d5:55:ca:43:0b:1a:2d:51:
85:2b:26:af:38:27:49:11:74:e2:33:af:2e:7d:83:93:b6:3f:
d9:5c:c0:28:42:79:d3:0d:3f:e7:aa:6e:4a:a8:f2:98:51:60:
80:06:6a:59:d3:be:02:70:04:0c:a6:5c:da:fa:3f:cf:b1:3c:
3a:f5:6f:16:51:19:2c:84:e5:4f:5a:e3:a4:40:72:cf:f6:d4:
15:b0:e5:a3:92:29:8e:36:d0:23:bb:88:c0:58:44:3f:42:07:
d5:e4:7f:d6:cc:12:f9:1a:b5:7c:f8:40:a5:99:e2:72:5c:c1:
66:11:9d:04:a2:80:97:ac:f7:cf:33:2e:23:35:27:10:50:62:
f7:d3:53:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+e7aKW+4GAaNKeevlORjSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIyMDYxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE3ODM1ZmVhNTE4MjM0ZTkzOTA1YjQwY2ExZDQyNjdjYmUwNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Bi/+QPuQu7mdXX/iYt7vQh6AU5u
6BSfnMrvvorLw49EplfBh2TO7a8tGFkAgXpATp3swVwXw3Bwx6ciIQkg2LctXM0z
tQzXURVIggGjcnilpaq7WFp90CTH52UtAz1pM+s6zvkMC+DchvW5GrcXVW7aMdIf
xbVGjIEFEROaaIhWcYtjYpHELKdBBt53OWloPaW16FJHqf23aqP6WXfnsLFedaQF
80skQ4E/lVgvdGa47/gISJMAHPvPUWELgqbG/cVUf3UDvlidhlnQuhOG/8gAVBRx
ZrhukftSxS3LHFR6xROwY4Eczb+J/GqwqcEVh2ti6OCso03SVTWTfMzV2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEGng1/qUYI06TkFtAyh1CZ8vgeRMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUWFlRFgtcFJnalRwT1FXMERLSFVKbnktQjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE6r9YyT5Ojy/8vWPnfj
5zorfUOJ7mw6BwcudCImi5JBAsou0+s6S1GhP8JLJXjXXggs7yd7LVBl4fst80Nt
0IvAF4DM7zXhcaM/ALZexFNC3/BJuZSqNrX1pG87m+TGetiOtZTn/wCl2jMi9j3s
K9o5avA/1jvVVcpDCxotUYUrJq84J0kRdOIzry59g5O2P9lcwChCedMNP+eqbkqo
8phRYIAGalnTvgJwBAymXNr6P8+xPDr1bxZRGSyE5U9a46RAcs/21BWw5aOSKY42
0CO7iMBYRD9CB9Xkf9bMEvkatXz4QKWZ4nJcwWYRnQSigJes988zLiM1JxBQYvfT
Uw8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:32 2025 by rpki-client