Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/kOwuTEKtYxCoFAyvBc59vSWe2nI.roa
File: kOwuTEKtYxCoFAyvBc59vSWe2nI.roa (raw, json)
Hash identifier: RUwWqXWjZB9gsdSu6/qrUD8TZeKtsidiax/715fPaF8=
Subject key identifier: 90:EC:2E:4C:42:AD:63:10:A8:14:0C:AF:05:CE:7D:BD:25:9E:DA:72
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9A6DE5CFD6582388BBB5CDF8EE7B47F5
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/kOwuTEKtYxCoFAyvBc59vSWe2nI.roa
Signing time: Tue 21 May 2024 09:14:04 +0000
ROA not before: Tue 21 May 2024 09:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9a:6d:e5:cf:d6:58:23:88:bb:b5:cd:f8:ee:7b:47:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 09:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90ec2e4c42ad6310a8140caf05ce7dbd259eda72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:72:e8:e7:72:b8:84:44:57:4a:da:8a:e9:a8:
19:c4:22:07:89:65:88:5f:1d:4c:8c:c8:b4:d3:1f:
dc:9f:c3:d9:03:62:d5:e3:d4:17:24:72:90:72:67:
f9:e4:bf:f6:09:4f:43:b8:85:3b:bb:d2:3a:7c:e3:
f0:f7:e6:66:f7:a8:81:16:0b:67:94:39:2f:2f:a4:
95:00:7d:97:02:d3:76:bd:6c:a5:55:ac:21:21:1a:
ea:7f:2c:67:a4:03:be:98:cc:5f:a0:a8:90:83:cd:
df:d1:f0:d0:95:1b:a2:b5:e9:60:60:30:9a:66:fe:
23:e7:40:1c:3c:94:11:32:f5:e2:d2:24:3e:73:08:
e2:37:89:20:53:9e:e3:c2:df:68:06:36:e3:06:d4:
a1:eb:b2:69:00:28:e8:d5:b2:e1:59:4c:1b:d8:60:
54:fb:fa:af:40:3a:9d:0f:8d:01:81:78:f5:3e:22:
d7:91:0d:3b:66:c2:ad:c5:be:3d:79:89:ec:02:3f:
da:07:83:a1:6e:53:52:8a:be:91:db:37:10:f7:fd:
b8:f6:fd:88:45:92:95:54:27:03:af:c6:80:71:e9:
93:36:76:89:3d:05:0e:75:2b:6f:92:18:6a:95:47:
28:79:67:38:a8:95:a9:a9:e0:c5:e8:bc:7c:2f:ab:
7d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:EC:2E:4C:42:AD:63:10:A8:14:0C:AF:05:CE:7D:BD:25:9E:DA:72
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/kOwuTEKtYxCoFAyvBc59vSWe2nI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:07:82:d2:5a:39:1d:b2:75:7c:5d:ee:51:cf:ba:f6:87:a4:
84:a1:ad:12:e3:a1:9f:5d:ca:4b:1c:56:20:6b:f7:76:d2:54:
c1:b9:1d:38:cd:f2:42:58:8b:13:c8:db:1f:94:21:04:09:dd:
93:1d:b3:8c:36:22:f8:5c:4a:9c:f6:f0:e3:d4:79:dd:6f:b4:
70:ea:3f:7e:4c:9c:2c:eb:82:1a:3f:8e:1d:4c:da:27:40:c3:
c5:b5:11:d6:af:7a:16:63:33:d3:53:cf:76:56:88:d6:3b:a4:
ab:b2:b4:95:59:43:02:aa:aa:16:90:ab:66:7b:f6:80:32:c1:
6b:d1:80:4b:2e:b7:a9:f8:05:ff:b2:bf:6d:47:98:ac:22:68:
d8:c0:78:67:e0:f5:50:67:66:22:5b:63:8f:57:27:9a:ab:b2:
d9:29:f9:05:0f:a8:b5:79:51:b6:d1:32:1f:fe:a4:f4:dd:44:
a2:0e:cd:5d:15:59:8d:9b:39:27:4d:93:37:06:07:87:9a:90:
6e:6e:21:f7:85:e3:ea:4c:8a:05:79:85:3f:4f:d5:43:b8:c6:
03:98:52:be:0c:e2:d3:bc:05:49:e4:bf:b4:56:e6:74:15:45:
be:6d:78:b6:93:a8:4c:66:55:d8:c6:03:92:98:df:3b:74:29:
7a:cf:ad:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+abeXP1lgjiLu1zfjue0f1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMDkxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGVjMmU0YzQyYWQ2MzEwYTgxNDBjYWYwNWNlN2RiZDI1OWVkYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HLo53K4hERXStqK6agZxCIHiWWI
Xx1MjMi00x/cn8PZA2LV49QXJHKQcmf55L/2CU9DuIU7u9I6fOPw9+Zm96iBFgtn
lDkvL6SVAH2XAtN2vWylVawhIRrqfyxnpAO+mMxfoKiQg83f0fDQlRuitelgYDCa
Zv4j50AcPJQRMvXi0iQ+cwjiN4kgU57jwt9oBjbjBtSh67JpACjo1bLhWUwb2GBU
+/qvQDqdD40BgXj1PiLXkQ07ZsKtxb49eYnsAj/aB4OhblNSir6R2zcQ9/249v2I
RZKVVCcDr8aAcemTNnaJPQUOdStvkhhqlUcoeWc4qJWpqeDF6Lx8L6t9RwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJDsLkxCrWMQqBQMrwXOfb0lntpyMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEva093dVRFS3RZeENvRkF5dkJjNTl2U1dlMm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGcHgtJaOR2ydXxd7lHP
uvaHpIShrRLjoZ9dykscViBr93bSVMG5HTjN8kJYixPI2x+UIQQJ3ZMds4w2Ivhc
Spz28OPUed1vtHDqP35MnCzrgho/jh1M2idAw8W1EdavehZjM9NTz3ZWiNY7pKuy
tJVZQwKqqhaQq2Z79oAywWvRgEsut6n4Bf+yv21HmKwiaNjAeGfg9VBnZiJbY49X
J5qrstkp+QUPqLV5UbbRMh/+pPTdRKIOzV0VWY2bOSdNkzcGB4eakG5uIfeF4+pM
igV5hT9P1UO4xgOYUr4M4tO8BUnkv7RW5nQVRb5teLaTqExmVdjGA5KY3zt0KXrP
rbM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:22:21 2025 by rpki-client