Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/S0zYw4r_hvT9W3LYgaiiqTaHXsI.roa
File: S0zYw4r_hvT9W3LYgaiiqTaHXsI.roa (raw, json)
Hash identifier: oyGcbJhAl6GEP908qidOvhPHGTM8Mc7k4+WlnU+tCD0=
Subject key identifier: 4B:4C:D8:C3:8A:FF:86:F4:FD:5B:72:D8:81:A8:A2:A9:36:87:5E:C2
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F4685ACFBAA8A0568132B2A5A28C1B9D7
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/S0zYw4r_hvT9W3LYgaiiqTaHXsI.roa
Signing time: Sun 05 May 2024 02:11:56 +0000
ROA not before: Sun 05 May 2024 02:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:46:85:ac:fb:aa:8a:05:68:13:2b:2a:5a:28:c1:b9:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 5 02:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b4cd8c38aff86f4fd5b72d881a8a2a936875ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b4:d2:0f:18:80:3e:47:67:ff:30:83:99:ba:
cf:cc:a5:f5:65:d2:c8:44:02:94:f4:86:93:4e:7d:
06:c3:41:90:1f:b8:94:d2:c7:26:bc:87:cc:45:64:
e5:3d:61:47:50:39:5c:3f:14:33:29:0e:5e:a6:81:
97:19:d8:96:96:95:c8:ca:81:a2:9d:85:07:51:33:
8e:34:51:c9:8e:a7:60:9a:1d:80:40:f3:9d:7d:fd:
45:06:1c:5d:5a:59:ac:9c:f5:d6:28:32:5e:99:f1:
7c:49:e5:6a:e1:25:ec:a8:b6:1d:6d:0a:bb:a6:48:
37:b3:dd:dc:16:60:f7:f2:89:25:d8:c1:0a:8d:cf:
e3:ec:8f:1c:e3:17:c8:f9:68:d5:c4:c9:b1:d2:09:
ab:c0:d9:cf:97:7f:e0:2d:bc:a2:e7:cc:69:5f:5e:
3f:09:83:11:4a:43:38:2a:08:80:f8:51:b7:67:88:
54:fd:af:7b:50:ed:3e:f3:7e:35:cf:68:4b:d9:bd:
c5:f1:3d:69:7e:93:17:86:39:e0:2c:13:41:64:78:
5e:7c:e1:3e:c2:a3:5f:15:86:f3:c9:fe:34:4b:99:
d9:f0:36:78:88:41:df:4c:04:42:ec:d1:6a:cb:dd:
64:52:84:2e:cd:94:4b:4a:6d:2e:41:96:c9:67:3a:
0f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:4C:D8:C3:8A:FF:86:F4:FD:5B:72:D8:81:A8:A2:A9:36:87:5E:C2
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/S0zYw4r_hvT9W3LYgaiiqTaHXsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:34:6e:18:b6:65:d6:c6:88:ba:e3:36:9b:89:5d:dd:1b:28:
1c:16:57:94:6a:ff:a5:5d:b6:44:b2:85:c6:c8:f9:40:05:de:
6f:28:69:14:03:00:8d:f2:3a:37:59:53:59:5e:ae:43:48:b9:
0d:01:32:4f:a1:ae:97:ef:cc:91:c8:52:ed:1b:2a:39:70:5c:
66:51:40:d2:af:38:fb:fb:55:35:2f:1a:b2:cc:1b:35:56:81:
be:5a:ee:83:17:f6:28:d0:dd:1d:92:db:e0:6a:8b:4a:bd:98:
ca:48:95:22:a7:79:5a:b3:ef:14:d2:b8:e9:98:d3:ca:c1:9c:
24:19:ff:de:c9:a4:2f:f6:b2:5d:92:b9:20:bd:c9:a5:1c:b5:
95:1b:bc:f1:3a:a9:b7:18:d9:23:e7:61:04:4d:ca:82:e3:8f:
a8:6a:50:03:8d:ae:b0:a1:40:f7:c4:89:18:cb:1d:f5:fb:2e:
e7:f2:02:7d:42:ae:a4:ff:f2:42:cd:9a:db:10:9d:fe:e8:14:
46:3d:60:0a:01:95:85:70:9a:16:5a:fe:da:50:48:a3:d3:34:
6c:b6:5d:07:c9:a4:52:01:03:b3:0d:07:b5:f4:cc:c7:3d:64:
de:4d:e9:3e:7c:fc:c9:f8:5c:93:77:50:e7:e6:0b:ba:29:75:
27:19:70:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9Ghaz7qooFaBMrKloowbnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA1MDIxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjRjZDhjMzhhZmY4NmY0ZmQ1YjcyZDg4MWE4YTJhOTM2ODc1ZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLTSDxiAPkdn/zCDmbrPzKX1ZdLI
RAKU9IaTTn0Gw0GQH7iU0scmvIfMRWTlPWFHUDlcPxQzKQ5epoGXGdiWlpXIyoGi
nYUHUTOONFHJjqdgmh2AQPOdff1FBhxdWlmsnPXWKDJemfF8SeVq4SXsqLYdbQq7
pkg3s93cFmD38okl2MEKjc/j7I8c4xfI+WjVxMmx0gmrwNnPl3/gLbyi58xpX14/
CYMRSkM4KgiA+FG3Z4hU/a97UO0+8341z2hL2b3F8T1pfpMXhjngLBNBZHhefOE+
wqNfFYbzyf40S5nZ8DZ4iEHfTARC7NFqy91kUoQuzZRLSm0uQZbJZzoPXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEtM2MOK/4b0/Vty2IGooqk2h17CMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUzB6WXc0cl9odlQ5VzNMWWdhaWlxVGFIWHNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEI0bhi2ZdbGiLrjNpuJ
Xd0bKBwWV5Rq/6VdtkSyhcbI+UAF3m8oaRQDAI3yOjdZU1lerkNIuQ0BMk+hrpfv
zJHIUu0bKjlwXGZRQNKvOPv7VTUvGrLMGzVWgb5a7oMX9ijQ3R2S2+Bqi0q9mMpI
lSKneVqz7xTSuOmY08rBnCQZ/97JpC/2sl2SuSC9yaUctZUbvPE6qbcY2SPnYQRN
yoLjj6hqUAONrrChQPfEiRjLHfX7LufyAn1CrqT/8kLNmtsQnf7oFEY9YAoBlYVw
mhZa/tpQSKPTNGy2XQfJpFIBA7MNB7X0zMc9ZN5N6T58/Mn4XJN3UOfmC7opdScZ
cP8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:33:06 2025 by rpki-client