Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Vl2nB4ADzsGDOu8uu253p9ODwKE.roa
File: Vl2nB4ADzsGDOu8uu253p9ODwKE.roa (raw, json)
Hash identifier: BMMOaaH7ctkhnI4ZIvFttgFXZKqfKLa8txUUCFJ/OTw=
Subject key identifier: 56:5D:A7:07:80:03:CE:C1:83:3A:EF:2E:BB:6E:77:A7:D3:83:C0:A1
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA8970CB9FF263F5620C369367B4716D5
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Vl2nB4ADzsGDOu8uu253p9ODwKE.roa
Signing time: Fri 24 May 2024 03:13:42 +0000
ROA not before: Fri 24 May 2024 03:13:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a8:97:0c:b9:ff:26:3f:56:20:c3:69:36:7b:47:16:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 24 03:13:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=565da7078003cec1833aef2ebb6e77a7d383c0a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e6:86:fe:aa:85:e9:98:cc:b5:eb:b7:68:d6:
01:fc:ab:70:f8:b9:17:d6:3a:c2:54:ae:2e:79:11:
8a:7d:c3:5a:72:7d:17:05:f3:e5:f6:e0:4d:23:b9:
bc:ad:6d:4b:b0:47:05:02:e0:2a:3f:4e:5c:7f:c9:
18:76:35:2f:0b:28:15:58:1e:62:60:9c:ab:06:3c:
c2:cd:31:a9:aa:a5:ed:40:5a:c3:34:b4:7c:08:b2:
3f:4b:c4:cc:da:dc:63:d1:74:37:a5:2f:33:f1:2f:
ff:80:b5:8b:68:f3:03:f3:29:29:d0:73:7c:32:7f:
02:58:0d:e5:95:87:be:a3:78:c9:f7:df:70:fa:8b:
1c:35:2d:c1:a3:36:fa:21:72:c4:24:0d:24:2f:5d:
ac:7f:6f:50:c1:dc:e0:cb:c8:0c:d8:e1:ef:70:22:
70:0d:13:36:d7:47:bd:c8:18:58:c8:30:0f:11:8c:
cf:50:c7:e0:c5:12:d6:9d:b0:5d:8c:57:8f:eb:1f:
3e:12:e5:ce:b4:1a:46:27:7b:88:63:8e:8c:31:d4:
39:85:56:bb:92:ec:19:a2:df:54:0c:2e:5f:9c:bf:
8f:5a:28:16:6e:42:51:3d:ad:09:9d:a3:12:0e:bc:
71:08:f3:8d:b6:dd:39:b2:cd:7d:d2:f7:62:79:7a:
e3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:5D:A7:07:80:03:CE:C1:83:3A:EF:2E:BB:6E:77:A7:D3:83:C0:A1
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Vl2nB4ADzsGDOu8uu253p9ODwKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:65:70:8d:cb:f2:7b:07:03:85:24:76:a1:e6:1b:36:7c:2e:
10:9b:31:0f:bd:61:bd:83:7a:95:fc:d3:8a:ad:e2:91:8a:20:
1b:7c:f8:4b:0a:0e:bd:0c:b7:b8:f5:8b:2d:f4:04:0c:fc:49:
4e:c0:b8:8e:46:61:39:6b:1d:c3:cd:98:18:65:88:6b:73:0c:
94:5f:cb:08:d1:a2:cc:e6:21:48:1b:70:a4:77:f3:bc:25:f0:
b7:61:21:92:c0:55:21:04:b9:b5:09:8d:40:ed:51:4f:ad:5a:
bc:e1:3e:30:8d:8b:75:b2:0c:84:6d:25:3d:64:24:84:c8:3e:
12:07:02:21:a7:57:ed:bf:99:4c:2d:a7:66:bb:3d:76:ed:1c:
2a:9f:d3:c2:29:cc:7c:8d:76:62:ad:be:7b:1d:c2:1c:ea:60:
2c:99:30:f3:f7:8b:47:a0:1f:3c:34:02:c9:92:34:b5:cf:a0:
e7:bc:79:f0:44:67:49:b1:f1:54:7d:2c:b9:e2:99:16:06:f9:
17:69:45:d5:57:09:98:4e:be:79:82:b5:8c:4f:65:07:47:63:
ad:ec:79:c8:95:87:6d:87:97:66:03:42:da:2e:4d:7b:9e:59:
00:78:a2:9e:df:d8:b0:79:f5:ce:de:bb:4d:d3:cc:b0:bd:c1:
7a:c0:d6:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+olwy5/yY/ViDDaTZ7RxbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTI0MDMxMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjVkYTcwNzgwMDNjZWMxODMzYWVmMmViYjZlNzdhN2QzODNjMGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquaG/qqF6ZjMteu3aNYB/Ktw+LkX
1jrCVK4ueRGKfcNacn0XBfPl9uBNI7m8rW1LsEcFAuAqP05cf8kYdjUvCygVWB5i
YJyrBjzCzTGpqqXtQFrDNLR8CLI/S8TM2txj0XQ3pS8z8S//gLWLaPMD8ykp0HN8
Mn8CWA3llYe+o3jJ999w+oscNS3Bozb6IXLEJA0kL12sf29Qwdzgy8gM2OHvcCJw
DRM210e9yBhYyDAPEYzPUMfgxRLWnbBdjFeP6x8+EuXOtBpGJ3uIY46MMdQ5hVa7
kuwZot9UDC5fnL+PWigWbkJRPa0JnaMSDrxxCPONtt05ss190vdieXrjMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFZdpweAA87BgzrvLrtud6fTg8ChMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvVmwybkI0QUR6c0dET3U4dXUyNTNwOU9Ed0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJllcI3L8nsHA4UkdqHm
GzZ8LhCbMQ+9Yb2DepX804qt4pGKIBt8+EsKDr0Mt7j1iy30BAz8SU7AuI5GYTlr
HcPNmBhliGtzDJRfywjRoszmIUgbcKR387wl8LdhIZLAVSEEubUJjUDtUU+tWrzh
PjCNi3WyDIRtJT1kJITIPhIHAiGnV+2/mUwtp2a7PXbtHCqf08IpzHyNdmKtvnsd
whzqYCyZMPP3i0egHzw0AsmSNLXPoOe8efBEZ0mx8VR9LLnimRYG+RdpRdVXCZhO
vnmCtYxPZQdHY63seciVh22Hl2YDQtouTXueWQB4op7f2LB59c7eu03TzLC9wXrA
1sU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:44 2025 by rpki-client