Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8PIunVxKva_q90pxIO0i224BMc4.roa
File: 8PIunVxKva_q90pxIO0i224BMc4.roa (raw, json)
Hash identifier: YPSQTYfjIrK67JjSTpQ4+WL5/mZIPTCygzVt0e0eYys=
Subject key identifier: F0:F2:2E:9D:5C:4A:BD:AF:EA:F7:4A:71:20:ED:22:DB:6E:01:31:CE
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F97332D63AD73E516ACA24091FF5E0F2C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8PIunVxKva_q90pxIO0i224BMc4.roa
Signing time: Mon 20 May 2024 18:11:04 +0000
ROA not before: Mon 20 May 2024 18:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:97:33:2d:63:ad:73:e5:16:ac:a2:40:91:ff:5e:0f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 20 18:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0f22e9d5c4abdafeaf74a7120ed22db6e0131ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c0:aa:13:3a:2b:54:8f:f2:5e:7f:f6:98:8c:
9a:96:b1:3a:11:5b:10:a7:59:25:59:52:81:ad:2d:
e3:94:0f:ca:90:2a:e4:5f:6f:25:ec:dc:9b:db:fa:
40:ec:01:6c:d6:43:42:de:87:b8:8c:1a:8e:80:e5:
4c:41:37:ef:b3:0e:42:63:8b:7b:00:b9:38:76:3c:
53:18:75:e8:b0:80:1c:6b:fe:c2:7a:3e:59:87:01:
73:c1:81:48:89:21:ff:5f:45:44:46:d7:eb:4a:76:
08:e5:41:0c:ed:e2:8e:1e:c8:b0:bd:ba:50:a5:88:
10:c3:99:8c:13:8f:11:86:21:57:82:82:be:9f:dd:
1e:75:e1:41:60:73:96:b3:5a:dc:92:91:e9:0e:a6:
ea:96:d3:9b:9e:1a:36:bb:b7:8b:fd:c6:13:f6:3c:
f6:1c:e9:ae:0b:64:60:72:da:1d:b6:5e:7c:0a:9d:
ad:bb:1e:df:32:5b:a0:8b:cd:d4:03:b6:9c:5a:6f:
5f:78:c9:be:01:e2:6e:c4:75:76:9c:e5:08:5e:e8:
56:bf:cd:11:b8:83:a1:66:89:27:a2:74:17:27:e8:
19:39:26:ab:c9:21:29:14:1c:8c:1b:4b:fc:b7:d0:
2d:b6:26:54:c1:a8:6c:1b:2b:48:01:e7:34:3d:cf:
09:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F2:2E:9D:5C:4A:BD:AF:EA:F7:4A:71:20:ED:22:DB:6E:01:31:CE
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8PIunVxKva_q90pxIO0i224BMc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c2:69:42:fa:bf:b2:88:8b:96:17:73:91:f7:94:36:55:42:e0:
01:4c:5b:43:f0:00:91:38:fe:22:01:ab:06:17:38:c6:95:b9:
20:48:11:bc:e8:05:cb:62:8d:5f:90:b9:ca:62:1d:78:e0:4c:
1b:36:ed:f3:6a:37:03:96:af:ec:62:ad:f0:7e:98:0b:02:78:
79:4b:fa:c0:83:6b:aa:d4:37:0c:1d:e8:ba:06:5f:e3:ae:03:
87:a0:2a:c7:5c:c2:1a:14:b6:1e:61:cd:53:b3:b5:22:8b:c6:
c4:e5:d4:81:0b:42:b2:46:e4:e2:d4:ca:09:55:65:8d:d6:ad:
79:1e:17:87:ff:05:91:bf:c5:1d:85:dc:09:b2:58:82:32:13:
4f:01:58:07:a0:b1:5f:cf:47:ef:6e:ca:d8:b6:fe:b5:21:a8:
95:bf:f6:ee:eb:47:91:da:43:f1:21:53:2f:8f:9d:dc:65:30:
ff:af:0a:c1:cc:79:b9:89:59:96:56:fc:d6:e7:f1:2e:44:52:
c6:e0:da:6f:66:0a:79:9a:3c:81:63:14:ca:98:73:f4:35:69:
3c:a3:7c:d7:9f:1a:ca:66:2c:07:f1:33:28:76:13:b5:cc:05:
67:2b:79:76:65:a9:32:c3:14:78:6d:56:bd:6f:57:0a:54:e9:
62:1e:d8:b6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+XMy1jrXPlFqyiQJH/Xg8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIwMTgxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGYyMmU5ZDVjNGFiZGFmZWFmNzRhNzEyMGVkMjJkYjZlMDEzMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsCqEzorVI/yXn/2mIyalrE6EVsQ
p1klWVKBrS3jlA/KkCrkX28l7Nyb2/pA7AFs1kNC3oe4jBqOgOVMQTfvsw5CY4t7
ALk4djxTGHXosIAca/7Cej5ZhwFzwYFIiSH/X0VERtfrSnYI5UEM7eKOHsiwvbpQ
pYgQw5mME48RhiFXgoK+n90edeFBYHOWs1rckpHpDqbqltObnho2u7eL/cYT9jz2
HOmuC2Rgctodtl58Cp2tux7fMlugi83UA7acWm9feMm+AeJuxHV2nOUIXuhWv80R
uIOhZoknonQXJ+gZOSarySEpFByMG0v8t9AttiZUwahsGytIAec0Pc8JpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPDyLp1cSr2v6vdKcSDtIttuATHOMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvOFBJdW5WeEt2YV9xOTBweElPMGkyMjRCTWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMJpQvq/soiLlhdzkfeU
NlVC4AFMW0PwAJE4/iIBqwYXOMaVuSBIEbzoBctijV+QucpiHXjgTBs27fNqNwOW
r+xirfB+mAsCeHlL+sCDa6rUNwwd6LoGX+OuA4egKsdcwhoUth5hzVOztSKLxsTl
1IELQrJG5OLUyglVZY3WrXkeF4f/BZG/xR2F3AmyWIIyE08BWAegsV/PR+9uyti2
/rUhqJW/9u7rR5HaQ/EhUy+PndxlMP+vCsHMebmJWZZW/Nbn8S5EUsbg2m9mCnma
PIFjFMqYc/Q1aTyjfNefGspmLAfxMyh2E7XMBWcreXZlqTLDFHhtVr1vVwpU6WIe
2LY=
-----END CERTIFICATE-----
Generated at Tue Apr 29 17:27:22 2025 by rpki-client