Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/JbEvAEfOCf__SXjOESqSR9vLiK8.roa
File: JbEvAEfOCf__SXjOESqSR9vLiK8.roa (raw, json)
Hash identifier: nBr1YYA3HMK3o30qeau2Z+bbx9JevJTlm7txoAsZGy8=
Subject key identifier: 25:B1:2F:00:47:CE:09:FF:FF:49:78:CE:11:2A:92:47:DB:CB:88:AF
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EEF9ECE5B1F831F8F8F0E5D3603A77CAF
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/JbEvAEfOCf__SXjOESqSR9vLiK8.roa
Signing time: Thu 18 Apr 2024 05:12:25 +0000
ROA not before: Thu 18 Apr 2024 05:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ef:9e:ce:5b:1f:83:1f:8f:8f:0e:5d:36:03:a7:7c:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 18 05:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25b12f0047ce09ffff4978ce112a9247dbcb88af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9f:96:ec:2c:ee:da:a6:45:3c:24:f6:73:ea:
b2:c4:4e:52:c5:57:a7:f1:15:b8:d0:c7:14:a3:6a:
0f:12:48:bb:a3:b5:ec:ce:85:2e:36:63:de:9e:75:
30:3d:bb:cd:72:6e:99:94:50:99:d4:4d:80:e0:e6:
b5:e8:e0:cb:46:be:49:01:f1:f5:eb:14:32:8d:a0:
cb:8f:ec:69:8e:82:e3:9f:8e:f4:97:2c:19:f6:3b:
c7:db:00:42:58:03:b8:d5:63:fb:fe:43:23:c7:c6:
03:89:87:9a:12:02:de:27:4a:1e:b4:a6:40:fa:bc:
3d:10:bb:48:9d:f1:9f:9f:2f:b6:30:f9:bd:93:55:
c4:df:0a:aa:5a:91:b3:c9:35:57:4a:0c:04:34:96:
05:82:8f:a7:45:b3:7b:dd:9f:ec:f5:7c:c7:d7:54:
ba:22:1a:f7:64:88:4f:3e:96:70:40:0b:e9:4c:76:
4e:50:d4:fc:42:22:83:46:d7:75:4b:00:97:8a:84:
e6:32:b9:ae:4c:a1:2b:d3:71:9a:1e:46:3a:89:c6:
ab:ae:ef:b3:69:91:6f:2e:d5:67:54:27:72:ff:2f:
4d:ad:44:80:d0:3f:44:6d:c3:07:cb:b2:78:cb:35:
8c:f9:f3:be:03:cf:ff:d6:dd:91:a6:97:b4:1c:32:
0f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:B1:2F:00:47:CE:09:FF:FF:49:78:CE:11:2A:92:47:DB:CB:88:AF
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/JbEvAEfOCf__SXjOESqSR9vLiK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:fc:33:1f:27:32:9b:2d:02:6b:d7:ef:a7:4b:dc:17:ab:a8:
a1:34:ec:a7:b1:29:16:0e:11:73:d7:e6:31:8f:55:58:b5:01:
79:5b:07:3b:a0:96:49:eb:ad:df:57:76:fc:21:44:f5:05:8d:
b2:10:ae:59:c2:f4:a7:d5:a4:7f:ba:6f:83:6a:71:06:3a:68:
53:4f:2e:27:cc:3d:e3:aa:ac:98:93:77:85:86:cb:00:f5:70:
6a:9b:8a:2e:02:67:1b:39:97:dc:5e:e2:6f:e3:a7:df:08:9e:
e7:cf:a4:ca:95:b6:4a:46:e7:81:1f:51:12:86:68:c9:cf:3a:
70:86:ce:a3:08:34:f2:54:85:13:36:12:9e:c6:12:05:6a:a0:
e3:7e:06:4e:f1:eb:93:bc:69:59:ac:41:82:5f:69:a5:14:36:
73:25:5e:e2:16:91:c0:56:56:31:dd:91:c0:4e:30:b5:f7:a2:
31:4c:4b:35:8d:7f:6c:ce:05:68:cd:d2:06:fc:45:34:d9:68:
f0:f1:b4:f0:51:5a:bd:28:1a:8a:e7:b9:5a:e2:28:e7:9a:1a:
fa:46:8d:79:11:2b:3d:f8:e0:ed:14:c3:27:71:66:21:43:4c:
a1:b3:f9:36:7c:85:30:6b:eb:0b:84:3e:09:fd:c2:b8:68:e4:
f8:fe:78:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7vns5bH4Mfj48OXTYDp3yvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE4MDUxMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWIxMmYwMDQ3Y2UwOWZmZmY0OTc4Y2UxMTJhOTI0N2RiY2I4OGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZ+W7Czu2qZFPCT2c+qyxE5SxVen
8RW40McUo2oPEki7o7XszoUuNmPennUwPbvNcm6ZlFCZ1E2A4Oa16ODLRr5JAfH1
6xQyjaDLj+xpjoLjn470lywZ9jvH2wBCWAO41WP7/kMjx8YDiYeaEgLeJ0oetKZA
+rw9ELtInfGfny+2MPm9k1XE3wqqWpGzyTVXSgwENJYFgo+nRbN73Z/s9XzH11S6
Ihr3ZIhPPpZwQAvpTHZOUNT8QiKDRtd1SwCXioTmMrmuTKEr03GaHkY6icarru+z
aZFvLtVnVCdy/y9NrUSA0D9EbcMHy7J4yzWM+fO+A8//1t2Rppe0HDIPDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCWxLwBHzgn//0l4zhEqkkfby4ivMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvSmJFdkFFZk9DZl9fU1hqT0VTcVNSOXZMaUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFr8Mx8nMpstAmvX76dL
3BerqKE07KexKRYOEXPX5jGPVVi1AXlbBzuglknrrd9XdvwhRPUFjbIQrlnC9KfV
pH+6b4NqcQY6aFNPLifMPeOqrJiTd4WGywD1cGqbii4CZxs5l9xe4m/jp98InufP
pMqVtkpG54EfURKGaMnPOnCGzqMINPJUhRM2Ep7GEgVqoON+Bk7x65O8aVmsQYJf
aaUUNnMlXuIWkcBWVjHdkcBOMLX3ojFMSzWNf2zOBWjN0gb8RTTZaPDxtPBRWr0o
GornuVriKOeaGvpGjXkRKz344O0UwydxZiFDTKGz+TZ8hTBr6wuEPgn9wrho5Pj+
eOI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:38:45 2025 by rpki-client