Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jPPT2n3HdogYNCT3fR28a1rFpjo.roa
File: jPPT2n3HdogYNCT3fR28a1rFpjo.roa (raw, json)
Hash identifier: Kx/1ompGRu8IAnG0fDmrO+yYOKprw+0Thpud7Go8Vyc=
Subject key identifier: 8C:F3:D3:DA:7D:C7:76:88:18:34:24:F7:7D:1D:BC:6B:5A:C5:A6:3A
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F44614645C1DB58B4AF35CCA1ABFFFCD3
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jPPT2n3HdogYNCT3fR28a1rFpjo.roa
Signing time: Sat 04 May 2024 16:12:56 +0000
ROA not before: Sat 04 May 2024 16:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:44:61:46:45:c1:db:58:b4:af:35:cc:a1:ab:ff:fc:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 4 16:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cf3d3da7dc77688183424f77d1dbc6b5ac5a63a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c3:29:5e:ca:9e:11:9f:e1:83:30:1a:3e:b8:
6c:1d:de:fc:75:2c:6f:c1:c9:c4:f7:f9:55:81:57:
ad:28:50:f8:60:48:7a:82:d1:db:7e:bc:29:ac:d1:
20:17:34:26:0c:4d:b5:c9:87:e6:09:b4:20:27:26:
96:1a:15:05:af:1a:5a:d9:5f:1c:3d:8b:6d:76:10:
df:ae:31:d7:53:69:b9:73:37:ed:da:61:31:fa:5b:
64:a7:74:c4:e1:6d:8f:e5:c2:a2:b0:05:36:01:6f:
31:1a:53:27:92:94:23:d2:e3:b5:5b:cd:d9:9d:ef:
54:c8:3f:72:6f:e2:0c:81:26:82:ea:1e:10:16:26:
01:28:58:14:a0:7c:70:e6:81:6b:8f:4a:fc:84:33:
87:c1:41:23:3b:9c:5c:b5:d8:02:61:56:99:31:3a:
fc:22:91:32:d5:0c:e6:30:ff:1e:12:d0:1f:08:37:
b7:2b:b4:88:fc:e0:08:9d:90:ad:b0:eb:eb:bd:9e:
a9:c3:74:18:a2:08:0b:54:28:c8:57:f7:02:37:0a:
a0:ff:03:56:5e:34:30:de:c6:66:1e:cd:ce:11:de:
0d:4c:99:26:28:01:0e:1d:90:aa:3c:1f:ca:5d:1f:
81:71:c0:20:d7:1a:50:da:57:b7:e7:fe:2b:18:5c:
ae:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F3:D3:DA:7D:C7:76:88:18:34:24:F7:7D:1D:BC:6B:5A:C5:A6:3A
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jPPT2n3HdogYNCT3fR28a1rFpjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c9:75:2f:90:8b:ab:33:1d:46:51:e4:08:97:e4:d3:04:4b:01:
bf:f7:ab:f5:4e:9d:25:8b:ce:67:84:e6:f5:6c:3d:6a:63:87:
f6:1b:d7:a6:b4:0e:92:1b:bb:0c:f2:14:05:71:2b:68:06:7d:
52:35:ec:94:7d:db:21:40:11:82:49:51:10:2f:40:b5:0a:cd:
d1:fa:5e:7e:27:c8:75:3b:a4:2a:6a:54:bb:42:8e:e5:07:f3:
7a:c4:74:a9:89:c4:0f:f8:5f:bf:3c:d9:ff:f3:d7:d2:05:51:
35:e5:5e:1f:18:6f:87:78:39:90:a3:ce:2b:bb:f4:4a:2a:cd:
56:b8:85:6c:24:88:a6:d9:f1:69:8a:dc:d3:e5:21:cd:18:29:
ec:17:f8:5a:2b:98:4c:61:55:5b:f1:a0:a4:59:b8:a2:99:66:
63:8e:36:99:a2:a8:a1:25:b0:31:d0:ad:2f:9c:e0:fd:c1:16:
1d:45:46:93:ff:fb:ae:cb:1c:1b:ef:f2:59:cd:23:af:02:d4:
83:46:1d:f5:17:d5:72:8d:e9:2a:6d:0d:43:e7:0f:76:b1:1e:
99:e5:dd:3d:68:74:03:b1:51:d8:74:d1:e2:ac:3f:c5:e6:ef:
6d:0a:d3:ee:b3:4b:ea:66:40:9c:7a:72:1b:7c:f5:d8:d0:e3:
5d:66:f7:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9EYUZFwdtYtK81zKGr//zTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA0MTYxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2YzZDNkYTdkYzc3Njg4MTgzNDI0Zjc3ZDFkYmM2YjVhYzVhNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsMpXsqeEZ/hgzAaPrhsHd78dSxv
wcnE9/lVgVetKFD4YEh6gtHbfrwprNEgFzQmDE21yYfmCbQgJyaWGhUFrxpa2V8c
PYttdhDfrjHXU2m5czft2mEx+ltkp3TE4W2P5cKisAU2AW8xGlMnkpQj0uO1W83Z
ne9UyD9yb+IMgSaC6h4QFiYBKFgUoHxw5oFrj0r8hDOHwUEjO5xctdgCYVaZMTr8
IpEy1QzmMP8eEtAfCDe3K7SI/OAInZCtsOvrvZ6pw3QYoggLVCjIV/cCNwqg/wNW
XjQw3sZmHs3OEd4NTJkmKAEOHZCqPB/KXR+BccAg1xpQ2le35/4rGFyujwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIzz09p9x3aIGDQk930dvGtaxaY6MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvalBQVDJuM0hkb2dZTkNUM2ZSMjhhMXJGcGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMl1L5CLqzMdRlHkCJfk
0wRLAb/3q/VOnSWLzmeE5vVsPWpjh/Yb16a0DpIbuwzyFAVxK2gGfVI17JR92yFA
EYJJURAvQLUKzdH6Xn4nyHU7pCpqVLtCjuUH83rEdKmJxA/4X7882f/z19IFUTXl
Xh8Yb4d4OZCjziu79EoqzVa4hWwkiKbZ8WmK3NPlIc0YKewX+FormExhVVvxoKRZ
uKKZZmOONpmiqKElsDHQrS+c4P3BFh1FRpP/+67LHBvv8lnNI68C1INGHfUX1XKN
6SptDUPnD3axHpnl3T1odAOxUdh00eKsP8Xm720K0+6zS+pmQJx6cht89djQ411m
94Y=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:53:48 2025 by rpki-client