Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Wtt7-ooSr2CxGmYbafO1JDMNJ5U.roa
File: Wtt7-ooSr2CxGmYbafO1JDMNJ5U.roa (raw, json)
Hash identifier: k+YcLa2PZo8KV9eJDAJShZ141twFzLcX9Zyp15La1Mg=
Subject key identifier: 5A:DB:7B:FA:8A:12:AF:60:B1:1A:66:1B:69:F3:B5:24:33:0D:27:95
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F79CDDED9BBE660051B8C440BDAF6D328
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Wtt7-ooSr2CxGmYbafO1JDMNJ5U.roa
Signing time: Wed 15 May 2024 01:11:26 +0000
ROA not before: Wed 15 May 2024 01:11:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:79:cd:de:d9:bb:e6:60:05:1b:8c:44:0b:da:f6:d3:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 15 01:11:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5adb7bfa8a12af60b11a661b69f3b524330d2795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8b:f2:48:49:2f:f4:55:95:65:f2:57:69:37:
de:60:b3:c1:fc:33:13:30:67:ca:2d:ec:6f:2f:10:
57:51:95:42:0a:a5:c2:b9:25:69:36:52:de:09:66:
00:bb:c6:b9:53:9c:72:28:a7:ca:bb:6a:b4:b0:fc:
21:12:82:4e:3d:a5:2f:53:43:0c:a0:7e:0d:20:be:
5f:d2:e8:99:c8:8f:17:07:f4:1d:31:34:f9:cf:bb:
4c:7c:7e:42:b1:c7:57:a0:45:a0:c3:31:bc:cd:71:
10:ad:0c:ee:e8:e3:68:b3:18:24:4b:38:50:c0:21:
e8:fb:eb:d6:60:90:5a:e1:af:44:8e:95:ae:0b:75:
76:cd:f8:39:dd:e0:a3:c9:7f:3d:35:7b:2d:0d:24:
4d:82:1c:c6:4a:c7:02:b2:a3:38:ef:ef:29:d9:16:
5b:bd:fe:12:17:19:82:b3:14:60:b6:62:a4:5b:41:
c9:ec:97:94:5e:04:c3:aa:5c:e6:71:16:5a:2a:0f:
52:2e:f3:06:97:4a:fc:26:ae:7f:99:3f:e2:e1:d9:
12:03:d5:e5:dd:6f:40:20:8a:b7:c1:3a:5e:2f:78:
a0:68:38:c8:f9:f4:5c:43:63:64:d7:b3:d0:0b:b1:
ea:5c:08:ca:39:e1:a3:61:92:98:62:f8:7b:1c:63:
b8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:DB:7B:FA:8A:12:AF:60:B1:1A:66:1B:69:F3:B5:24:33:0D:27:95
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Wtt7-ooSr2CxGmYbafO1JDMNJ5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
70:09:e2:7d:d1:e0:29:c5:3b:c7:bb:e0:90:fa:3c:2b:89:6c:
c3:56:fb:90:e6:1a:ae:5a:c6:e3:65:cd:0d:01:44:7f:ee:e2:
a2:a8:a5:1e:ca:6c:dc:60:f0:c0:44:34:d3:a2:92:ec:77:cb:
f4:fc:00:df:73:77:b3:2d:a8:5c:5e:1d:1f:ff:3c:93:5d:0a:
58:90:3a:5b:8a:e8:32:dc:0a:0e:12:23:2b:03:42:be:7d:22:
2c:fc:f2:a0:79:a4:2b:52:c7:b3:27:59:5b:c5:20:01:fc:1a:
b4:f8:e0:40:4b:23:41:b0:30:df:96:bb:01:50:0a:a1:49:b7:
d0:fa:09:a1:dc:6d:27:97:d5:09:80:84:d8:5e:82:ba:0f:ce:
74:6d:3a:18:eb:cb:0a:c9:67:86:2e:c5:6a:41:45:63:68:0a:
75:92:21:2a:69:e6:14:53:25:b9:b7:78:c1:1b:04:56:26:7e:
e0:6f:bc:11:06:70:3d:8b:72:1c:70:c3:be:2b:51:f6:47:b5:
81:a5:1c:09:74:ae:30:3b:dd:4c:fd:dd:e5:64:86:29:c7:cb:
13:d2:57:51:45:14:72:3c:ab:3d:60:06:c1:30:d2:fe:45:23:
11:cc:5e:61:ec:23:95:3b:f1:09:9c:86:4e:88:9c:89:6e:4d:
5b:6f:12:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY95zd7Zu+ZgBRuMRAva9tMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE1MDExMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWRiN2JmYThhMTJhZjYwYjExYTY2MWI2OWYzYjUyNDMzMGQyNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYvySEkv9FWVZfJXaTfeYLPB/DMT
MGfKLexvLxBXUZVCCqXCuSVpNlLeCWYAu8a5U5xyKKfKu2q0sPwhEoJOPaUvU0MM
oH4NIL5f0uiZyI8XB/QdMTT5z7tMfH5CscdXoEWgwzG8zXEQrQzu6ONosxgkSzhQ
wCHo++vWYJBa4a9EjpWuC3V2zfg53eCjyX89NXstDSRNghzGSscCsqM47+8p2RZb
vf4SFxmCsxRgtmKkW0HJ7JeUXgTDqlzmcRZaKg9SLvMGl0r8Jq5/mT/i4dkSA9Xl
3W9AIIq3wTpeL3igaDjI+fRcQ2Nk17PQC7HqXAjKOeGjYZKYYvh7HGO4twIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFrbe/qKEq9gsRpmG2nztSQzDSeVMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvV3R0Ny1vb1NyMkN4R21ZYmFmTzFKRE1OSjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHAJ4n3R4CnFO8e74JD6
PCuJbMNW+5DmGq5axuNlzQ0BRH/u4qKopR7KbNxg8MBENNOikux3y/T8AN9zd7Mt
qFxeHR//PJNdCliQOluK6DLcCg4SIysDQr59Iiz88qB5pCtSx7MnWVvFIAH8GrT4
4EBLI0GwMN+WuwFQCqFJt9D6CaHcbSeX1QmAhNhegroPznRtOhjrywrJZ4YuxWpB
RWNoCnWSISpp5hRTJbm3eMEbBFYmfuBvvBEGcD2Lchxww74rUfZHtYGlHAl0rjA7
3Uz93eVkhinHyxPSV1FFFHI8qz1gBsEw0v5FIxHMXmHsI5U78Qmchk6InIluTVtv
EtQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:25 2025 by rpki-client