Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3QWkUQrgh_mfMoWq2HOUkc-vK04.roa
File: 3QWkUQrgh_mfMoWq2HOUkc-vK04.roa (raw, json)
Hash identifier: 5AzdvOuMm2cqYTy3mC6EZcFWmiOiuZJ4nnG3VkJ7i1w=
Subject key identifier: DD:05:A4:51:0A:E0:87:F9:9F:32:85:AA:D8:73:94:91:CF:AF:2B:4E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F1183E97B05F5A80A08A9902656E6F323
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3QWkUQrgh_mfMoWq2HOUkc-vK04.roa
Signing time: Wed 24 Apr 2024 19:10:08 +0000
ROA not before: Wed 24 Apr 2024 19:10:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:11:83:e9:7b:05:f5:a8:0a:08:a9:90:26:56:e6:f3:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 24 19:10:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd05a4510ae087f99f3285aad8739491cfaf2b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6a:01:e5:2f:a0:56:9e:76:25:9a:2b:93:ce:
13:b0:96:75:3a:e0:0b:36:53:bb:45:d9:d2:35:3e:
4f:f6:61:fc:e0:ad:16:a4:3c:65:15:09:21:1b:75:
fb:07:d0:29:ac:02:41:ad:46:6d:fb:c6:15:2b:d5:
52:e1:bf:f2:d6:65:1f:10:43:5b:8e:9b:cc:25:63:
3c:6e:44:1f:95:8b:fc:6c:61:a6:ce:46:d9:9b:32:
8f:c5:ba:e4:ba:be:e3:27:16:4f:6e:8a:d7:93:0a:
db:7a:3e:c4:a3:e1:18:b6:e4:83:47:1b:e8:99:5a:
1d:4e:b9:c0:97:25:93:22:64:3a:11:fe:11:23:84:
ec:ae:c0:eb:7f:1e:22:a0:d4:3a:7e:7a:32:a0:9d:
73:f8:08:a8:59:52:de:70:0d:cb:f8:f4:f8:7b:bf:
0f:04:71:5d:3d:5f:35:b8:b2:95:89:f0:26:d1:ad:
3a:d0:18:52:38:34:f7:f3:4f:db:91:6b:af:2f:61:
ed:5e:dd:a8:74:36:3e:00:4a:5f:f9:6c:4d:b6:58:
4d:dd:5a:c1:08:2f:46:c8:1a:74:48:e7:f1:40:cb:
7a:07:8b:00:27:27:88:b7:88:b3:de:70:29:78:5e:
3f:a6:ee:3b:3a:cc:8a:95:77:61:a9:70:d8:2d:d3:
3a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:05:A4:51:0A:E0:87:F9:9F:32:85:AA:D8:73:94:91:CF:AF:2B:4E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3QWkUQrgh_mfMoWq2HOUkc-vK04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
93:74:7f:31:19:43:7d:ee:a2:59:88:29:03:e7:fe:bb:9e:07:
d3:5a:e7:77:45:86:18:c8:bb:47:36:4c:d9:2d:6c:a8:06:d1:
15:b7:d5:f7:7a:33:d0:f0:96:77:96:c2:1f:21:a0:1e:04:34:
38:08:42:46:d8:f0:db:8b:18:1f:7a:cc:15:1a:61:1f:06:b5:
eb:4f:84:df:ea:e8:f9:e6:68:07:6b:28:22:5b:33:bf:79:5c:
f1:9a:4c:5f:02:d5:44:eb:07:4d:80:9d:bc:c6:59:ff:a6:74:
30:ac:6d:d6:92:a3:ac:4a:ae:f8:32:4b:4d:a4:1c:3c:1f:a7:
9e:80:40:83:be:b7:f4:93:62:3c:5e:f8:a7:99:88:2d:8f:ac:
26:07:8a:5c:fe:bc:9d:77:97:72:2f:be:29:25:9c:16:d8:63:
3d:53:73:8d:58:9b:53:79:27:cf:05:92:32:f0:68:aa:0e:7d:
02:83:40:16:22:1e:91:b4:2a:00:e8:66:02:bb:34:df:51:50:
dc:16:c5:66:fc:15:a8:36:24:f4:cf:0f:aa:15:9d:3d:c4:7a:
6c:55:1f:bb:12:fc:bb:df:ab:e6:b6:12:98:c2:c1:9f:ea:a7:
ac:95:1d:46:f5:8f:4a:c9:52:d8:95:e8:48:c4:41:55:3a:98:
65:d6:4e:ac
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8Rg+l7BfWoCgipkCZW5vMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI0MTkxMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDA1YTQ1MTBhZTA4N2Y5OWYzMjg1YWFkODczOTQ5MWNmYWYyYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmoB5S+gVp52JZork84TsJZ1OuAL
NlO7RdnSNT5P9mH84K0WpDxlFQkhG3X7B9AprAJBrUZt+8YVK9VS4b/y1mUfEENb
jpvMJWM8bkQflYv8bGGmzkbZmzKPxbrkur7jJxZPborXkwrbej7Eo+EYtuSDRxvo
mVodTrnAlyWTImQ6Ef4RI4TsrsDrfx4ioNQ6fnoyoJ1z+AioWVLecA3L+PT4e78P
BHFdPV81uLKVifAm0a060BhSODT380/bkWuvL2HtXt2odDY+AEpf+WxNtlhN3VrB
CC9GyBp0SOfxQMt6B4sAJyeIt4iz3nApeF4/pu47OsyKlXdhqXDYLdM6cwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFN0FpFEK4If5nzKFqthzlJHPrytOMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvM1FXa1VRcmdoX21mTW9XcTJIT1VrYy12SzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQCTdH8x
GUN97qJZiCkD5/67ngfTWud3RYYYyLtHNkzZLWyoBtEVt9X3ejPQ8JZ3lsIfIaAe
BDQ4CEJG2PDbixgfeswVGmEfBrXrT4Tf6uj55mgHaygiWzO/eVzxmkxfAtVE6wdN
gJ28xln/pnQwrG3WkqOsSq74MktNpBw8H6eegECDvrf0k2I8XvinmYgtj6wmB4pc
/rydd5dyL74pJZwW2GM9U3ONWJtTeSfPBZIy8GiqDn0Cg0AWIh6RtCoA6GYCuzTf
UVDcFsVm/BWoNiT0zw+qFZ09xHpsVR+7Evy736vmthKYwsGf6qeslR1G9Y9KyVLY
lehIxEFVOphl1k6s
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:38:13 2025 by rpki-client