Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/1-C4lLquTqIsqow1CyE7Azy051LM.roa
File: 1-C4lLquTqIsqow1CyE7Azy051LM.roa (raw, json)
Hash identifier: cH3cDm8MskpGz7reLOBy35HM68PiDf2U63kK+ok18d8=
Subject key identifier: F8:2E:25:2E:AB:93:A8:8B:2A:A3:0D:42:C8:4E:C0:CF:2D:39:D4:B3
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F48080757D4490E29F9EB45A4349BE42B
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/1-C4lLquTqIsqow1CyE7Azy051LM.roa
Signing time: Sun 05 May 2024 09:13:56 +0000
ROA not before: Sun 05 May 2024 09:13:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:48:08:07:57:d4:49:0e:29:f9:eb:45:a4:34:9b:e4:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 5 09:13:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f82e252eab93a88b2aa30d42c84ec0cf2d39d4b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e3:14:4d:b2:3f:27:24:8b:5d:b1:1b:f3:ac:
56:4a:58:e9:6e:15:b3:98:3c:8e:7b:20:a3:72:b0:
12:04:4d:65:06:36:eb:de:ce:8c:ed:5e:20:ce:1b:
79:56:b6:8b:df:4a:27:f8:86:ee:83:71:7c:e9:a9:
25:c8:d3:44:ca:40:c0:c0:32:40:dc:db:1f:d3:68:
0a:1a:04:04:87:7a:4f:e7:2d:99:8b:c2:6e:57:2d:
70:af:79:7a:80:48:54:61:8a:4e:c4:db:b5:ae:68:
27:f5:aa:fe:c2:22:3d:4c:cd:20:02:4e:51:34:a6:
45:65:24:fd:b2:be:fe:c1:72:6e:8c:fd:22:a4:a0:
14:cd:d0:cb:33:1b:86:8c:07:36:a0:b2:69:4a:ff:
24:9f:23:91:34:f9:c9:39:4b:f7:5f:b5:4b:25:57:
b0:1e:02:1f:74:25:79:78:a1:bc:31:d2:60:6a:42:
2e:7e:ef:c3:8a:fd:57:18:fe:02:aa:ec:d3:e8:5d:
66:4b:a6:fc:92:7f:18:97:71:37:9d:56:f6:37:e1:
37:d8:68:48:91:79:7b:50:71:f9:4f:59:b2:36:2b:
97:70:1d:aa:ee:e8:de:8f:31:5e:ba:85:50:96:d2:
5a:f3:83:2b:e4:98:0d:7a:7e:00:fb:9d:63:d1:bb:
ae:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:2E:25:2E:AB:93:A8:8B:2A:A3:0D:42:C8:4E:C0:CF:2D:39:D4:B3
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/1-C4lLquTqIsqow1CyE7Azy051LM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bc:4a:38:8d:44:a4:61:4e:39:a9:7a:2a:c9:5c:50:01:ad:2a:
e2:09:cd:52:67:c6:17:f6:12:4b:18:b1:e7:d3:2d:bf:0c:63:
09:b9:74:cb:8d:cc:1a:ac:76:dc:7c:0f:02:0c:1a:9b:5a:3b:
d2:c4:9e:f7:02:ea:c2:66:4d:52:f6:78:49:7c:35:55:92:0d:
00:96:21:69:b1:9d:33:f8:8a:3a:02:f4:66:96:a2:b9:81:29:
af:fd:60:97:4b:27:8f:d0:74:26:16:1a:71:35:8b:f6:1d:f8:
80:ce:63:00:86:b0:61:dd:9d:e5:dd:e0:67:85:c4:a6:2e:67:
a8:f4:96:a2:bd:f2:71:27:72:f5:77:3e:e9:77:b8:c5:6c:4a:
41:55:61:49:fd:31:d2:5e:ff:1e:0e:2d:08:46:50:e6:1d:d1:
e9:3f:6b:3b:e5:59:c8:78:8f:05:01:8c:e0:49:d1:df:7d:da:
f0:ed:3b:89:fe:43:16:cc:76:94:70:67:27:04:3c:3d:25:1c:
9d:56:98:a2:9f:4c:ea:14:c0:5c:83:58:9e:8c:c4:02:80:00:
c4:43:79:b7:89:fb:85:3d:da:33:fa:aa:c8:7f:46:b2:1a:e5:
f2:13:eb:a9:69:13:11:9c:5f:8a:45:9e:2c:4c:f6:bf:8c:a5:
bb:df:b5:57
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY9ICAdX1EkOKfnrRaQ0m+QrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA1MDkxMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODJlMjUyZWFiOTNhODhiMmFhMzBkNDJjODRlYzBjZjJkMzlkNGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneMUTbI/JySLXbEb86xWSljpbhWz
mDyOeyCjcrASBE1lBjbr3s6M7V4gzht5VraL30on+Ibug3F86aklyNNEykDAwDJA
3Nsf02gKGgQEh3pP5y2Zi8JuVy1wr3l6gEhUYYpOxNu1rmgn9ar+wiI9TM0gAk5R
NKZFZST9sr7+wXJujP0ipKAUzdDLMxuGjAc2oLJpSv8knyORNPnJOUv3X7VLJVew
HgIfdCV5eKG8MdJgakIufu/Div1XGP4CquzT6F1mS6b8kn8Yl3E3nVb2N+E32GhI
kXl7UHH5T1myNiuXcB2q7ujejzFeuoVQltJa84Mr5JgNen4A+51j0buuwQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPguJS6rk6iLKqMNQshOwM8tOdSzMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvMS1DNGxMcXVUcUlzcW93MUN5RTdBenkwNTFMTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmUvZDg5MDI1LWQ2ZjMtNDg5MS05ZDg2LWQxMmYwMzlkYjJj
OS8xL3NyN0VHOUx6c1huZUNWRkRCbE1MMF91c2NIcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQC8SjiNRKRhTjmpeirJ
XFABrSriCc1SZ8YX9hJLGLHn0y2/DGMJuXTLjcwarHbcfA8CDBqbWjvSxJ73AurC
Zk1S9nhJfDVVkg0AliFpsZ0z+Io6AvRmlqK5gSmv/WCXSyeP0HQmFhpxNYv2HfiA
zmMAhrBh3Z3l3eBnhcSmLmeo9JaivfJxJ3L1dz7pd7jFbEpBVWFJ/THSXv8eDi0I
RlDmHdHpP2s75VnIeI8FAYzgSdHffdrw7TuJ/kMWzHaUcGcnBDw9JRydVpiin0zq
FMBcg1iejMQCgADEQ3m3ifuFPdoz+qrIf0ayGuXyE+upaRMRnF+KRZ4sTPa/jKW7
37VX
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:19:52 2025 by rpki-client