Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8K7M4SE0jyKEJPi8gGzSYSPtKRY.roa
File: 8K7M4SE0jyKEJPi8gGzSYSPtKRY.roa (raw, json)
Hash identifier: 7qAPjyVyWczsJ4HOFbzQvGSvi2CEB+0fXtZTKUltEbU=
Subject key identifier: F0:AE:CC:E1:21:34:8F:22:84:24:F8:BC:80:6C:D2:61:23:ED:29:16
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8908C5D43D17C32F6343055C797F8D01
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8K7M4SE0jyKEJPi8gGzSYSPtKRY.roa
Signing time: Sat 18 May 2024 00:10:04 +0000
ROA not before: Sat 18 May 2024 00:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:89:08:c5:d4:3d:17:c3:2f:63:43:05:5c:79:7f:8d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 18 00:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0aecce121348f228424f8bc806cd26123ed2916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:39:10:20:82:e2:78:ea:83:d3:7b:eb:00:e3:
68:69:28:89:f7:6d:04:c0:ae:71:1c:d0:63:7b:ec:
88:69:c2:ef:12:a3:f5:06:04:11:85:6a:e1:0a:9d:
e4:b2:27:1c:34:e0:34:ff:32:13:0d:1a:c2:f2:b7:
23:03:d8:96:88:26:66:74:66:72:bc:1e:6d:55:b5:
f9:75:86:07:63:12:c2:d3:93:dc:ee:2d:7c:8a:50:
5c:1e:e7:66:a3:81:c9:32:d6:8f:7a:91:27:87:f1:
b5:ed:f0:c1:30:c1:98:a0:64:f9:f7:0a:6e:28:b6:
c9:bf:92:34:34:63:a2:22:a7:d6:e2:2b:b5:a7:48:
4b:0b:81:c7:09:d2:a8:fe:18:47:1e:4e:ba:ec:f4:
51:81:19:cc:74:6e:5c:42:37:af:6d:79:79:cd:69:
7e:55:20:47:81:af:b1:5d:79:d4:16:62:60:9a:2e:
f5:a4:a1:0b:6a:f5:22:db:22:9a:02:09:65:37:bc:
fd:e1:35:b0:c5:72:91:37:5c:a9:5d:59:c9:ca:d8:
55:ac:11:36:66:0c:04:60:b7:66:e0:08:7b:11:51:
b0:66:3a:3c:e7:fa:1e:f3:e3:95:38:8f:48:1c:3e:
5f:00:ea:a6:fb:4f:d0:53:74:d2:ac:b8:ae:93:e4:
de:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:AE:CC:E1:21:34:8F:22:84:24:F8:BC:80:6C:D2:61:23:ED:29:16
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8K7M4SE0jyKEJPi8gGzSYSPtKRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:ff:c5:e5:e1:85:a1:b2:2b:28:50:12:d0:39:8d:6f:51:d7:
1a:85:93:bf:f7:33:48:b5:8d:cd:a6:8e:01:5c:c4:2e:59:5c:
f5:fe:15:af:92:de:1f:e7:e6:65:60:46:f6:85:b0:90:b2:10:
bc:6e:f6:a5:ff:53:25:d2:28:73:4a:89:95:16:93:1c:ca:e5:
b9:42:af:cf:c9:ec:03:2b:9c:96:dd:5d:36:2b:29:74:d3:da:
db:3a:67:9d:20:e7:fd:5b:58:c6:e5:ef:23:3d:00:01:a5:6a:
f2:36:6e:39:8d:70:b3:72:13:ea:2c:7b:16:fc:27:4b:c5:9c:
62:42:82:77:53:e6:34:9d:7d:f9:d9:6c:fd:a9:b3:a9:d9:1e:
87:8c:73:04:18:fb:68:d5:cf:fb:31:f5:22:78:36:2a:23:1b:
db:7c:1c:c1:ee:83:a2:fb:7b:ea:36:6f:1d:1b:64:44:ee:c4:
90:4e:f9:ee:2b:29:0f:a3:72:cd:e0:59:55:74:2c:4d:10:d2:
c2:6f:af:56:20:6f:77:14:02:6a:d9:a9:51:82:ac:a6:51:d4:
0b:d2:a9:9f:50:e0:ab:d8:52:43:03:8b:4f:10:a2:6e:a7:8b:
a4:2e:2f:48:85:d5:74:4c:65:91:4e:28:79:81:34:5c:26:76:
0b:02:23:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+JCMXUPRfDL2NDBVx5f40BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE4MDAxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGFlY2NlMTIxMzQ4ZjIyODQyNGY4YmM4MDZjZDI2MTIzZWQyOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTkQIILieOqD03vrAONoaSiJ920E
wK5xHNBje+yIacLvEqP1BgQRhWrhCp3ksiccNOA0/zITDRrC8rcjA9iWiCZmdGZy
vB5tVbX5dYYHYxLC05Pc7i18ilBcHudmo4HJMtaPepEnh/G17fDBMMGYoGT59wpu
KLbJv5I0NGOiIqfW4iu1p0hLC4HHCdKo/hhHHk667PRRgRnMdG5cQjevbXl5zWl+
VSBHga+xXXnUFmJgmi71pKELavUi2yKaAgllN7z94TWwxXKRN1ypXVnJythVrBE2
ZgwEYLdm4Ah7EVGwZjo85/oe8+OVOI9IHD5fAOqm+0/QU3TSrLiuk+TeLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPCuzOEhNI8ihCT4vIBs0mEj7SkWMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvOEs3TTRTRTBqeUtFSlBpOGdHelNZU1B0S1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEf/xeXhhaGyKyhQEtA5
jW9R1xqFk7/3M0i1jc2mjgFcxC5ZXPX+Fa+S3h/n5mVgRvaFsJCyELxu9qX/UyXS
KHNKiZUWkxzK5blCr8/J7AMrnJbdXTYrKXTT2ts6Z50g5/1bWMbl7yM9AAGlavI2
bjmNcLNyE+osexb8J0vFnGJCgndT5jSdffnZbP2ps6nZHoeMcwQY+2jVz/sx9SJ4
NiojG9t8HMHug6L7e+o2bx0bZETuxJBO+e4rKQ+jcs3gWVV0LE0Q0sJvr1Ygb3cU
AmrZqVGCrKZR1AvSqZ9Q4KvYUkMDi08Qom6ni6QuL0iF1XRMZZFOKHmBNFwmdgsC
I64=
-----END CERTIFICATE-----
Generated at Sat May 3 17:33:17 2025 by rpki-client