Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/9jRxJsBhTvuM4B7o5mzgiXb6YI4.roa
File: 9jRxJsBhTvuM4B7o5mzgiXb6YI4.roa (raw, json)
Hash identifier: /B5g3AafkWgSuH0jZZ+ks8a2x9Pkq/1eik6vQ/eCfvo=
Subject key identifier: F6:34:71:26:C0:61:4E:FB:8C:E0:1E:E8:E6:6C:E0:89:76:FA:60:8E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9207531BC39EDA809A343ADE902AC46C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/9jRxJsBhTvuM4B7o5mzgiXb6YI4.roa
Signing time: Sun 19 May 2024 18:05:04 +0000
ROA not before: Sun 19 May 2024 18:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9206:d3a5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:92:07:53:1b:c3:9e:da:80:9a:34:3a:de:90:2a:c4:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 19 18:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6347126c0614efb8ce01ee8e66ce08976fa608e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:62:a1:8f:63:74:46:ec:d7:56:99:7c:2e:a1:
c3:68:48:6e:2e:74:98:d6:e1:dc:0b:4c:c1:ea:c9:
38:af:18:c5:64:7a:80:b3:64:54:9b:d9:b5:1d:61:
6d:35:91:47:00:41:db:0c:d4:bd:f9:aa:1e:a1:d6:
8c:25:59:34:d5:bc:46:6d:6d:05:c9:07:53:69:17:
01:81:6b:dc:9d:24:81:82:56:46:bc:8e:8f:fa:99:
21:39:97:57:df:cd:5c:6f:52:f8:2b:0c:16:95:60:
67:25:87:20:d5:c1:2c:17:6b:33:52:c4:96:35:30:
ca:f3:f5:ac:6a:04:5d:87:68:f9:92:f3:1b:99:5f:
6b:88:1a:f8:52:52:45:19:d1:32:c4:38:3d:53:5f:
7e:91:70:ef:84:a2:ac:5b:e1:42:1d:84:fb:3e:c6:
e4:87:ad:4c:eb:65:6e:ab:90:90:38:4c:86:91:63:
9a:f7:92:33:0c:26:df:e3:bd:cb:86:6e:9f:27:0b:
ea:14:a9:e7:3b:2e:94:51:04:ba:62:19:a0:d6:77:
f5:ab:cf:ae:1f:8a:67:55:dc:74:0f:53:3b:38:0f:
18:94:d9:a1:00:40:8b:6a:92:b1:bb:88:b2:60:6e:
cc:c5:75:74:e5:44:1c:99:33:31:38:ac:37:54:21:
96:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:34:71:26:C0:61:4E:FB:8C:E0:1E:E8:E6:6C:E0:89:76:FA:60:8E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/9jRxJsBhTvuM4B7o5mzgiXb6YI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c8:e9:5c:9c:96:dd:d1:82:d0:5e:b8:db:1c:62:d3:6b:7e:92:
10:d0:31:95:1f:67:d4:c4:e0:cf:07:6e:23:23:04:5c:d8:21:
99:28:43:9d:3d:ce:82:8f:e5:f3:d6:d0:00:26:55:21:9c:89:
6d:e0:07:e8:09:74:47:cc:0b:16:25:4a:bc:7a:8b:af:38:31:
b3:f1:3f:91:b3:21:70:c2:45:d1:94:58:b4:e3:6b:3c:59:02:
91:62:71:c7:a0:80:49:1a:cd:2c:b0:6c:8a:ee:ba:2c:12:b9:
b5:a0:a0:a1:5a:ff:65:35:f2:ce:b4:07:6c:e0:f9:25:55:e5:
1d:80:1a:6f:2c:c9:f0:a4:e8:60:72:85:3e:35:45:83:21:f4:
ce:d2:83:78:7b:62:ba:90:3a:42:be:b6:99:da:a2:c2:2e:ca:
29:5c:9a:2d:02:85:d7:a2:a5:88:06:1c:12:e2:3c:22:3a:7e:
0e:8f:4c:15:9f:5e:30:bf:76:6d:2f:0d:3b:6e:ba:32:da:03:
46:55:34:b9:50:09:a0:83:01:a2:fd:0d:82:1e:d5:be:40:58:
d7:a0:1f:14:7b:0b:e9:48:eb:96:ce:4d:61:4d:17:6d:fe:d0:
94:6b:e6:d4:0d:09:99:33:29:a8:5c:2c:a4:43:13:c3:5b:e2:
3d:ab:89:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+SB1Mbw57agJo0Ot6QKsRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE5MTgwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjM0NzEyNmMwNjE0ZWZiOGNlMDFlZThlNjZjZTA4OTc2ZmE2MDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmKhj2N0RuzXVpl8LqHDaEhuLnSY
1uHcC0zB6sk4rxjFZHqAs2RUm9m1HWFtNZFHAEHbDNS9+aoeodaMJVk01bxGbW0F
yQdTaRcBgWvcnSSBglZGvI6P+pkhOZdX381cb1L4KwwWlWBnJYcg1cEsF2szUsSW
NTDK8/WsagRdh2j5kvMbmV9riBr4UlJFGdEyxDg9U19+kXDvhKKsW+FCHYT7Psbk
h61M62Vuq5CQOEyGkWOa95IzDCbf473Lhm6fJwvqFKnnOy6UUQS6Yhmg1nf1q8+u
H4pnVdx0D1M7OA8YlNmhAECLapKxu4iyYG7MxXV05UQcmTMxOKw3VCGW/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPY0cSbAYU77jOAe6OZs4Il2+mCOMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvOWpSeEpzQmhUdnVNNEI3bzVtemdpWGI2WUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMjpXJyW3dGC0F642xxi
02t+khDQMZUfZ9TE4M8HbiMjBFzYIZkoQ509zoKP5fPW0AAmVSGciW3gB+gJdEfM
CxYlSrx6i684MbPxP5GzIXDCRdGUWLTjazxZApFicceggEkazSywbIruuiwSubWg
oKFa/2U18s60B2zg+SVV5R2AGm8syfCk6GByhT41RYMh9M7Sg3h7YrqQOkK+tpna
osIuyilcmi0ChdeipYgGHBLiPCI6fg6PTBWfXjC/dm0vDTtuujLaA0ZVNLlQCaCD
AaL9DYIe1b5AWNegHxR7C+lI65bOTWFNF23+0JRr5tQNCZkzKahcLKRDE8Nb4j2r
iWI=
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:49:51 2025 by rpki-client