Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/_D_2K6Yx97p_zk41qD2duk2lIoY.roa
File: _D_2K6Yx97p_zk41qD2duk2lIoY.roa (raw, json)
Hash identifier: ZSuwGdyVUPgEp4wOWYfQLQycpZKA8YdzPxUH6ez4Xu4=
Subject key identifier: FC:3F:F6:2B:A6:31:F7:BA:7F:CE:4E:35:A8:3D:9D:BA:4D:A5:22:86
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F4D9A6B395578E17555EF2BF8598B931B
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/_D_2K6Yx97p_zk41qD2duk2lIoY.roa
Signing time: Mon 06 May 2024 11:11:56 +0000
ROA not before: Mon 06 May 2024 11:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4d:9a:6b:39:55:78:e1:75:55:ef:2b:f8:59:8b:93:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 6 11:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc3ff62ba631f7ba7fce4e35a83d9dba4da52286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b7:97:3f:26:af:22:ef:b6:58:46:e3:b2:ea:
40:05:3a:46:4c:ef:4c:3c:84:5f:88:83:76:b3:22:
7d:ac:66:d5:99:62:42:82:b0:d1:43:16:56:49:dc:
0d:64:2e:13:97:56:46:98:32:a0:9c:20:76:c4:35:
2b:9c:80:d4:fe:cf:5c:f2:6d:94:24:04:69:89:26:
11:bb:3e:30:ca:4b:97:41:a0:19:7c:7a:12:76:d9:
b7:5e:bb:1b:b9:73:eb:28:61:bc:ce:ee:0d:ab:07:
52:aa:f6:93:5f:34:20:02:d7:58:c9:9a:2d:3d:28:
8a:7e:34:c4:27:0b:9d:60:67:25:28:23:df:c0:80:
fb:b5:e0:4b:00:32:46:2a:67:e6:f1:2c:fd:57:03:
3c:d1:c6:17:a8:84:27:39:bb:9b:fe:a8:86:13:80:
fb:de:1f:e2:b3:77:c9:88:4b:22:d1:e8:8f:f4:20:
2d:61:7c:77:81:3d:c3:4a:c3:0c:96:65:5f:8b:40:
7e:0f:27:06:56:a3:13:a4:fb:9d:d4:a7:10:2d:eb:
79:61:2a:61:eb:e1:5f:82:f1:60:b2:e1:21:9d:7b:
d1:fc:5a:0b:66:98:9d:2f:34:8b:10:77:e0:0b:93:
f7:e4:08:02:47:da:be:2c:b0:33:ef:8e:d9:c4:62:
63:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:3F:F6:2B:A6:31:F7:BA:7F:CE:4E:35:A8:3D:9D:BA:4D:A5:22:86
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/_D_2K6Yx97p_zk41qD2duk2lIoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:0d:fb:08:41:ca:1c:24:0b:99:3b:20:61:be:79:60:73:aa:
d1:f0:fb:08:ff:4d:a2:b6:f9:66:d6:0b:e8:58:d9:3e:fc:9b:
ac:a3:d0:31:f2:39:d0:4f:ce:de:5b:ae:67:f1:71:9a:87:73:
6a:6e:3c:e8:b1:2d:a6:c3:a7:c6:9d:c3:0f:fd:65:fd:a3:e5:
97:7a:5a:34:d7:2e:33:15:bc:d7:89:8a:ed:01:05:71:42:df:
8c:62:26:0c:60:7e:ae:27:ae:40:77:ca:f4:4b:f5:b5:e6:8c:
69:52:7a:dc:73:cf:52:b9:45:13:02:c8:46:65:93:c2:ec:61:
ef:a1:69:b3:67:2b:7b:76:b2:09:3f:88:6c:34:84:ac:c5:42:
97:71:d6:66:41:8b:05:31:dc:d7:92:0d:18:ca:6c:d5:fa:cc:
b4:99:bd:51:34:72:8d:f0:d9:ba:6e:df:f1:77:4e:40:8f:75:
10:a0:4b:bf:ef:30:d3:bb:65:42:ca:d4:20:cd:77:47:87:72:
42:09:e4:ec:02:6e:c7:ab:7e:1e:c1:d0:6f:63:bd:d8:aa:a7:
ed:de:34:51:51:a3:dc:96:1c:c4:0d:e0:05:46:e8:15:b2:f5:
00:c8:82:57:47:97:a5:29:80:d2:91:f0:50:2e:45:72:2d:5c:
fd:ec:ab:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9Nmms5VXjhdVXvK/hZi5MbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA2MTExMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzNmZjYyYmE2MzFmN2JhN2ZjZTRlMzVhODNkOWRiYTRkYTUyMjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1beXPyavIu+2WEbjsupABTpGTO9M
PIRfiIN2syJ9rGbVmWJCgrDRQxZWSdwNZC4Tl1ZGmDKgnCB2xDUrnIDU/s9c8m2U
JARpiSYRuz4wykuXQaAZfHoSdtm3XrsbuXPrKGG8zu4NqwdSqvaTXzQgAtdYyZot
PSiKfjTEJwudYGclKCPfwID7teBLADJGKmfm8Sz9VwM80cYXqIQnObub/qiGE4D7
3h/is3fJiEsi0eiP9CAtYXx3gT3DSsMMlmVfi0B+DycGVqMTpPud1KcQLet5YSph
6+FfgvFgsuEhnXvR/FoLZpidLzSLEHfgC5P35AgCR9q+LLAz747ZxGJjUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPw/9iumMfe6f85ONag9nbpNpSKGMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvX0RfMks2WXg5N3Bfems0MXFEMmR1azJsSW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGIN+whByhwkC5k7IGG+
eWBzqtHw+wj/TaK2+WbWC+hY2T78m6yj0DHyOdBPzt5brmfxcZqHc2puPOixLabD
p8adww/9Zf2j5Zd6WjTXLjMVvNeJiu0BBXFC34xiJgxgfq4nrkB3yvRL9bXmjGlS
etxzz1K5RRMCyEZlk8LsYe+habNnK3t2sgk/iGw0hKzFQpdx1mZBiwUx3NeSDRjK
bNX6zLSZvVE0co3w2bpu3/F3TkCPdRCgS7/vMNO7ZULK1CDNd0eHckIJ5OwCbser
fh7B0G9jvdiqp+3eNFFRo9yWHMQN4AVG6BWy9QDIgldHl6UpgNKR8FAuRXItXP3s
q2s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:53 2025 by rpki-client