Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Xh4bB8sEbmUiJE7VrO2s7keBKOM.roa
File: Xh4bB8sEbmUiJE7VrO2s7keBKOM.roa (raw, json)
Hash identifier: rTV7oTGHoVDlbbLYJNkXIVH9+2NOO/Rptx9hl6GE19I=
Subject key identifier: 5E:1E:1B:07:CB:04:6E:65:22:24:4E:D5:AC:ED:AC:EE:47:81:28:E3
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA9A7E0A9351F0714C371F374C811C71A
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Xh4bB8sEbmUiJE7VrO2s7keBKOM.roa
Signing time: Fri 24 May 2024 08:11:42 +0000
ROA not before: Fri 24 May 2024 08:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a9:a7:e0:a9:35:1f:07:14:c3:71:f3:74:c8:11:c7:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 24 08:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e1e1b07cb046e6522244ed5acedacee478128e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4a:66:00:38:c7:41:33:48:62:65:97:4a:e5:
b3:48:13:2a:c7:86:97:5f:5f:ef:78:70:b4:27:41:
45:65:b7:74:d9:3a:73:17:8d:52:9a:dd:dc:02:af:
72:2b:49:af:b1:0c:5c:8c:b4:63:13:07:f7:bb:59:
36:16:af:db:40:df:c5:0d:b7:bb:b4:85:86:34:00:
b8:a5:32:52:f3:88:4b:86:f8:d6:60:fd:b2:61:78:
ba:7c:53:d2:91:72:68:10:6b:75:98:46:10:50:3c:
ac:b5:48:ff:aa:95:89:ec:61:e6:53:e2:8f:3f:26:
54:b3:47:69:07:d5:88:16:96:18:48:af:7e:fc:8b:
34:10:e7:bc:00:60:2f:19:fe:3e:2f:ae:33:c9:a5:
b2:8c:86:e8:f3:2c:2c:06:93:07:98:f5:fb:f3:78:
70:71:d1:a9:dc:bd:75:2b:9c:a7:cc:16:63:fb:63:
43:0d:31:a3:6a:25:6b:e1:07:96:1a:43:16:92:f2:
95:e4:aa:07:01:98:87:d1:df:9a:37:19:85:21:a5:
34:ec:fd:fd:db:5b:3a:e5:92:17:11:d5:d2:22:85:
77:99:49:30:49:e5:73:bc:20:11:2b:00:23:ca:d6:
73:c2:ec:91:5e:72:b2:0c:34:82:7c:bd:cd:1b:7e:
d6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1E:1B:07:CB:04:6E:65:22:24:4E:D5:AC:ED:AC:EE:47:81:28:E3
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Xh4bB8sEbmUiJE7VrO2s7keBKOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:50:cc:d0:dc:8f:5b:d9:f5:34:58:ea:37:ef:7c:fb:db:84:
92:18:0e:79:3a:60:98:b5:26:c8:40:2c:b0:09:c1:2c:d5:cd:
3f:bd:56:da:29:07:9c:ad:b9:23:21:66:07:17:fa:17:fe:f5:
d0:be:51:72:80:bc:81:0c:a8:09:d2:0e:d1:83:f5:c3:60:6f:
81:f4:d4:b1:d4:7f:32:9e:29:e6:5d:a4:0d:cc:ca:eb:a0:91:
b7:57:c7:5d:0c:19:65:c4:ca:69:6f:41:00:db:e9:0b:b7:42:
f7:c3:48:6c:53:a2:02:e7:bd:94:b3:eb:23:18:88:ba:3c:ed:
c8:5c:22:4f:a3:21:6c:27:be:41:44:5e:84:24:dc:ac:51:aa:
a1:41:7f:20:f8:a3:fd:10:93:40:f4:ab:2c:83:a3:a7:77:ac:
43:a7:1e:b5:9c:d3:be:e7:5a:d0:31:54:7f:5f:44:29:d7:25:
91:d0:52:d7:45:33:ae:48:f4:80:60:9e:ae:0c:8e:65:a5:37:
cc:98:05:3d:36:b2:07:ea:86:34:0a:10:4c:99:47:69:b0:03:
8a:fa:8a:65:8c:18:25:33:ee:b1:dc:75:35:99:0f:e0:d6:dc:
9e:7a:a1:17:24:30:13:32:7b:32:00:77:b7:87:69:3c:43:72:
ef:34:7a:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+pp+CpNR8HFMNx83TIEccaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTI0MDgxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTFlMWIwN2NiMDQ2ZTY1MjIyNDRlZDVhY2VkYWNlZTQ3ODEyOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEpmADjHQTNIYmWXSuWzSBMqx4aX
X1/veHC0J0FFZbd02TpzF41Smt3cAq9yK0mvsQxcjLRjEwf3u1k2Fq/bQN/FDbe7
tIWGNAC4pTJS84hLhvjWYP2yYXi6fFPSkXJoEGt1mEYQUDystUj/qpWJ7GHmU+KP
PyZUs0dpB9WIFpYYSK9+/Is0EOe8AGAvGf4+L64zyaWyjIbo8ywsBpMHmPX783hw
cdGp3L11K5ynzBZj+2NDDTGjaiVr4QeWGkMWkvKV5KoHAZiH0d+aNxmFIaU07P39
21s65ZIXEdXSIoV3mUkwSeVzvCARKwAjytZzwuyRXnKyDDSCfL3NG37WHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF4eGwfLBG5lIiRO1aztrO5HgSjjMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvWGg0YkI4c0VibVVpSkU3VnJPMnM3a2VCS09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADdQzNDcj1vZ9TRY6jfv
fPvbhJIYDnk6YJi1JshALLAJwSzVzT+9VtopB5ytuSMhZgcX+hf+9dC+UXKAvIEM
qAnSDtGD9cNgb4H01LHUfzKeKeZdpA3MyuugkbdXx10MGWXEymlvQQDb6Qu3QvfD
SGxTogLnvZSz6yMYiLo87chcIk+jIWwnvkFEXoQk3KxRqqFBfyD4o/0Qk0D0qyyD
o6d3rEOnHrWc077nWtAxVH9fRCnXJZHQUtdFM65I9IBgnq4MjmWlN8yYBT02sgfq
hjQKEEyZR2mwA4r6imWMGCUz7rHcdTWZD+DW3J56oRckMBMyezIAd7eHaTxDcu80
egc=
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:18:46 2025 by rpki-client