Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/uF3GlQu03kjy89eI6esXMnOONMA.roa
File: uF3GlQu03kjy89eI6esXMnOONMA.roa (raw, json)
Hash identifier: TNKZIsdR6LcnTFeyqPrgKtYDE4abvUe4YitaSD4+77I=
Subject key identifier: B8:5D:C6:95:0B:B4:DE:48:F2:F3:D7:88:E9:EB:17:32:73:8E:34:C0
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F371382F3014EE46EFCFFB2C264F9844B
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/uF3GlQu03kjy89eI6esXMnOONMA.roa
Signing time: Thu 02 May 2024 02:12:56 +0000
ROA not before: Thu 02 May 2024 02:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:37:13:82:f3:01:4e:e4:6e:fc:ff:b2:c2:64:f9:84:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 2 02:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b85dc6950bb4de48f2f3d788e9eb1732738e34c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5c:61:9f:f1:8b:73:6f:e6:38:a1:d0:8a:1e:
a9:0b:6f:97:61:9f:48:28:1d:f8:0d:90:ef:c6:e8:
69:b3:b7:09:d9:e8:fa:bd:39:61:e9:62:0e:86:ba:
5c:ac:bd:5d:b2:31:08:ef:04:fc:16:8c:f0:b1:07:
92:fc:09:af:28:de:b3:eb:ac:8c:49:a2:9f:de:76:
46:af:08:d4:6c:7e:e3:35:75:3c:6d:2c:89:c6:07:
65:a5:83:38:88:17:fc:53:db:90:93:f9:6f:11:23:
01:32:ea:a4:4e:99:2e:31:9a:01:34:42:8e:d9:b0:
93:66:ed:5e:dc:67:a5:2e:fa:04:ee:0f:da:95:ff:
19:c0:e9:32:21:94:ab:aa:4f:6d:5d:2f:ba:26:66:
9a:8c:ff:ec:12:a7:00:ba:fd:d2:6a:f8:0c:c6:1e:
12:6e:43:f1:af:bf:5b:51:95:42:c2:a7:84:d3:3b:
eb:e4:5a:f1:4a:e5:89:5c:7b:9e:d5:c1:35:19:5d:
b9:fa:36:35:61:b5:80:2d:d7:d8:d2:2b:32:5f:0a:
9f:ca:dc:1f:4b:b8:94:69:cd:4d:04:72:bc:63:eb:
28:8b:92:ca:17:21:57:24:59:3f:71:44:cb:22:17:
54:25:ad:53:a7:8f:dc:cc:25:68:5c:88:0f:24:ed:
fc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5D:C6:95:0B:B4:DE:48:F2:F3:D7:88:E9:EB:17:32:73:8E:34:C0
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/uF3GlQu03kjy89eI6esXMnOONMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:0f:ef:10:fe:ed:99:87:b3:66:c2:92:04:41:27:6a:b9:41:
42:a0:f0:e2:12:77:72:b0:29:0e:4e:4a:65:bc:9e:7b:a4:d1:
50:eb:cd:ad:4c:5d:07:5e:87:78:66:0e:c8:eb:56:26:21:36:
9e:7e:0e:74:ee:30:72:e8:3b:14:b6:a8:ed:6c:00:ae:5c:99:
83:79:35:f6:64:f2:aa:2f:92:16:13:af:5f:9f:e9:9a:a6:3b:
ff:ae:7e:d0:67:24:04:38:73:48:40:18:5e:c0:ff:c6:c8:87:
a0:54:77:00:f5:c1:73:f2:0d:a1:69:65:11:1e:dc:e8:52:20:
0e:1f:0e:c7:de:03:cd:49:a7:87:b5:4d:b0:5a:3c:56:72:aa:
03:90:f6:e3:2f:d2:35:90:c4:79:3e:57:88:bb:4c:93:5b:e9:
81:cf:41:d4:df:12:e0:98:bf:b2:c0:b1:c4:49:47:40:01:16:
4d:1a:46:e8:88:85:75:98:69:94:44:82:36:64:67:5c:56:71:
7f:1f:65:f1:28:50:c2:0d:67:8a:5e:65:1a:b4:d7:d1:d4:c6:
e7:23:ca:19:52:24:05:7a:13:7e:d6:85:62:d4:c4:e8:34:92:
e5:3c:6c:9c:04:63:82:6e:a7:49:e2:60:41:e4:0c:9e:3f:e5:
ce:3e:a3:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY83E4LzAU7kbvz/ssJk+YRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAyMDIxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODVkYzY5NTBiYjRkZTQ4ZjJmM2Q3ODhlOWViMTczMjczOGUzNGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Fxhn/GLc2/mOKHQih6pC2+XYZ9I
KB34DZDvxuhps7cJ2ej6vTlh6WIOhrpcrL1dsjEI7wT8FozwsQeS/AmvKN6z66yM
SaKf3nZGrwjUbH7jNXU8bSyJxgdlpYM4iBf8U9uQk/lvESMBMuqkTpkuMZoBNEKO
2bCTZu1e3GelLvoE7g/alf8ZwOkyIZSrqk9tXS+6JmaajP/sEqcAuv3SavgMxh4S
bkPxr79bUZVCwqeE0zvr5FrxSuWJXHue1cE1GV25+jY1YbWALdfY0isyXwqfytwf
S7iUac1NBHK8Y+soi5LKFyFXJFk/cUTLIhdUJa1Tp4/czCVoXIgPJO38bQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLhdxpULtN5I8vPXiOnrFzJzjjTAMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvdUYzR2xRdTAza2p5ODllSTZlc1hNbk9PTk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABIP7xD+7ZmHs2bCkgRB
J2q5QUKg8OISd3KwKQ5OSmW8nnuk0VDrza1MXQdeh3hmDsjrViYhNp5+DnTuMHLo
OxS2qO1sAK5cmYN5NfZk8qovkhYTr1+f6ZqmO/+uftBnJAQ4c0hAGF7A/8bIh6BU
dwD1wXPyDaFpZREe3OhSIA4fDsfeA81Jp4e1TbBaPFZyqgOQ9uMv0jWQxHk+V4i7
TJNb6YHPQdTfEuCYv7LAscRJR0ABFk0aRuiIhXWYaZREgjZkZ1xWcX8fZfEoUMIN
Z4peZRq019HUxucjyhlSJAV6E37WhWLUxOg0kuU8bJwEY4Jup0niYEHkDJ4/5c4+
o1w=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:40:11 2025 by rpki-client