Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/bIPPtXUe-Fenr5zI07hdVKmKpU4.roa
File: bIPPtXUe-Fenr5zI07hdVKmKpU4.roa (raw, json)
Hash identifier: L3b37aixiQA/TOzxkBaUPrFhNYUsjK/VPNkfO8ByJ9Q=
Subject key identifier: 6C:83:CF:B5:75:1E:F8:57:A7:AF:9C:C8:D3:B8:5D:54:A9:8A:A5:4E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F3D8376616BD5FFA353EF9CBCFD6930A2
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/bIPPtXUe-Fenr5zI07hdVKmKpU4.roa
Signing time: Fri 03 May 2024 08:12:56 +0000
ROA not before: Fri 03 May 2024 08:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3d:83:76:61:6b:d5:ff:a3:53:ef:9c:bc:fd:69:30:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 3 08:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c83cfb5751ef857a7af9cc8d3b85d54a98aa54e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0c:7a:1e:a5:88:b5:a0:fa:8f:91:63:fd:fb:
e8:6f:ef:17:4e:0e:ea:4a:e6:13:48:81:b4:de:aa:
ad:e9:f9:1f:27:1f:06:ee:c9:51:c7:8f:ad:3e:65:
bf:62:a7:4a:5b:9c:69:7e:f5:3c:73:7a:85:de:84:
29:18:61:10:1c:31:b0:b7:fb:dd:9e:fa:83:0c:02:
c7:39:b2:6b:af:56:92:ef:c7:2a:89:f1:07:db:b3:
c3:8a:3e:1c:ca:c5:7e:89:74:07:a6:ef:11:cc:d8:
68:c4:d6:70:e9:45:ec:5a:8a:c2:b8:de:da:d7:57:
28:eb:88:f2:81:7c:43:31:78:71:4e:b7:63:1e:71:
02:c3:94:02:ae:e9:33:4f:75:71:a8:46:e1:2e:61:
c6:df:6d:d6:cc:4d:f0:8a:cf:ad:32:23:16:04:77:
de:a8:fa:55:33:ec:23:a6:32:36:72:2c:71:84:f2:
cf:b2:56:67:09:ce:34:28:d3:19:61:83:66:6e:f6:
7f:19:a4:ea:aa:1a:b0:03:9b:2b:70:2e:35:4d:22:
a6:77:8d:49:ff:94:b5:0c:83:83:9b:8f:b3:e8:51:
d6:56:df:26:29:7c:5c:f7:83:b9:f3:f5:da:06:5a:
9d:1c:a3:6c:8f:c2:d4:74:59:3a:0e:4c:cd:f0:5d:
b4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:83:CF:B5:75:1E:F8:57:A7:AF:9C:C8:D3:B8:5D:54:A9:8A:A5:4E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/bIPPtXUe-Fenr5zI07hdVKmKpU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:be:74:0e:9d:9d:64:d7:9d:eb:0f:3a:2c:fd:dd:6f:dc:1a:
c9:cb:69:10:ac:ad:50:d0:4b:25:03:43:72:95:b8:a8:93:59:
5b:4c:c5:21:ab:32:98:59:23:b3:c9:07:3e:18:c2:c0:1a:42:
99:6d:46:68:68:82:fd:e9:d9:98:ce:42:e3:13:ae:77:6e:df:
fb:d9:63:33:e1:da:bb:36:55:52:5a:b7:7c:af:67:5e:c5:c7:
de:9f:09:fc:f5:75:30:df:7b:aa:4e:f4:7f:76:b9:4f:34:d1:
93:cc:1d:e2:e9:bb:0d:90:e2:fe:99:4d:0f:0a:d9:62:dc:92:
20:df:e2:3b:18:39:e9:55:97:3e:8b:54:ae:10:c3:58:14:37:
b7:6c:cd:f8:b5:0c:d3:fd:41:53:bc:15:d5:bf:ab:40:a0:cc:
1b:eb:b0:c8:fb:c2:9a:5c:f7:fa:09:55:8d:b7:2f:c1:ee:0c:
96:bf:08:b2:47:8c:2f:bb:f2:0c:bc:4a:37:e7:ea:49:85:96:
5a:b1:a2:99:98:72:ea:95:a2:9f:52:aa:b5:96:30:d2:e1:8f:
aa:78:63:81:54:28:32:4d:d2:db:7f:0a:c9:1d:13:98:2c:f8:
e3:3e:27:c9:1e:b1:cd:31:c1:9b:d3:4a:32:fe:3b:f4:44:a1:
22:f2:1a:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY89g3Zha9X/o1PvnLz9aTCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAzMDgxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzgzY2ZiNTc1MWVmODU3YTdhZjljYzhkM2I4NWQ1NGE5OGFhNTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwx6HqWItaD6j5Fj/fvob+8XTg7q
SuYTSIG03qqt6fkfJx8G7slRx4+tPmW/YqdKW5xpfvU8c3qF3oQpGGEQHDGwt/vd
nvqDDALHObJrr1aS78cqifEH27PDij4cysV+iXQHpu8RzNhoxNZw6UXsWorCuN7a
11co64jygXxDMXhxTrdjHnECw5QCrukzT3VxqEbhLmHG323WzE3wis+tMiMWBHfe
qPpVM+wjpjI2cixxhPLPslZnCc40KNMZYYNmbvZ/GaTqqhqwA5srcC41TSKmd41J
/5S1DIODm4+z6FHWVt8mKXxc94O58/XaBlqdHKNsj8LUdFk6DkzN8F20uQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGyDz7V1HvhXp6+cyNO4XVSpiqVOMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvYklQUHRYVWUtRmVucjV6STA3aGRWS21LcFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGC+dA6dnWTXnesPOiz9
3W/cGsnLaRCsrVDQSyUDQ3KVuKiTWVtMxSGrMphZI7PJBz4YwsAaQpltRmhogv3p
2ZjOQuMTrndu3/vZYzPh2rs2VVJat3yvZ17Fx96fCfz1dTDfe6pO9H92uU800ZPM
HeLpuw2Q4v6ZTQ8K2WLckiDf4jsYOelVlz6LVK4Qw1gUN7dszfi1DNP9QVO8FdW/
q0CgzBvrsMj7wppc9/oJVY23L8HuDJa/CLJHjC+78gy8Sjfn6kmFllqxopmYcuqV
op9SqrWWMNLhj6p4Y4FUKDJN0tt/CskdE5gs+OM+J8kesc0xwZvTSjL+O/REoSLy
GpM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:33 2025 by rpki-client