Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2qLhY4r5TqDnZbCEAwvs0FDFIbU.roa
File: 2qLhY4r5TqDnZbCEAwvs0FDFIbU.roa (raw, json)
Hash identifier: axsrEgiyAsFVG4Mhn41w7ZCynENxDUgZypbm/IK3AFw=
Subject key identifier: DA:A2:E1:63:8A:F9:4E:A0:E7:65:B0:84:03:0B:EC:D0:50:C5:21:B5
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F298E4D357C4E55066EAE4CBEC0F943ED
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2qLhY4r5TqDnZbCEAwvs0FDFIbU.roa
Signing time: Mon 29 Apr 2024 11:12:22 +0000
ROA not before: Mon 29 Apr 2024 11:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:8e:4d:35:7c:4e:55:06:6e:ae:4c:be:c0:f9:43:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 29 11:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=daa2e1638af94ea0e765b084030becd050c521b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b3:96:1d:7b:7b:8b:97:47:38:1c:1b:06:f3:
90:48:54:2b:c0:bc:53:9b:84:99:7c:57:c8:9c:a9:
47:c5:cd:b3:7b:31:fc:92:16:e1:e8:7e:e0:75:8f:
f7:b5:3d:16:43:4a:35:4c:8c:dd:c8:3f:2f:21:05:
db:26:ae:2f:aa:ad:30:26:05:ec:2f:b2:34:a7:39:
cc:ad:5b:8e:3c:29:d3:d6:9f:3a:3d:e4:df:bc:f7:
05:81:42:fd:85:6c:4b:f5:c4:77:6f:78:73:7b:7e:
fb:01:04:8c:99:ab:41:33:75:2d:da:52:db:6b:38:
a2:0a:7b:92:01:bc:e8:cd:0b:97:fe:99:19:2d:0a:
c8:6e:0e:c8:04:0d:ce:88:0a:70:5d:46:c8:ec:2d:
b1:0d:20:80:ae:33:85:74:7a:73:34:5e:ab:e9:ba:
a7:7b:bf:74:0d:18:1e:dd:2c:44:6c:5f:2a:e1:67:
e3:7f:d9:a6:80:79:57:fd:cf:b3:62:25:4a:4f:fc:
00:a6:54:18:50:9b:36:76:1a:bb:b8:1f:25:e8:59:
6b:11:45:cd:ff:e2:68:d9:91:7f:23:81:a5:75:92:
1c:89:c6:80:4b:27:f1:94:3b:fe:62:5c:0b:03:35:
1c:d8:c4:c9:14:f0:b9:b8:11:e4:a3:c4:73:d3:ae:
19:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A2:E1:63:8A:F9:4E:A0:E7:65:B0:84:03:0B:EC:D0:50:C5:21:B5
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/2qLhY4r5TqDnZbCEAwvs0FDFIbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:54:74:a4:75:f7:42:1e:04:82:65:5e:e7:eb:a1:97:62:43:
83:61:52:68:12:04:3e:3f:44:33:b4:22:50:7c:3e:b0:15:af:
7c:ca:e5:e6:7c:82:39:48:38:d6:0b:4e:ce:31:d8:4b:ad:b3:
d4:6c:e3:41:f6:b2:1c:04:2b:b1:f8:cd:54:ec:5a:02:0f:31:
a7:82:70:fc:bd:b3:df:64:8d:45:00:ad:16:76:94:31:2f:88:
98:84:fa:89:07:1c:bf:85:f5:4c:cc:95:26:e5:d7:42:b6:61:
dc:78:f8:3c:86:6b:06:d4:b2:ed:b3:8d:cb:64:a4:38:56:1b:
9a:6d:b1:9a:b9:47:e6:4a:d7:6b:1e:87:d2:df:c5:2f:09:8e:
d0:fc:94:67:e4:88:6c:df:90:af:54:5d:54:ae:ad:c6:d2:0b:
c4:19:38:f3:01:04:cc:9a:2b:ad:51:71:c1:ea:8d:00:9e:c8:
13:59:3e:97:f1:23:a4:56:a6:36:6c:aa:37:34:8e:2c:16:ba:
b4:1f:b2:66:4a:9d:73:12:eb:13:0d:5e:f2:73:9d:a7:05:ed:
63:c9:fd:85:f7:98:42:87:6d:67:97:f0:62:a7:28:e8:49:f0:
8d:4e:be:78:cf:88:3d:c4:c2:9f:f1:fc:11:04:db:80:b9:1a:
68:9c:38:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8pjk01fE5VBm6uTL7A+UPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI5MTExMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWEyZTE2MzhhZjk0ZWEwZTc2NWIwODQwMzBiZWNkMDUwYzUyMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LOWHXt7i5dHOBwbBvOQSFQrwLxT
m4SZfFfInKlHxc2zezH8khbh6H7gdY/3tT0WQ0o1TIzdyD8vIQXbJq4vqq0wJgXs
L7I0pznMrVuOPCnT1p86PeTfvPcFgUL9hWxL9cR3b3hze377AQSMmatBM3Ut2lLb
aziiCnuSAbzozQuX/pkZLQrIbg7IBA3OiApwXUbI7C2xDSCArjOFdHpzNF6r6bqn
e790DRge3SxEbF8q4Wfjf9mmgHlX/c+zYiVKT/wAplQYUJs2dhq7uB8l6FlrEUXN
/+Jo2ZF/I4GldZIcicaASyfxlDv+YlwLAzUc2MTJFPC5uBHko8Rz064ZkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNqi4WOK+U6g52WwhAML7NBQxSG1MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvMnFMaFk0cjVUcURuWmJDRUF3dnMwRkRGSWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ1UdKR190IeBIJlXufr
oZdiQ4NhUmgSBD4/RDO0IlB8PrAVr3zK5eZ8gjlIONYLTs4x2Euts9Rs40H2shwE
K7H4zVTsWgIPMaeCcPy9s99kjUUArRZ2lDEviJiE+okHHL+F9UzMlSbl10K2Ydx4
+DyGawbUsu2zjctkpDhWG5ptsZq5R+ZK12seh9LfxS8JjtD8lGfkiGzfkK9UXVSu
rcbSC8QZOPMBBMyaK61RccHqjQCeyBNZPpfxI6RWpjZsqjc0jiwWurQfsmZKnXMS
6xMNXvJznacF7WPJ/YX3mEKHbWeX8GKnKOhJ8I1OvnjPiD3Ewp/x/BEE24C5Gmic
ODc=
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:21:19 2025 by rpki-client