Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/XBBTGM-60enVjROttH5FKskTQkw.roa
File: XBBTGM-60enVjROttH5FKskTQkw.roa (raw, json)
Hash identifier: AWr9TM/ZyIbqcGLrKBnv6WurSh147uYqKJ9Ypj75aac=
Subject key identifier: 5C:10:53:18:CF:BA:D1:E9:D5:8D:13:AD:B4:7E:45:2A:C9:13:42:4C
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F98B3B2408DECFC40207D4F7E6D0FA80B
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/XBBTGM-60enVjROttH5FKskTQkw.roa
Signing time: Tue 21 May 2024 01:11:04 +0000
ROA not before: Tue 21 May 2024 01:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:98:b3:b2:40:8d:ec:fc:40:20:7d:4f:7e:6d:0f:a8:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 01:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c105318cfbad1e9d58d13adb47e452ac913424c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f1:52:d6:af:ef:21:b6:65:7e:a4:54:0c:7b:
de:48:d7:f7:fc:4d:9f:2d:fc:8d:c8:bc:61:39:a4:
4a:eb:f9:5f:ae:5f:78:41:2b:69:cc:70:63:31:ee:
e9:f1:4a:d4:2f:51:ec:bb:8f:03:a7:92:a9:a7:bc:
70:f3:5d:2c:40:1f:65:75:9e:6e:a0:e2:cc:6e:0b:
b7:1d:fe:92:89:d2:a9:e0:c4:5b:71:99:fe:96:53:
74:4b:6c:99:a4:33:f8:50:ff:bb:4e:ac:bc:4b:b3:
b9:e5:21:66:6b:60:f4:8d:2f:75:00:05:ba:e5:74:
d5:0a:9c:e9:19:66:6e:ac:1f:f9:b1:e8:9e:3b:ff:
69:9b:35:73:55:66:b3:c3:c3:5c:87:6d:40:ec:d0:
bb:ab:d7:27:33:76:62:b1:19:29:d1:46:6f:55:da:
40:3f:4d:a1:36:e1:78:bf:36:00:dc:5a:00:ab:82:
2b:b0:78:a4:65:03:af:b6:34:3e:a3:ac:82:ae:15:
8f:c5:91:7f:5e:1b:d7:1e:9f:bc:36:4e:50:b2:42:
85:a9:34:a4:d8:02:5d:94:bc:41:9a:57:5e:86:2c:
b8:2a:d1:da:7c:85:d0:42:62:5b:8c:ae:15:2d:fb:
db:a0:0f:ef:07:f0:46:46:b2:1b:b5:0a:64:a6:f0:
5d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:10:53:18:CF:BA:D1:E9:D5:8D:13:AD:B4:7E:45:2A:C9:13:42:4C
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/XBBTGM-60enVjROttH5FKskTQkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:83:6b:88:3e:39:1e:6a:54:0c:d5:99:2b:9c:73:b0:d7:18:
2a:1f:9c:63:04:7c:00:e6:64:b4:f4:97:d9:3c:04:19:e0:f0:
18:88:3a:45:fe:ec:11:4a:44:b7:16:cc:78:41:85:d5:1e:70:
3a:b6:ab:50:7c:b1:26:a6:94:e2:fc:62:c4:ef:ac:41:a5:30:
61:be:7f:a9:f5:43:e8:14:92:0a:59:11:a4:9f:d3:7e:68:12:
2a:a9:ea:87:dd:a1:94:5c:c8:74:84:50:87:5f:f4:27:47:70:
86:b5:35:de:41:a3:dd:1c:82:6f:20:ec:87:bb:d8:d6:8f:2c:
ff:68:b0:d8:60:19:b8:14:6b:2e:2d:c5:9a:31:e5:e7:ed:bf:
7a:4a:cf:52:66:b6:d7:09:10:6d:14:18:e4:0f:fe:e5:06:75:
6c:b0:39:04:f3:a2:5e:56:3b:d3:16:6a:e4:d3:58:50:43:4f:
0a:06:1b:21:f1:ad:37:6a:a8:6c:ab:fb:f6:c5:03:c3:f8:06:
13:02:be:15:bf:ee:e4:5b:73:ec:ff:ac:45:c9:e5:e5:64:4f:
34:e8:03:fa:35:36:53:2f:bb:2e:b9:15:01:75:45:25:16:37:
7a:95:4f:8b:11:04:4e:96:b5:4f:b6:78:82:76:9c:c7:6e:75:
c2:8d:f6:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+Ys7JAjez8QCB9T35tD6gLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMDExMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzEwNTMxOGNmYmFkMWU5ZDU4ZDEzYWRiNDdlNDUyYWM5MTM0MjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fFS1q/vIbZlfqRUDHveSNf3/E2f
LfyNyLxhOaRK6/lfrl94QStpzHBjMe7p8UrUL1Hsu48Dp5Kpp7xw810sQB9ldZ5u
oOLMbgu3Hf6SidKp4MRbcZn+llN0S2yZpDP4UP+7Tqy8S7O55SFma2D0jS91AAW6
5XTVCpzpGWZurB/5seieO/9pmzVzVWazw8Nch21A7NC7q9cnM3ZisRkp0UZvVdpA
P02hNuF4vzYA3FoAq4IrsHikZQOvtjQ+o6yCrhWPxZF/XhvXHp+8Nk5QskKFqTSk
2AJdlLxBmldehiy4KtHafIXQQmJbjK4VLfvboA/vB/BGRrIbtQpkpvBdgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFwQUxjPutHp1Y0TrbR+RSrJE0JMMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvWEJCVEdNLTYwZW5WalJPdHRINUZLc2tUUWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFGDa4g+OR5qVAzVmSuc
c7DXGCofnGMEfADmZLT0l9k8BBng8BiIOkX+7BFKRLcWzHhBhdUecDq2q1B8sSam
lOL8YsTvrEGlMGG+f6n1Q+gUkgpZEaSf035oEiqp6ofdoZRcyHSEUIdf9CdHcIa1
Nd5Bo90cgm8g7Ie72NaPLP9osNhgGbgUay4txZox5eftv3pKz1JmttcJEG0UGOQP
/uUGdWywOQTzol5WO9MWauTTWFBDTwoGGyHxrTdqqGyr+/bFA8P4BhMCvhW/7uRb
c+z/rEXJ5eVkTzToA/o1NlMvuy65FQF1RSUWN3qVT4sRBE6WtU+2eIJ2nMdudcKN
9rk=
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:52:17 2025 by rpki-client