Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/WNtPi6RP0AgBOdWhRn9nNA4azXE.roa
File: WNtPi6RP0AgBOdWhRn9nNA4azXE.roa (raw, json)
Hash identifier: 5usgMgvw3TjsK2R9RW2OC+9ioQ3Rx7FqEthYRyJ9SX0=
Subject key identifier: 58:DB:4F:8B:A4:4F:D0:08:01:39:D5:A1:46:7F:67:34:0E:1A:CD:71
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA413A774391B257E7B4BFE3D65F2A29D
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/WNtPi6RP0AgBOdWhRn9nNA4azXE.roa
Signing time: Thu 23 May 2024 06:11:42 +0000
ROA not before: Thu 23 May 2024 06:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:13:a7:74:39:1b:25:7e:7b:4b:fe:3d:65:f2:a2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 23 06:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58db4f8ba44fd0080139d5a1467f67340e1acd71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f3:8c:35:c1:02:9c:dc:42:85:df:b9:dc:08:
8c:c9:50:38:e6:56:91:5f:2c:e1:2d:64:9d:fd:50:
e8:33:04:4e:69:7e:10:8f:c6:29:0c:6b:11:f5:dc:
41:89:41:65:49:1e:b9:e2:ce:52:c0:1f:b2:44:c2:
88:7f:ea:db:c5:dc:93:9d:b1:fb:9a:83:bc:45:9c:
e1:25:26:f2:4f:93:f6:ae:c0:46:44:b5:11:14:7f:
41:b3:d0:2f:57:e9:e2:45:4e:07:79:04:3c:3e:30:
1f:7b:5d:de:bd:1b:24:af:f2:a1:e9:5d:03:08:22:
64:e9:d7:12:ad:1b:b9:b4:70:14:9f:8b:2a:d7:48:
4f:79:cc:28:e8:bb:83:2f:27:d7:69:fb:7a:42:ed:
3d:64:d4:77:0e:ba:e0:5a:c8:4d:33:55:b7:98:e6:
fb:53:8a:67:14:f7:9d:71:c7:53:34:06:e9:d8:a9:
e6:81:6b:f1:f3:fc:51:8d:9e:02:87:04:5d:63:c7:
d2:7f:e6:e8:2e:17:51:4e:aa:fa:48:49:0e:ab:71:
e9:19:df:c0:e0:76:36:c2:19:57:a5:d2:f1:9b:5e:
59:6a:5a:23:65:d1:e4:2a:d5:b2:06:88:7d:b8:82:
e1:04:fc:98:89:50:40:03:7d:52:ca:a3:b2:97:cc:
4d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:DB:4F:8B:A4:4F:D0:08:01:39:D5:A1:46:7F:67:34:0E:1A:CD:71
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/WNtPi6RP0AgBOdWhRn9nNA4azXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bb:b8:f1:e1:76:ea:19:a6:d7:5c:de:84:18:e8:2e:02:5e:26:
bc:c1:e6:bf:6f:76:55:ca:be:ce:d4:2f:04:d9:1a:c7:be:d6:
4c:a2:55:76:a9:e4:4c:d1:49:89:dd:94:9d:cb:5a:75:3a:a9:
1a:40:c5:bc:97:f9:3c:e0:7c:1e:4f:d7:38:10:ab:9d:e1:8f:
93:5b:34:31:99:ab:eb:95:ee:44:bf:37:74:54:ba:30:41:7b:
2b:bd:6d:65:5c:22:c5:f8:90:f0:0f:b2:4e:5d:aa:67:3c:23:
01:e9:0a:00:d7:5f:e7:4e:25:c9:ef:65:68:41:ce:e8:c9:ca:
46:b0:4c:ae:46:d7:51:a8:fd:44:45:54:d8:80:57:cc:0f:f9:
8d:fe:ff:30:f4:3a:04:7f:74:4f:53:87:04:6d:b7:23:6c:8b:
15:d8:5f:de:91:0b:ca:3d:db:01:98:9a:8b:c5:6a:7d:06:12:
a3:17:d9:8b:98:8b:5c:e4:b2:5a:2c:09:83:a2:14:75:10:e1:
32:5e:43:ec:88:f2:fa:8a:35:01:3b:ed:b1:9a:f0:d4:ac:37:
4d:be:53:91:ef:ed:10:34:6d:c9:2b:8a:d6:43:58:04:5f:13:
e9:ba:7b:82:20:84:67:f9:ce:bb:01:8d:f8:90:8f:d5:e3:2f:
3b:90:08:f7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+kE6d0ORslfntL/j1l8qKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIzMDYxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGRiNGY4YmE0NGZkMDA4MDEzOWQ1YTE0NjdmNjczNDBlMWFjZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvOMNcECnNxChd+53AiMyVA45laR
XyzhLWSd/VDoMwROaX4Qj8YpDGsR9dxBiUFlSR654s5SwB+yRMKIf+rbxdyTnbH7
moO8RZzhJSbyT5P2rsBGRLURFH9Bs9AvV+niRU4HeQQ8PjAfe13evRskr/Kh6V0D
CCJk6dcSrRu5tHAUn4sq10hPecwo6LuDLyfXaft6Qu09ZNR3DrrgWshNM1W3mOb7
U4pnFPedccdTNAbp2KnmgWvx8/xRjZ4ChwRdY8fSf+boLhdRTqr6SEkOq3HpGd/A
4HY2whlXpdLxm15ZalojZdHkKtWyBoh9uILhBPyYiVBAA31SyqOyl8xNPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFjbT4ukT9AIATnVoUZ/ZzQOGs1xMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvV050UGk2UlAwQWdCT2RXaFJuOW5OQTRhelhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALu48eF26hmm11zehBjo
LgJeJrzB5r9vdlXKvs7ULwTZGse+1kyiVXap5EzRSYndlJ3LWnU6qRpAxbyX+Tzg
fB5P1zgQq53hj5NbNDGZq+uV7kS/N3RUujBBeyu9bWVcIsX4kPAPsk5dqmc8IwHp
CgDXX+dOJcnvZWhBzujJykawTK5G11Go/URFVNiAV8wP+Y3+/zD0OgR/dE9ThwRt
tyNsixXYX96RC8o92wGYmovFan0GEqMX2YuYi1zkslosCYOiFHUQ4TJeQ+yI8vqK
NQE77bGa8NSsN02+U5Hv7RA0bckritZDWARfE+m6e4IghGf5zrsBjfiQj9XjLzuQ
CPc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:44 2025 by rpki-client