Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Qm8y6yhpbYHqwwhHJ1VNeCW8sxc.roa
File: Qm8y6yhpbYHqwwhHJ1VNeCW8sxc.roa (raw, json)
Hash identifier: wcvNucAHo+sxE2wsHxtetfqpFD3+nupF4Y8o4aK0zow=
Subject key identifier: 42:6F:32:EB:28:69:6D:81:EA:C3:08:47:27:55:4D:78:25:BC:B3:17
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8A5432205126EAD9C4E22A8E5F310F87
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Qm8y6yhpbYHqwwhHJ1VNeCW8sxc.roa
Signing time: Sat 18 May 2024 06:12:04 +0000
ROA not before: Sat 18 May 2024 06:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8a:54:32:20:51:26:ea:d9:c4:e2:2a:8e:5f:31:0f:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 18 06:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=426f32eb28696d81eac3084727554d7825bcb317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d6:95:0a:16:32:a4:0f:58:10:2a:c6:26:e3:
e5:01:e5:0b:18:ef:9a:b8:58:b5:04:56:22:a1:db:
63:22:59:0b:44:82:e0:27:7e:8a:73:a7:24:e5:d8:
92:03:56:9c:59:53:12:0b:0e:3e:9d:18:83:3f:b4:
10:11:2d:7d:d9:17:77:e6:3b:64:0a:e6:b4:61:5c:
b0:f1:d0:b6:3f:01:c1:6e:69:8f:f2:6a:c1:a3:ad:
d9:23:58:70:21:0a:4a:a9:40:51:bc:d7:d5:9b:f7:
72:24:bd:3b:9d:88:da:2b:d0:1e:1a:ea:2a:52:8d:
e4:3c:09:22:92:77:7e:be:3a:d8:22:97:ab:46:2a:
64:34:33:a3:cd:17:5e:1f:f2:d6:49:ab:02:b0:27:
78:56:64:e7:05:0b:b9:7d:d2:ab:30:d5:88:b0:b2:
f1:2e:ce:af:a9:ac:f1:20:ee:b0:23:d3:4f:b8:6c:
36:67:cb:08:26:a2:af:c8:86:7c:43:14:6a:e0:9e:
e0:ed:2b:80:bc:65:6b:3c:76:af:7a:55:0d:64:3a:
81:2e:75:bb:df:f9:ec:5e:21:67:7f:05:19:2f:ee:
96:38:73:5e:70:86:11:5d:3f:9a:2f:f5:bd:c9:38:
e0:f7:8e:00:4f:9c:61:31:f2:9b:98:2c:da:a3:35:
da:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:6F:32:EB:28:69:6D:81:EA:C3:08:47:27:55:4D:78:25:BC:B3:17
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Qm8y6yhpbYHqwwhHJ1VNeCW8sxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:07:03:4b:5c:ca:45:b0:3c:02:c4:5c:20:17:fa:d8:df:7d:
6c:06:63:e2:b2:62:fb:ce:1b:6a:31:78:a7:a3:d0:61:63:5b:
ee:a5:8c:56:5d:57:d9:bc:cc:37:df:78:8e:1f:06:76:79:96:
ae:fb:fc:f0:d2:c8:ff:00:e9:c9:07:ff:f5:15:8e:ab:0b:de:
50:8f:2c:9c:b6:c0:23:83:17:1e:7b:ef:cd:3e:19:fc:5d:b7:
a0:bf:f4:d9:ab:55:63:39:bf:da:37:e7:a5:b9:96:9f:2d:fe:
79:94:46:18:78:6a:8d:1a:ca:0d:73:5d:c6:5f:fe:dc:24:aa:
3d:26:17:14:06:41:a9:ff:be:a7:d4:62:a6:da:04:bf:65:76:
42:c6:e6:53:23:e9:9c:c5:32:cd:4b:0d:94:68:68:7f:6b:3d:
91:5a:7b:5f:9b:ed:af:43:16:17:77:84:58:96:cc:06:7e:3c:
43:de:0b:8b:ae:7b:0c:ca:dd:9f:0d:9c:80:70:84:dd:4c:28:
c9:de:f9:91:be:67:94:d8:b0:a0:6c:00:e6:df:e2:62:81:47:
b1:08:65:a5:6f:8b:f8:97:09:30:9d:82:24:d1:a1:67:47:aa:
d2:75:7a:e5:6b:66:55:53:26:4c:e8:e6:95:eb:87:a2:8b:4b:
e7:12:01:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+KVDIgUSbq2cTiKo5fMQ+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE4MDYxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjZmMzJlYjI4Njk2ZDgxZWFjMzA4NDcyNzU1NGQ3ODI1YmNiMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtaVChYypA9YECrGJuPlAeULGO+a
uFi1BFYiodtjIlkLRILgJ36Kc6ck5diSA1acWVMSCw4+nRiDP7QQES192Rd35jtk
Cua0YVyw8dC2PwHBbmmP8mrBo63ZI1hwIQpKqUBRvNfVm/dyJL07nYjaK9AeGuoq
Uo3kPAkiknd+vjrYIperRipkNDOjzRdeH/LWSasCsCd4VmTnBQu5fdKrMNWIsLLx
Ls6vqazxIO6wI9NPuGw2Z8sIJqKvyIZ8QxRq4J7g7SuAvGVrPHavelUNZDqBLnW7
3/nsXiFnfwUZL+6WOHNecIYRXT+aL/W9yTjg944AT5xhMfKbmCzaozXaDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEJvMusoaW2B6sMIRydVTXglvLMXMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUW04eTZ5aHBiWUhxd3doSEoxVk5lQ1c4c3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEUHA0tcykWwPALEXCAX
+tjffWwGY+KyYvvOG2oxeKej0GFjW+6ljFZdV9m8zDffeI4fBnZ5lq77/PDSyP8A
6ckH//UVjqsL3lCPLJy2wCODFx57780+Gfxdt6C/9NmrVWM5v9o356W5lp8t/nmU
Rhh4ao0ayg1zXcZf/twkqj0mFxQGQan/vqfUYqbaBL9ldkLG5lMj6ZzFMs1LDZRo
aH9rPZFae1+b7a9DFhd3hFiWzAZ+PEPeC4uuewzK3Z8NnIBwhN1MKMne+ZG+Z5TY
sKBsAObf4mKBR7EIZaVvi/iXCTCdgiTRoWdHqtJ1euVrZlVTJkzo5pXrh6KLS+cS
AQ0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:42 2025 by rpki-client