Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Qd0AJw8DkiDQQ3hguRVYwtkDxD4.roa
File: Qd0AJw8DkiDQQ3hguRVYwtkDxD4.roa (raw, json)
Hash identifier: JU/JEyNx0QlMOA88hsIYnB6xSJFLytPU7swLbIJPMcM=
Subject key identifier: 41:DD:00:27:0F:03:92:20:D0:43:78:60:B9:15:58:C2:D9:03:C4:3E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F21652217DC807DA34BB31D6CF9B4E3F0
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Qd0AJw8DkiDQQ3hguRVYwtkDxD4.roa
Signing time: Sat 27 Apr 2024 21:10:26 +0000
ROA not before: Sat 27 Apr 2024 21:10:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:21:65:22:17:dc:80:7d:a3:4b:b3:1d:6c:f9:b4:e3:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 27 21:10:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41dd00270f039220d0437860b91558c2d903c43e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4e:ae:b0:6e:db:05:30:fa:81:55:c6:3f:64:
3a:bc:7b:99:e0:2a:1b:0e:6d:c6:87:e9:88:95:9a:
39:31:77:e7:ab:a8:3d:bc:4d:c3:1d:3c:6e:4c:5f:
d9:04:ae:1c:ed:d2:60:c8:b5:15:d9:58:73:2a:15:
4b:77:a3:3c:f1:1f:0b:c7:5e:31:b2:fe:67:4b:f0:
39:84:a9:13:08:cf:cc:71:b9:4b:c1:05:ff:09:5b:
89:05:3c:a9:7e:35:51:ad:0b:0c:d3:c2:94:c4:b1:
71:d5:65:2b:5f:35:28:2b:1f:3d:46:22:0a:db:88:
74:31:55:31:ac:23:04:5a:fe:5e:11:d5:7f:16:a0:
b5:ad:e1:c1:43:ab:77:b3:b3:73:e1:ab:0b:88:56:
ea:fe:73:e4:4f:93:60:fc:22:24:71:85:21:06:1c:
58:28:9d:f3:71:d9:7a:98:06:35:f4:55:f6:71:75:
6e:4e:d9:57:f1:15:ab:90:50:25:ac:51:e5:e5:47:
3e:5a:08:71:a6:50:60:13:91:64:35:b7:c0:08:9c:
6a:48:5c:f9:17:ed:10:16:47:d2:b0:e4:5f:0d:d9:
63:35:3f:55:4d:82:1d:b6:9e:a1:d1:2d:dc:8a:d8:
38:81:04:06:f2:74:80:ad:d4:13:0b:12:98:52:a8:
bd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:DD:00:27:0F:03:92:20:D0:43:78:60:B9:15:58:C2:D9:03:C4:3E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Qd0AJw8DkiDQQ3hguRVYwtkDxD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
37:69:6a:66:e1:4e:ff:dd:f0:3d:2d:26:b4:3b:99:77:0a:a8:
a7:51:cf:24:fd:75:da:20:69:19:5e:11:ec:b3:7c:c7:a9:e3:
a3:51:94:b9:83:5b:05:9a:40:da:6d:b0:25:29:ae:70:22:b0:
49:5e:eb:3d:c0:8a:2d:6e:c9:1e:d9:4a:fc:1e:4a:66:3e:44:
81:a4:dd:ff:d7:a5:cf:29:31:ff:a2:18:b0:87:56:e9:e5:7f:
2a:23:56:f0:4d:42:f7:57:2c:e5:55:97:b6:07:c0:d4:4b:db:
10:38:aa:b2:51:0d:6d:d1:42:88:8c:c9:4c:fe:28:9e:1c:28:
99:74:b4:47:91:2e:49:aa:90:5c:dc:ed:91:29:ee:2f:61:e6:
24:44:33:ac:25:4f:b0:3d:10:bd:e3:08:47:f1:65:54:79:d6:
6c:9d:61:cd:50:00:82:fc:22:b3:e2:40:ef:ee:3b:2c:70:c6:
4d:17:bb:61:ce:31:7f:4b:44:40:4d:b1:d0:01:d2:ea:e2:23:
97:49:83:54:30:7f:65:21:0c:b2:1f:af:fb:78:3a:7f:4f:1b:
87:5c:ad:59:fe:1f:ab:ea:e8:e8:6b:e3:7c:22:c5:a3:0f:f7:
88:4b:8d:4d:70:9f:9e:1b:b8:4b:79:53:4d:b9:81:ff:ad:fc:
84:fc:e6:c6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8hZSIX3IB9o0uzHWz5tOPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI3MjExMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWRkMDAyNzBmMDM5MjIwZDA0Mzc4NjBiOTE1NThjMmQ5MDNjNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE6usG7bBTD6gVXGP2Q6vHuZ4Cob
Dm3Gh+mIlZo5MXfnq6g9vE3DHTxuTF/ZBK4c7dJgyLUV2VhzKhVLd6M88R8Lx14x
sv5nS/A5hKkTCM/McblLwQX/CVuJBTypfjVRrQsM08KUxLFx1WUrXzUoKx89RiIK
24h0MVUxrCMEWv5eEdV/FqC1reHBQ6t3s7Nz4asLiFbq/nPkT5Ng/CIkcYUhBhxY
KJ3zcdl6mAY19FX2cXVuTtlX8RWrkFAlrFHl5Uc+WghxplBgE5FkNbfACJxqSFz5
F+0QFkfSsORfDdljNT9VTYIdtp6h0S3citg4gQQG8nSArdQTCxKYUqi9zQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEHdACcPA5Ig0EN4YLkVWMLZA8Q+MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUWQwQUp3OERraURRUTNoZ3VSVll3dGtEeEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQA3aWpm
4U7/3fA9LSa0O5l3CqinUc8k/XXaIGkZXhHss3zHqeOjUZS5g1sFmkDabbAlKa5w
IrBJXus9wIotbske2Ur8HkpmPkSBpN3/16XPKTH/ohiwh1bp5X8qI1bwTUL3Vyzl
VZe2B8DUS9sQOKqyUQ1t0UKIjMlM/iieHCiZdLRHkS5JqpBc3O2RKe4vYeYkRDOs
JU+wPRC94whH8WVUedZsnWHNUACC/CKz4kDv7jsscMZNF7thzjF/S0RATbHQAdLq
4iOXSYNUMH9lIQyyH6/7eDp/TxuHXK1Z/h+r6ujoa+N8IsWjD/eIS41NcJ+eG7hL
eVNNuYH/rfyE/ObG
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:49:25 2025 by rpki-client