Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/qV102cD2p3f7UR4-ZRl9dbSvfY8.roa
File: qV102cD2p3f7UR4-ZRl9dbSvfY8.roa (raw, json)
Hash identifier: xDoBTfdCZ79lW5ej8Xk/Lczu9poZV2oY57oKhkffME0=
Subject key identifier: A9:5D:74:D9:C0:F6:A7:77:FB:51:1E:3E:65:19:7D:75:B4:AF:7D:8F
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F60E95A3AA72AB609BC82300AFA748E76
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/qV102cD2p3f7UR4-ZRl9dbSvfY8.roa
Signing time: Fri 10 May 2024 05:10:56 +0000
ROA not before: Fri 10 May 2024 05:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:60:e9:5a:3a:a7:2a:b6:09:bc:82:30:0a:fa:74:8e:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 10 05:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a95d74d9c0f6a777fb511e3e65197d75b4af7d8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:90:34:b5:3f:b4:3a:af:cd:93:15:0a:ce:5e:
66:68:8e:ed:1b:c7:5c:e4:05:3a:68:8f:39:49:61:
b9:25:45:f1:90:99:fc:19:67:32:67:9b:f6:06:e1:
20:f7:2f:83:3f:75:bc:34:5f:4a:31:6d:ec:21:09:
8b:bf:ad:e2:9b:9f:ce:ee:08:c6:f3:50:29:8b:75:
11:6f:56:cf:62:57:19:56:9e:1c:33:19:ec:fd:cd:
c3:9f:3c:e7:62:c3:58:c0:62:ff:c5:bd:17:e2:90:
c6:34:02:92:c6:4c:15:97:08:39:85:ee:e3:f5:5b:
52:30:a1:91:bd:62:4e:a9:22:0c:35:93:76:ad:a9:
69:af:3a:7b:b6:42:34:6c:4d:a7:ac:d0:19:f9:4b:
6f:be:52:69:ef:ab:a5:46:b3:c6:3b:5b:8e:e3:01:
b3:bd:b0:9e:ab:c2:fa:96:53:52:8e:a7:d9:3c:2d:
a6:78:d1:18:5c:f4:23:ce:58:7f:90:63:23:ff:16:
e8:1f:45:58:73:1f:24:88:64:a1:ca:eb:33:eb:82:
ba:4a:1b:65:a5:f9:55:ce:fc:7c:62:95:70:c3:98:
ef:9d:c4:1c:61:49:35:54:55:d3:97:d7:0b:e9:e3:
d3:a5:0b:37:ec:ac:0b:4f:1b:e2:2c:d7:4f:01:e6:
00:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:5D:74:D9:C0:F6:A7:77:FB:51:1E:3E:65:19:7D:75:B4:AF:7D:8F
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/qV102cD2p3f7UR4-ZRl9dbSvfY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:68:ce:6b:2c:35:b5:5c:1f:2f:0f:6e:22:45:5f:86:f7:1e:
4a:84:d3:dd:86:9b:37:e3:f7:29:c0:63:8c:d6:d6:7a:e7:64:
05:56:a8:f0:ef:37:b2:50:9e:fa:10:e4:51:4a:f0:1c:45:b5:
84:5f:64:0d:ec:39:da:4a:e8:3f:0e:24:ad:b6:9b:0b:de:ba:
90:bd:d0:a7:06:7f:d1:4c:d2:16:b7:d8:04:ec:b4:fd:e0:c6:
76:3d:25:37:ea:cc:e5:c1:03:5a:26:2b:72:2f:51:7d:e0:fa:
97:4d:f4:5a:41:1a:8d:26:33:70:94:ac:e5:7b:23:bd:2a:f0:
66:7c:8e:cd:24:59:13:15:f7:18:01:8d:0d:f9:3a:10:aa:4a:
6b:f1:17:e2:07:03:c6:20:00:ca:08:2e:cb:e6:6a:90:95:01:
ea:e0:05:6e:45:14:15:cd:82:a2:16:f3:fa:96:43:b4:58:d3:
19:7e:8d:7b:0a:3a:73:b1:e4:1b:84:d3:fc:e5:5c:f1:da:d1:
1d:06:04:e5:52:8e:96:ee:12:4d:d0:4d:58:b6:59:51:06:59:
48:7e:25:09:da:77:65:58:33:16:88:23:71:e7:43:b2:3f:36:
4d:64:e3:2f:99:9e:ea:73:f1:5b:a6:5c:f2:ff:ae:95:bd:73:
0f:40:cc:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9g6Vo6pyq2CbyCMAr6dI52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEwMDUxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTVkNzRkOWMwZjZhNzc3ZmI1MTFlM2U2NTE5N2Q3NWI0YWY3ZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJA0tT+0Oq/NkxUKzl5maI7tG8dc
5AU6aI85SWG5JUXxkJn8GWcyZ5v2BuEg9y+DP3W8NF9KMW3sIQmLv63im5/O7gjG
81Api3URb1bPYlcZVp4cMxns/c3DnzznYsNYwGL/xb0X4pDGNAKSxkwVlwg5he7j
9VtSMKGRvWJOqSIMNZN2ralprzp7tkI0bE2nrNAZ+UtvvlJp76ulRrPGO1uO4wGz
vbCeq8L6llNSjqfZPC2meNEYXPQjzlh/kGMj/xboH0VYcx8kiGShyusz64K6Shtl
pflVzvx8YpVww5jvncQcYUk1VFXTl9cL6ePTpQs37KwLTxviLNdPAeYArQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKlddNnA9qd3+1EePmUZfXW0r32PMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvcVYxMDJjRDJwM2Y3VVI0LVpSbDlkYlN2Zlk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD5ozmssNbVcHy8PbiJF
X4b3HkqE092Gmzfj9ynAY4zW1nrnZAVWqPDvN7JQnvoQ5FFK8BxFtYRfZA3sOdpK
6D8OJK22mwveupC90KcGf9FM0ha32ATstP3gxnY9JTfqzOXBA1omK3IvUX3g+pdN
9FpBGo0mM3CUrOV7I70q8GZ8js0kWRMV9xgBjQ35OhCqSmvxF+IHA8YgAMoILsvm
apCVAergBW5FFBXNgqIW8/qWQ7RY0xl+jXsKOnOx5BuE0/zlXPHa0R0GBOVSjpbu
Ek3QTVi2WVEGWUh+JQnad2VYMxaII3HnQ7I/Nk1k4y+Znupz8VumXPL/rpW9cw9A
zGE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:26 2025 by rpki-client