Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/xbXBsX2Ik1wYcqYWF39pgdSFk-k.roa
File: xbXBsX2Ik1wYcqYWF39pgdSFk-k.roa (raw, json)
Hash identifier: nJXxR2oE1IWzksLQS9mHOdqDJMMD65u9AeFt4zuvSbg=
Subject key identifier: C5:B5:C1:B1:7D:88:93:5C:18:72:A6:16:17:7F:69:81:D4:85:93:E9
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F893B207A2F5CAD78086DA156C8A0EAA3
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/xbXBsX2Ik1wYcqYWF39pgdSFk-k.roa
Signing time: Sat 18 May 2024 01:05:04 +0000
ROA not before: Sat 18 May 2024 01:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:893a:885a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:89:3b:20:7a:2f:5c:ad:78:08:6d:a1:56:c8:a0:ea:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 18 01:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5b5c1b17d88935c1872a616177f6981d48593e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3c:9c:98:f5:7d:58:c8:23:f6:e2:1f:22:02:
75:fb:d0:3b:9e:76:09:92:01:f6:0d:72:11:d4:f3:
5c:89:b0:6e:b4:41:0e:4d:10:fc:85:9c:5c:47:1f:
59:c7:95:a7:16:30:47:f2:e0:e3:c8:db:6d:41:cf:
dd:11:4c:a8:28:45:e6:54:ee:be:75:f1:a0:d5:38:
44:ae:ad:e9:dc:e5:54:a7:37:bb:fe:d4:b7:8e:72:
70:fe:b8:6f:1e:68:18:e5:d6:23:f8:a7:f6:2a:62:
09:0c:30:f6:e6:c1:ba:a7:2c:54:4a:8c:55:48:f6:
e3:d6:06:a6:31:3b:3a:6d:d8:78:45:b3:55:18:4c:
ca:a3:a9:58:a3:89:8e:78:0f:3e:0e:dc:a6:5f:b7:
0e:f7:b5:da:0e:df:84:69:5a:c0:fa:df:1c:27:c9:
e7:2c:c9:0b:f2:42:8c:f9:88:6f:2f:34:cc:96:c3:
d0:9f:41:e9:f8:dd:eb:1e:cc:41:bf:d9:d3:7d:fc:
28:11:fb:70:ef:69:bf:26:df:bf:de:64:94:07:5a:
ca:61:37:a1:ff:93:ff:e3:ec:62:fb:18:20:2d:ee:
8e:73:f1:47:c4:e4:f3:bb:c6:d5:32:fc:68:5d:eb:
2f:39:7f:f8:80:5a:a7:df:51:50:db:c0:11:eb:c6:
a6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B5:C1:B1:7D:88:93:5C:18:72:A6:16:17:7F:69:81:D4:85:93:E9
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/xbXBsX2Ik1wYcqYWF39pgdSFk-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:4d:9a:ec:37:16:eb:fc:53:06:c8:02:8d:da:e3:f1:72:df:
47:c2:92:94:32:6d:b1:54:cd:b8:44:58:40:ee:9a:70:24:6b:
e9:72:e4:e7:3d:18:4d:5e:c3:c5:a2:a0:f8:23:9f:04:cd:d1:
4f:b1:0a:46:ce:60:e8:0c:d6:37:9d:04:ca:45:8b:5c:e7:ec:
49:b2:39:16:20:7b:42:eb:c7:31:58:3c:dc:2f:d8:22:e5:96:
53:22:ad:79:3d:18:bb:fa:a2:a1:43:57:c1:be:5c:6d:83:c1:
f7:cf:fe:92:b6:4c:78:32:df:b7:30:2f:85:4e:3a:d6:a0:72:
0d:2a:6a:56:41:46:eb:46:ef:25:38:8f:ad:f9:ad:04:82:e1:
d0:aa:30:b1:26:be:a8:ef:75:ee:da:76:ec:90:15:37:99:b7:
f9:ea:57:f3:d2:79:b7:70:87:1e:68:10:8a:a5:63:10:b5:d7:
f8:04:3b:5e:22:fb:5d:92:b0:e9:be:cb:f7:71:ce:70:d5:04:
ab:01:4f:03:9f:e6:b5:66:b8:9a:9f:72:65:d3:55:2f:f9:4b:
ab:09:00:08:bc:87:22:e8:bc:ca:a2:6d:e2:e1:31:86:11:a4:
ec:b2:a4:4d:96:ce:ce:3b:11:b0:3e:b2:f7:d8:fb:e6:73:ce:
7f:33:bc:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+JOyB6L1yteAhtoVbIoOqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE4MDEwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWI1YzFiMTdkODg5MzVjMTg3MmE2MTYxNzdmNjk4MWQ0ODU5M2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljycmPV9WMgj9uIfIgJ1+9A7nnYJ
kgH2DXIR1PNcibButEEOTRD8hZxcRx9Zx5WnFjBH8uDjyNttQc/dEUyoKEXmVO6+
dfGg1ThErq3p3OVUpze7/tS3jnJw/rhvHmgY5dYj+Kf2KmIJDDD25sG6pyxUSoxV
SPbj1gamMTs6bdh4RbNVGEzKo6lYo4mOeA8+DtymX7cO97XaDt+EaVrA+t8cJ8nn
LMkL8kKM+YhvLzTMlsPQn0Hp+N3rHsxBv9nTffwoEftw72m/Jt+/3mSUB1rKYTeh
/5P/4+xi+xggLe6Oc/FHxOTzu8bVMvxoXesvOX/4gFqn31FQ28AR68amaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMW1wbF9iJNcGHKmFhd/aYHUhZPpMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEveGJYQnNYMklrMXdZY3FZV0YzOXBnZFNGay1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHJNmuw3Fuv8UwbIAo3a
4/Fy30fCkpQybbFUzbhEWEDumnAka+ly5Oc9GE1ew8WioPgjnwTN0U+xCkbOYOgM
1jedBMpFi1zn7EmyORYge0LrxzFYPNwv2CLlllMirXk9GLv6oqFDV8G+XG2DwffP
/pK2THgy37cwL4VOOtagcg0qalZBRutG7yU4j635rQSC4dCqMLEmvqjvde7aduyQ
FTeZt/nqV/PSebdwhx5oEIqlYxC11/gEO14i+12SsOm+y/dxznDVBKsBTwOf5rVm
uJqfcmXTVS/5S6sJAAi8hyLovMqibeLhMYYRpOyypE2Wzs47EbA+svfY++Zzzn8z
vOg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:33:09 2025 by rpki-client