Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/bZtVx5inSG8AZD2hlX_wKN_FEIA.roa
File: bZtVx5inSG8AZD2hlX_wKN_FEIA.roa (raw, json)
Hash identifier: pPQ2edVZvMIHUuNB8Pr8T/lkXCfbnkOtGmnW0/so3qE=
Subject key identifier: 6D:9B:55:C7:98:A7:48:6F:00:64:3D:A1:95:7F:F0:28:DF:C5:10:80
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F69B76109BFAAE795EDDCC1755A74AD84
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/bZtVx5inSG8AZD2hlX_wKN_FEIA.roa
Signing time: Sat 11 May 2024 22:12:56 +0000
ROA not before: Sat 11 May 2024 22:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:69:b7:61:09:bf:aa:e7:95:ed:dc:c1:75:5a:74:ad:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 11 22:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d9b55c798a7486f00643da1957ff028dfc51080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b0:ad:b2:95:a4:71:32:77:3c:e8:c7:3f:83:
75:41:56:35:73:99:4e:11:a2:e4:77:f0:af:da:1c:
b0:b1:87:5a:7a:9a:b7:43:44:11:f7:bb:19:d0:33:
25:ee:51:5e:67:1b:a8:c4:8e:05:44:07:39:f3:43:
70:05:97:af:e4:e4:76:da:3d:eb:ed:24:1b:83:49:
3a:6d:87:f4:4d:50:52:b4:4d:3d:4a:c8:a5:74:57:
a0:59:a6:43:b9:81:d0:4a:42:65:55:f9:62:a2:04:
3a:92:32:8b:e6:cb:e6:36:2d:bc:fc:9a:d7:fe:f9:
01:6e:4a:78:71:e3:1f:66:54:1f:d3:7a:b2:e8:1b:
18:f3:b2:e8:15:5b:e1:1c:fc:fd:96:cc:79:85:38:
ea:59:6e:61:d6:65:1b:6f:2e:30:fe:28:fe:6b:a5:
29:9a:cf:54:b1:f3:0d:14:02:a4:b4:b3:9e:1c:87:
69:a6:b6:80:9d:6d:0a:91:a4:ef:f9:0d:44:97:aa:
cb:f1:57:da:53:90:2d:2d:bb:4f:e7:80:79:a5:0a:
23:28:4e:00:3c:b0:4d:06:71:03:0c:f2:06:16:bc:
22:d4:0d:eb:14:b0:9e:2d:b7:df:da:32:84:4e:82:
15:73:2d:51:50:65:9a:8f:2c:a3:51:67:9c:c5:e8:
8a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:9B:55:C7:98:A7:48:6F:00:64:3D:A1:95:7F:F0:28:DF:C5:10:80
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/bZtVx5inSG8AZD2hlX_wKN_FEIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:2a:a1:e3:7a:6e:0d:e2:c4:d9:ac:16:94:81:16:cf:5b:ca:
aa:e6:44:f7:14:0b:27:9e:25:a0:2d:29:24:4f:4d:c5:fc:0e:
44:cf:f6:32:01:bb:00:9d:17:b0:08:a6:18:05:8e:dc:2b:f7:
07:6a:df:af:62:bd:3f:21:29:42:ba:1d:3f:87:87:f8:49:59:
e2:2d:67:65:cf:70:26:c8:4d:c1:0c:fe:d9:68:aa:ee:0b:70:
4f:1a:04:bc:88:0d:f7:31:1d:f1:81:93:c4:10:4b:62:ea:85:
4a:ad:9d:f7:57:e3:28:76:bb:6d:0f:5a:32:d2:23:05:2e:8a:
5d:a6:00:58:39:1b:23:41:d4:a1:23:73:2e:ce:81:16:eb:b3:
47:3e:c2:1f:f0:dc:39:ab:a1:5a:94:db:ac:ad:ba:62:33:29:
64:23:bc:2f:40:45:7b:0a:dc:b6:d0:07:fa:2f:df:55:9e:d9:
37:7e:7b:30:24:54:a2:2e:2d:f7:a6:f6:3f:21:7f:cc:b1:10:
99:db:a4:0b:ee:cf:b2:05:2a:17:ab:8b:98:ec:f7:4d:58:00:
99:9e:9a:93:1a:af:94:5a:7f:a7:ca:dc:a6:9f:eb:bc:40:1e:
a5:17:21:a0:70:cf:3e:99:8e:63:a7:b1:17:aa:cd:d4:40:3f:
9d:ad:d6:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9pt2EJv6rnle3cwXVadK2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTExMjIxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDliNTVjNzk4YTc0ODZmMDA2NDNkYTE5NTdmZjAyOGRmYzUxMDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bCtspWkcTJ3POjHP4N1QVY1c5lO
EaLkd/Cv2hywsYdaepq3Q0QR97sZ0DMl7lFeZxuoxI4FRAc580NwBZev5OR22j3r
7SQbg0k6bYf0TVBStE09SsildFegWaZDuYHQSkJlVfliogQ6kjKL5svmNi28/JrX
/vkBbkp4ceMfZlQf03qy6BsY87LoFVvhHPz9lsx5hTjqWW5h1mUbby4w/ij+a6Up
ms9UsfMNFAKktLOeHIdppraAnW0KkaTv+Q1El6rL8VfaU5AtLbtP54B5pQojKE4A
PLBNBnEDDPIGFrwi1A3rFLCeLbff2jKEToIVcy1RUGWajyyjUWecxeiKPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG2bVceYp0hvAGQ9oZV/8CjfxRCAMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvYlp0Vng1aW5TRzhBWkQyaGxYX3dLTl9GRUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJYqoeN6bg3ixNmsFpSB
Fs9byqrmRPcUCyeeJaAtKSRPTcX8DkTP9jIBuwCdF7AIphgFjtwr9wdq369ivT8h
KUK6HT+Hh/hJWeItZ2XPcCbITcEM/tloqu4LcE8aBLyIDfcxHfGBk8QQS2LqhUqt
nfdX4yh2u20PWjLSIwUuil2mAFg5GyNB1KEjcy7OgRbrs0c+wh/w3DmroVqU26yt
umIzKWQjvC9ARXsK3LbQB/ov31We2Td+ezAkVKIuLfem9j8hf8yxEJnbpAvuz7IF
Kheri5js901YAJmempMar5Raf6fK3Kaf67xAHqUXIaBwzz6ZjmOnsReqzdRAP52t
1o0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:16 2025 by rpki-client