Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/iKK2WJ4We5uYqQPf8YBPIn3wzHM.roa
File: iKK2WJ4We5uYqQPf8YBPIn3wzHM.roa (raw, json)
Hash identifier: 6DgcbDroQs6W56hJD5Jyznjzc5Ub3kRZt0Yolce/kkQ=
Subject key identifier: 88:A2:B6:58:9E:16:7B:9B:98:A9:03:DF:F1:80:4F:22:7D:F0:CC:73
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F43B52801B14510F578C4FA4C7371CB09
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/iKK2WJ4We5uYqQPf8YBPIn3wzHM.roa
Signing time: Sat 04 May 2024 13:04:56 +0000
ROA not before: Sat 04 May 2024 13:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:43b4:85f3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:43:b5:28:01:b1:45:10:f5:78:c4:fa:4c:73:71:cb:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 4 13:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88a2b6589e167b9b98a903dff1804f227df0cc73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d0:c0:91:f6:d6:46:74:b0:2c:5c:30:98:94:
13:35:29:38:c0:f5:21:30:bc:08:06:e6:5e:6d:72:
15:bd:f8:97:04:e8:7c:16:e4:32:ee:bc:0e:86:0f:
59:9d:b3:0a:d3:44:44:86:98:9b:fd:79:81:25:7e:
70:7a:87:c4:4e:46:0f:67:36:c4:96:09:8d:27:0c:
e0:a3:f5:ba:57:1b:52:f5:b4:c2:d1:a0:b8:91:40:
fe:0d:cb:e9:41:38:bb:69:7c:19:b3:0a:b3:85:36:
c7:05:a5:bc:13:75:54:46:57:cf:10:0e:15:2b:e9:
d7:76:f2:f9:95:95:51:11:9c:bd:e4:52:a0:96:cc:
67:7c:71:d8:f4:b8:ce:82:61:1a:80:c1:7e:be:4a:
f0:79:44:91:3f:16:ed:18:55:cf:af:e0:a1:74:ab:
21:38:05:2e:dc:0c:c8:f5:b2:97:d0:49:45:d0:cd:
c4:2c:f8:7e:fc:f4:05:bc:27:20:88:6f:00:f9:2c:
9d:24:d3:16:74:d4:2d:1d:50:7d:4d:7d:88:fd:a3:
7c:3e:80:0f:d2:ee:13:e1:b3:69:87:fc:fc:82:b2:
09:1c:7c:cf:9c:12:10:15:d7:75:7e:37:63:11:cd:
fd:3f:2b:8f:e2:3a:4f:22:68:3f:10:30:a3:6a:f9:
f3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A2:B6:58:9E:16:7B:9B:98:A9:03:DF:F1:80:4F:22:7D:F0:CC:73
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/iKK2WJ4We5uYqQPf8YBPIn3wzHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:46:91:21:0e:8b:f7:5d:03:d7:66:61:98:01:f7:1c:a6:37:
78:b7:08:28:fe:af:12:45:71:da:6c:05:da:58:da:1b:f3:4f:
86:c2:85:15:b7:38:c7:d2:ab:fa:fc:d3:c3:7d:db:1b:eb:32:
7c:2a:f3:b7:41:01:f1:67:1b:c4:67:15:6a:bf:be:25:27:5b:
de:df:3b:13:a2:ce:75:cb:78:80:1a:35:14:22:d9:1d:06:29:
32:d3:42:f2:4f:bd:7e:d4:73:55:a7:40:69:90:2d:da:f8:5d:
4a:26:68:99:83:6b:08:9c:0a:45:ae:ad:8f:58:f1:e9:5e:56:
9b:58:8d:e1:5c:9b:81:da:4c:ff:17:8c:61:ec:9a:ee:8b:2c:
e3:02:68:cf:f3:aa:85:6e:31:ac:54:1e:dd:61:64:be:92:3a:
1c:c1:98:82:95:73:19:22:3a:ea:d4:3a:c3:d2:35:f4:af:76:
b9:0b:8b:f6:ba:2f:fb:b9:53:0b:05:4c:d5:81:31:76:0c:a4:
04:47:f4:17:9a:88:55:58:ae:95:ad:1c:a7:5a:89:16:43:16:
db:d8:32:fb:20:60:6d:83:2f:c5:c3:78:94:8d:35:4a:6b:67:
e9:42:0c:55:80:48:20:81:06:3b:80:10:24:b8:3b:18:99:2c:
7e:93:05:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9DtSgBsUUQ9XjE+kxzccsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA0MTMwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGEyYjY1ODllMTY3YjliOThhOTAzZGZmMTgwNGYyMjdkZjBjYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9DAkfbWRnSwLFwwmJQTNSk4wPUh
MLwIBuZebXIVvfiXBOh8FuQy7rwOhg9ZnbMK00REhpib/XmBJX5weofETkYPZzbE
lgmNJwzgo/W6VxtS9bTC0aC4kUD+DcvpQTi7aXwZswqzhTbHBaW8E3VURlfPEA4V
K+nXdvL5lZVREZy95FKglsxnfHHY9LjOgmEagMF+vkrweUSRPxbtGFXPr+ChdKsh
OAUu3AzI9bKX0ElF0M3ELPh+/PQFvCcgiG8A+SydJNMWdNQtHVB9TX2I/aN8PoAP
0u4T4bNph/z8grIJHHzPnBIQFdd1fjdjEc39PyuP4jpPImg/EDCjavnzqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIiitlieFnubmKkD3/GATyJ98MxzMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvaUtLMldKNFdlNXVZcVFQZjhZQlBJbjN3ekhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFpGkSEOi/ddA9dmYZgB
9xymN3i3CCj+rxJFcdpsBdpY2hvzT4bChRW3OMfSq/r808N92xvrMnwq87dBAfFn
G8RnFWq/viUnW97fOxOiznXLeIAaNRQi2R0GKTLTQvJPvX7Uc1WnQGmQLdr4XUom
aJmDawicCkWurY9Y8eleVptYjeFcm4HaTP8XjGHsmu6LLOMCaM/zqoVuMaxUHt1h
ZL6SOhzBmIKVcxkiOurUOsPSNfSvdrkLi/a6L/u5UwsFTNWBMXYMpARH9BeaiFVY
rpWtHKdaiRZDFtvYMvsgYG2DL8XDeJSNNUprZ+lCDFWASCCBBjuAECS4OxiZLH6T
BXo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:49 2025 by rpki-client