Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rzgD5BupEqfLDKMY6_vVnimec6c.roa
File: rzgD5BupEqfLDKMY6_vVnimec6c.roa (raw, json)
Hash identifier: jdW6jdgVL0LEP4faLT+cizgtXl91q6vFvPoYKAvBI8E=
Subject key identifier: AF:38:03:E4:1B:A9:12:A7:CB:0C:A3:18:EB:FB:D5:9E:29:9E:73:A7
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F45721B44EDBA9390E5DB9414B1F80BEB
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rzgD5BupEqfLDKMY6_vVnimec6c.roa
Signing time: Sat 04 May 2024 21:10:56 +0000
ROA not before: Sat 04 May 2024 21:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:45:72:1b:44:ed:ba:93:90:e5:db:94:14:b1:f8:0b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 4 21:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af3803e41ba912a7cb0ca318ebfbd59e299e73a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5c:71:28:69:e3:d3:bc:33:db:89:51:e2:9c:
47:ee:17:5a:d1:31:96:f6:08:ad:4f:96:54:04:11:
54:31:9d:92:7a:e9:75:c6:cc:f3:7c:11:97:12:bb:
fb:ab:23:0c:b9:cd:15:5b:25:46:51:67:cc:12:1f:
5a:8b:3a:e4:cd:31:c5:a3:10:94:cc:fe:c7:55:43:
59:af:37:f0:34:97:85:bf:b7:04:94:b4:fa:54:6c:
a0:e1:fd:c5:ab:34:b8:ca:ad:07:48:f0:ee:aa:af:
86:22:fc:13:2d:23:7b:6c:fa:e6:78:01:f7:a2:e8:
c6:79:2a:57:05:ff:83:1d:45:d0:6c:dc:66:c8:91:
22:99:73:cc:05:b1:29:ba:ee:e5:86:1e:91:fe:63:
53:0a:87:7a:34:a0:33:a6:0e:ff:bb:31:3a:c7:03:
5b:46:0b:c5:86:25:c3:1d:68:f4:5e:06:f9:d4:6d:
8f:01:71:d2:b7:24:c1:f4:a6:14:93:5e:97:53:71:
33:9c:d7:3f:43:f0:43:3c:dd:66:d0:5b:50:ad:65:
ab:c3:7b:d3:f8:81:24:d9:07:91:50:fc:58:20:36:
cf:30:3c:52:35:bd:33:df:d3:e9:bc:71:68:c4:8f:
67:f0:e7:06:a7:95:f7:1e:75:e7:8c:56:54:81:66:
db:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:38:03:E4:1B:A9:12:A7:CB:0C:A3:18:EB:FB:D5:9E:29:9E:73:A7
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rzgD5BupEqfLDKMY6_vVnimec6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:17:a4:0c:a4:02:1c:bc:9c:4b:72:60:82:00:14:f0:78:29:
46:83:81:5f:3d:32:76:aa:cb:ff:56:e2:f4:20:34:b5:ba:50:
f4:28:a5:15:eb:88:b4:77:86:8a:e0:2b:41:cf:0c:2d:c3:ed:
62:24:a4:f2:e5:12:78:f1:57:92:0b:eb:a1:d0:b3:da:d4:d9:
da:ec:6b:5c:c9:0d:90:66:0b:61:b5:aa:66:ee:c5:c9:93:51:
39:83:5a:91:16:82:ca:03:a2:9b:4f:13:af:01:ee:94:17:fb:
3b:fb:5b:09:a7:9e:0c:3c:f7:da:8c:1f:97:a8:1d:1f:e6:56:
55:1a:3b:54:b3:dc:e0:12:62:38:1d:20:d4:fb:b9:18:48:13:
2f:5b:b5:eb:57:69:74:16:c1:e5:93:0c:12:71:17:dd:8f:9b:
4b:ad:c9:fe:71:2c:59:00:a4:c2:10:1e:77:09:ca:0b:4a:da:
8d:ac:72:a4:b3:f7:86:10:8f:6d:d1:ac:c8:8b:75:26:bb:dd:
4b:c3:05:68:d8:26:e2:5a:33:7f:e0:56:00:93:ab:45:8d:32:
62:ed:2b:13:a5:6b:8d:a3:c0:4a:98:58:1d:ec:8b:32:e0:88:
1e:20:c6:67:d7:e5:14:0b:29:7b:f6:39:44:7d:f9:f2:d2:ce:
14:c7:d0:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9FchtE7bqTkOXblBSx+AvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA0MjExMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjM4MDNlNDFiYTkxMmE3Y2IwY2EzMThlYmZiZDU5ZTI5OWU3M2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1xxKGnj07wz24lR4pxH7hda0TGW
9gitT5ZUBBFUMZ2Seul1xszzfBGXErv7qyMMuc0VWyVGUWfMEh9aizrkzTHFoxCU
zP7HVUNZrzfwNJeFv7cElLT6VGyg4f3FqzS4yq0HSPDuqq+GIvwTLSN7bPrmeAH3
oujGeSpXBf+DHUXQbNxmyJEimXPMBbEpuu7lhh6R/mNTCod6NKAzpg7/uzE6xwNb
RgvFhiXDHWj0Xgb51G2PAXHStyTB9KYUk16XU3EznNc/Q/BDPN1m0FtQrWWrw3vT
+IEk2QeRUPxYIDbPMDxSNb0z39PpvHFoxI9n8OcGp5X3HnXnjFZUgWbbiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK84A+QbqRKnywyjGOv71Z4pnnOnMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvcnpnRDVCdXBFcWZMREtNWTZfdlZuaW1lYzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACwXpAykAhy8nEtyYIIA
FPB4KUaDgV89Mnaqy/9W4vQgNLW6UPQopRXriLR3horgK0HPDC3D7WIkpPLlEnjx
V5IL66HQs9rU2drsa1zJDZBmC2G1qmbuxcmTUTmDWpEWgsoDoptPE68B7pQX+zv7
Wwmnngw899qMH5eoHR/mVlUaO1Sz3OASYjgdINT7uRhIEy9btetXaXQWweWTDBJx
F92Pm0utyf5xLFkApMIQHncJygtK2o2scqSz94YQj23RrMiLdSa73UvDBWjYJuJa
M3/gVgCTq0WNMmLtKxOla42jwEqYWB3sizLgiB4gxmfX5RQLKXv2OUR9+fLSzhTH
0H4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:52:56 2025 by rpki-client