Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rtNUN6H927aZAqpnTUP_sZpXMUI.roa
File: rtNUN6H927aZAqpnTUP_sZpXMUI.roa (raw, json)
Hash identifier: VkqTOhTM+TwOFgoe3MaxFB15Zam0ubAVCVFM/NXzRIQ=
Subject key identifier: AE:D3:54:37:A1:FD:DB:B6:99:02:AA:67:4D:43:FF:B1:9A:57:31:42
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F53CD07A3FCD30D1F5826016CD8448BFF
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rtNUN6H927aZAqpnTUP_sZpXMUI.roa
Signing time: Tue 07 May 2024 16:04:56 +0000
ROA not before: Tue 07 May 2024 16:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:53cc:6637/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:cd:07:a3:fc:d3:0d:1f:58:26:01:6c:d8:44:8b:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 7 16:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aed35437a1fddbb69902aa674d43ffb19a573142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:59:f5:af:c3:55:e7:87:f8:b4:20:de:a1:97:
a3:b1:3f:28:62:c4:39:6c:fc:df:cf:02:b6:7c:2a:
aa:68:d8:26:56:82:e3:85:98:e0:04:6f:5e:93:aa:
9e:65:3e:32:b2:c6:51:d0:3d:68:84:6d:99:7b:26:
a0:3b:e8:1e:29:01:68:5b:b9:72:7b:2d:9c:a3:07:
bd:f0:05:ea:e5:b1:5c:55:8b:7d:5e:67:2f:75:c5:
7c:a4:f8:42:00:87:c4:b7:48:ae:8d:46:01:f2:9c:
34:70:85:a7:9b:3c:e9:e0:30:cb:1a:44:67:e5:01:
f8:58:7e:df:c9:ff:70:a8:ee:3d:ce:4b:32:1e:d5:
2d:0b:51:cf:84:c9:06:60:36:7c:55:9d:77:69:77:
fb:f4:14:5c:b0:1b:03:05:f5:80:77:78:39:4e:35:
5c:a5:2e:44:ff:de:47:c7:71:b8:f0:57:79:e4:ee:
f4:f2:e9:42:62:47:d6:8d:96:f4:34:33:29:6f:64:
35:f4:f0:7f:53:92:d2:da:4d:de:e7:51:9c:02:a5:
a2:e5:05:fc:b9:50:fd:74:d9:61:6d:4f:87:39:58:
ab:36:52:fe:2c:41:75:ab:0a:b3:69:f3:8d:1d:4d:
98:0a:cd:08:c2:f4:35:dd:b5:38:1e:8b:9b:8c:3c:
0c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D3:54:37:A1:FD:DB:B6:99:02:AA:67:4D:43:FF:B1:9A:57:31:42
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rtNUN6H927aZAqpnTUP_sZpXMUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:51:01:86:17:4b:78:dd:f8:d0:bc:36:87:6b:dd:11:16:0e:
8e:9f:89:78:5d:04:d0:3d:e9:55:aa:77:bc:fb:a0:64:b5:80:
e0:57:2a:a0:be:a8:72:12:96:37:fa:25:e8:6d:c2:f0:4a:68:
af:e5:dc:1d:64:47:19:08:e5:ea:60:16:bd:bf:28:28:ec:bf:
5c:fb:17:e7:83:4e:4e:f1:46:c7:27:dd:be:cc:36:88:5f:e4:
2e:2b:57:dd:26:e4:d7:10:b5:4b:a8:d4:4e:cc:62:83:bc:f7:
da:e1:dc:5e:6e:61:75:22:97:f0:9f:9f:84:0c:aa:f6:2c:3e:
c7:36:e1:1f:38:62:b2:f4:87:38:19:5f:3b:14:03:a1:ae:91:
92:a5:c8:31:6d:3d:33:85:82:18:96:dc:11:9c:c6:0d:48:8d:
c5:91:94:66:c7:e4:2e:33:1d:19:48:8e:c4:74:9e:a7:4c:f8:
31:68:87:a1:a7:ad:9e:d1:bd:41:5c:1b:fd:8c:45:0a:48:3a:
50:f4:9f:fc:82:fd:4a:de:b2:6a:99:ea:9a:f2:00:a8:9a:b3:
1c:e5:c5:7f:10:f4:39:00:24:5d:54:2b:6c:f5:e8:43:a7:26:
b3:07:d3:52:8a:8f:ae:0e:63:0d:e7:70:19:df:d1:45:17:ca:
47:94:c1:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9TzQej/NMNH1gmAWzYRIv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA3MTYwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQzNTQzN2ExZmRkYmI2OTkwMmFhNjc0ZDQzZmZiMTlhNTczMTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01n1r8NV54f4tCDeoZejsT8oYsQ5
bPzfzwK2fCqqaNgmVoLjhZjgBG9ek6qeZT4yssZR0D1ohG2ZeyagO+geKQFoW7ly
ey2cowe98AXq5bFcVYt9XmcvdcV8pPhCAIfEt0iujUYB8pw0cIWnmzzp4DDLGkRn
5QH4WH7fyf9wqO49zksyHtUtC1HPhMkGYDZ8VZ13aXf79BRcsBsDBfWAd3g5TjVc
pS5E/95Hx3G48Fd55O708ulCYkfWjZb0NDMpb2Q19PB/U5LS2k3e51GcAqWi5QX8
uVD9dNlhbU+HOVirNlL+LEF1qwqzafONHU2YCs0IwvQ13bU4HoubjDwMyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK7TVDeh/du2mQKqZ01D/7GaVzFCMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvcnROVU42SDkyN2FaQXFwblRVUF9zWnBYTVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEBRAYYXS3jd+NC8Nodr
3REWDo6fiXhdBNA96VWqd7z7oGS1gOBXKqC+qHISljf6JehtwvBKaK/l3B1kRxkI
5epgFr2/KCjsv1z7F+eDTk7xRscn3b7MNohf5C4rV90m5NcQtUuo1E7MYoO899rh
3F5uYXUil/Cfn4QMqvYsPsc24R84YrL0hzgZXzsUA6GukZKlyDFtPTOFghiW3BGc
xg1IjcWRlGbH5C4zHRlIjsR0nqdM+DFoh6GnrZ7RvUFcG/2MRQpIOlD0n/yC/Ure
smqZ6pryAKiasxzlxX8Q9DkAJF1UK2z16EOnJrMH01KKj64OYw3ncBnf0UUXykeU
wSg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:21:11 2025 by rpki-client