Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ikOuU1BfFaN3XFvPIixVh6uDZeI.roa
File: ikOuU1BfFaN3XFvPIixVh6uDZeI.roa (raw, json)
Hash identifier: 2u73eGUa0r6ugomhwdQQdQIDpmQmKDGc0CGK21KlpZg=
Subject key identifier: 8A:43:AE:53:50:5F:15:A3:77:5C:5B:CF:22:2C:55:87:AB:83:65:E2
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F423A20DAA8AFA6865D682BF4469C1627
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ikOuU1BfFaN3XFvPIixVh6uDZeI.roa
Signing time: Sat 04 May 2024 06:10:56 +0000
ROA not before: Sat 04 May 2024 06:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:42:3a:20:da:a8:af:a6:86:5d:68:2b:f4:46:9c:16:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 4 06:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a43ae53505f15a3775c5bcf222c5587ab8365e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:08:61:5b:e7:3e:a8:86:9c:88:df:0b:99:57:
cc:fb:eb:a6:9f:50:9d:0f:6e:de:c4:02:7a:ba:1f:
da:33:b0:d5:95:df:9b:4a:0f:91:70:d8:62:fa:d0:
7b:b0:cd:22:e4:9d:d8:e0:e4:bf:09:c0:63:e7:73:
75:0e:b2:2e:d8:76:f0:58:76:33:2a:ba:5d:87:da:
86:81:99:5b:e9:b8:8d:51:21:76:9f:d8:59:80:f3:
86:26:47:91:8a:a2:d2:84:cf:d3:d4:f7:8d:c5:ce:
d4:3d:81:04:6a:6e:21:da:2a:4e:5d:31:9c:9d:1f:
0d:df:7e:e0:0e:fe:7c:f1:63:27:f4:44:85:84:f3:
f5:d3:c1:a3:25:ba:b1:fa:79:11:88:a2:2a:28:d7:
58:a7:c6:bd:8f:2d:fb:a5:76:98:68:9d:fd:12:d0:
e8:13:76:5b:cc:5e:3b:58:26:33:a1:e9:60:00:63:
6a:86:f0:ca:75:1b:50:8f:6c:52:db:be:bd:1e:66:
c5:41:c7:2f:39:14:c2:c9:17:73:8c:d7:df:e2:95:
83:91:42:77:b3:8d:45:b7:a4:f1:58:f4:51:8d:d8:
92:b5:b4:db:95:bf:a5:d5:0f:6a:8a:21:e7:9a:d1:
0e:f7:f2:bd:c3:a8:4b:47:ab:4d:f4:19:13:bf:3c:
d3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:43:AE:53:50:5F:15:A3:77:5C:5B:CF:22:2C:55:87:AB:83:65:E2
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ikOuU1BfFaN3XFvPIixVh6uDZeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:ed:d7:a6:f1:7b:ad:a3:ef:77:96:23:57:51:85:16:41:6a:
ab:ec:16:45:f6:d1:bd:43:02:a4:8a:7c:60:2f:7c:8b:45:b7:
99:ef:a5:95:b9:91:c4:7b:12:46:46:0d:71:b4:ec:1c:ba:19:
ab:3b:67:52:1c:15:26:62:28:c1:a7:4d:cb:4c:88:cc:5d:5b:
d6:68:be:e5:b1:2f:10:4c:d3:42:8f:45:7f:b3:51:a5:0b:55:
17:a4:27:82:9f:5f:fe:56:5e:9e:f4:22:1b:27:7f:3c:bd:75:
0e:69:3c:bd:61:65:8e:c2:ad:de:09:0c:2c:13:36:fd:3c:17:
39:91:61:86:90:3d:12:c2:3a:ed:75:4a:c9:2c:06:b9:a7:0d:
ea:ec:b5:f1:aa:b6:49:d9:51:94:5e:7d:d5:83:c0:85:0d:82:
82:45:8d:71:e2:79:6d:72:42:09:5a:2d:e3:e9:30:00:a0:9a:
39:8a:3c:d1:d0:12:28:4b:12:04:0d:85:68:55:9b:fa:2c:e1:
67:4c:33:e3:1b:46:9c:ba:d8:14:43:36:fb:65:54:20:7a:17:
d0:fc:83:9e:69:05:b3:c6:48:b1:03:ac:7c:c3:3d:58:66:9f:
a2:36:04:c1:d3:ee:38:f3:f3:da:c6:cf:13:cf:54:88:87:f8:
a1:35:67:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9COiDaqK+mhl1oK/RGnBYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA0MDYxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQzYWU1MzUwNWYxNWEzNzc1YzViY2YyMjJjNTU4N2FiODM2NWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAhhW+c+qIaciN8LmVfM++umn1Cd
D27exAJ6uh/aM7DVld+bSg+RcNhi+tB7sM0i5J3Y4OS/CcBj53N1DrIu2HbwWHYz
Krpdh9qGgZlb6biNUSF2n9hZgPOGJkeRiqLShM/T1PeNxc7UPYEEam4h2ipOXTGc
nR8N337gDv588WMn9ESFhPP108GjJbqx+nkRiKIqKNdYp8a9jy37pXaYaJ39EtDo
E3ZbzF47WCYzoelgAGNqhvDKdRtQj2xS2769HmbFQccvORTCyRdzjNff4pWDkUJ3
s41Ft6TxWPRRjdiStbTblb+l1Q9qiiHnmtEO9/K9w6hLR6tN9BkTvzzTwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIpDrlNQXxWjd1xbzyIsVYerg2XiMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvaWtPdVUxQmZGYU4zWEZ2UElpeFZoNnVEWmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD/t16bxe62j73eWI1dR
hRZBaqvsFkX20b1DAqSKfGAvfItFt5nvpZW5kcR7EkZGDXG07By6Gas7Z1IcFSZi
KMGnTctMiMxdW9ZovuWxLxBM00KPRX+zUaULVRekJ4KfX/5WXp70Ihsnfzy9dQ5p
PL1hZY7Crd4JDCwTNv08FzmRYYaQPRLCOu11SsksBrmnDerstfGqtknZUZRefdWD
wIUNgoJFjXHieW1yQglaLePpMACgmjmKPNHQEihLEgQNhWhVm/os4WdMM+MbRpy6
2BRDNvtlVCB6F9D8g55pBbPGSLEDrHzDPVhmn6I2BMHT7jjz89rGzxPPVIiH+KE1
Z5U=
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:14:08 2025 by rpki-client