Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8RrWgkvP0jBatJowW1lZ3Qubv2Q.roa
File: 8RrWgkvP0jBatJowW1lZ3Qubv2Q.roa (raw, json)
Hash identifier: 8pyZRqYlHq1mGbYOp1z4fynJzyIfsQbdUjngaBVkbdQ=
Subject key identifier: F1:1A:D6:82:4B:CF:D2:30:5A:B4:9A:30:5B:59:59:DD:0B:9B:BF:64
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F7BF243CAF4A6F95D083C6599A2BDFC46
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8RrWgkvP0jBatJowW1lZ3Qubv2Q.roa
Signing time: Wed 15 May 2024 11:10:25 +0000
ROA not before: Wed 15 May 2024 11:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7b:f2:43:ca:f4:a6:f9:5d:08:3c:65:99:a2:bd:fc:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 15 11:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f11ad6824bcfd2305ab49a305b5959dd0b9bbf64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:69:7b:22:a9:8a:e5:bf:20:c5:37:36:b3:4a:
05:0b:70:d8:98:37:c9:0d:8b:2a:91:fc:98:66:1c:
b0:f3:45:cd:55:4f:be:7d:81:25:96:ab:b6:aa:01:
a8:d0:84:bb:45:80:a2:61:90:dd:4a:7f:9e:fa:02:
c5:57:1a:b3:ff:48:85:3c:68:f2:08:13:e8:ef:00:
f2:1d:0d:d3:25:e0:e4:bb:04:de:18:e2:98:12:1f:
25:50:56:6a:18:e4:3a:81:fa:6d:03:3e:92:f3:a7:
c8:7a:dc:d2:ea:57:4c:e5:23:b7:bb:39:19:ca:6b:
31:6f:c7:86:4f:7f:87:19:8d:c1:18:67:41:ab:5e:
30:c6:c7:ef:cb:d8:e3:70:e5:6d:61:71:74:d7:ce:
c0:fd:48:f2:81:58:fa:3e:04:c0:b6:8c:87:c3:40:
24:a1:d8:56:68:c2:24:69:f0:3c:1b:77:66:23:28:
d1:9a:53:70:88:9a:ce:51:c0:e5:a0:fb:f2:4f:b4:
42:37:fa:73:c2:03:12:9d:31:fa:e8:e6:57:23:c2:
93:fe:5c:58:80:82:78:7b:f9:a4:71:63:4e:82:73:
99:93:93:04:5b:69:5b:38:29:89:90:16:ab:01:0e:
24:bd:7f:f1:9d:4a:28:bf:56:9a:7b:c7:bf:95:51:
e4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1A:D6:82:4B:CF:D2:30:5A:B4:9A:30:5B:59:59:DD:0B:9B:BF:64
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8RrWgkvP0jBatJowW1lZ3Qubv2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:c6:d6:e3:17:41:d7:83:84:a4:bf:32:65:d7:fb:f8:af:90:
aa:a1:a4:a0:bb:1c:f1:52:22:f3:f4:e4:ec:3a:4e:a1:30:c0:
f0:bb:1b:73:5f:36:07:fd:ea:ca:2b:6a:5c:1a:14:42:a8:86:
d5:60:15:5a:78:a3:90:d9:4a:6d:23:1d:50:67:de:b0:57:25:
d2:5a:b0:ae:d1:b7:65:e5:9d:47:1a:75:5a:cc:c3:b2:c3:59:
50:41:bc:cf:c0:35:d4:d3:92:36:09:55:12:20:2c:48:07:76:
19:25:47:46:f2:5a:4f:8b:df:6b:1a:1f:6d:3b:5f:9d:cb:e8:
9c:c6:cc:87:f6:2a:37:d1:54:6d:0d:05:29:16:74:3e:e3:92:
eb:b0:0e:30:c4:e2:2e:92:dd:bb:39:e7:2b:33:c3:cf:38:92:
23:fb:4f:60:39:7b:74:b2:15:1c:76:09:61:b2:5b:d5:d4:75:
28:19:45:13:bc:1d:9f:82:bd:da:09:d1:2d:fe:e7:43:d5:2d:
81:dd:d6:24:a0:d2:ca:79:ef:b7:f3:59:89:6c:65:be:f4:1e:
0f:a6:79:41:a9:e9:09:89:b6:65:51:8d:a0:b9:c1:14:8b:7c:
2d:be:42:72:ad:59:22:cf:4a:5e:e6:b9:17:36:4a:2b:9b:fd:
50:56:4b:9c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY978kPK9Kb5XQg8ZZmivfxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE1MTExMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTFhZDY4MjRiY2ZkMjMwNWFiNDlhMzA1YjU5NTlkZDBiOWJiZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGl7IqmK5b8gxTc2s0oFC3DYmDfJ
DYsqkfyYZhyw80XNVU++fYEllqu2qgGo0IS7RYCiYZDdSn+e+gLFVxqz/0iFPGjy
CBPo7wDyHQ3TJeDkuwTeGOKYEh8lUFZqGOQ6gfptAz6S86fIetzS6ldM5SO3uzkZ
ymsxb8eGT3+HGY3BGGdBq14wxsfvy9jjcOVtYXF0187A/UjygVj6PgTAtoyHw0Ak
odhWaMIkafA8G3dmIyjRmlNwiJrOUcDloPvyT7RCN/pzwgMSnTH66OZXI8KT/lxY
gIJ4e/mkcWNOgnOZk5MEW2lbOCmJkBarAQ4kvX/xnUoov1aae8e/lVHkxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPEa1oJLz9IwWrSaMFtZWd0Lm79kMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvOFJyV2drdlAwakJhdEpvd1cxbFozUXVidjJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF3G1uMXQdeDhKS/MmXX
+/ivkKqhpKC7HPFSIvP05Ow6TqEwwPC7G3NfNgf96soralwaFEKohtVgFVp4o5DZ
Sm0jHVBn3rBXJdJasK7Rt2XlnUcadVrMw7LDWVBBvM/ANdTTkjYJVRIgLEgHdhkl
R0byWk+L32saH207X53L6JzGzIf2KjfRVG0NBSkWdD7jkuuwDjDE4i6S3bs55ysz
w884kiP7T2A5e3SyFRx2CWGyW9XUdSgZRRO8HZ+CvdoJ0S3+50PVLYHd1iSg0sp5
77fzWYlsZb70Hg+meUGp6QmJtmVRjaC5wRSLfC2+QnKtWSLPSl7muRc2Siub/VBW
S5w=
-----END CERTIFICATE-----
Generated at Fri May 2 14:25:24 2025 by rpki-client