Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/IMqY0teGcBFs5ZqA1I7afNjLvco.roa
File: IMqY0teGcBFs5ZqA1I7afNjLvco.roa (raw, json)
Hash identifier: 0MbIIyilxFgqJPl4M+Iena6Aj8yWPP0kPUbqVNOjO7c=
Subject key identifier: 20:CA:98:D2:D7:86:70:11:6C:E5:9A:80:D4:8E:DA:7C:D8:CB:BD:CA
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9E7FC48DA563CD184FB2565BF2C1C5E3
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/IMqY0teGcBFs5ZqA1I7afNjLvco.roa
Signing time: Wed 22 May 2024 04:12:04 +0000
ROA not before: Wed 22 May 2024 04:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9e:7f:c4:8d:a5:63:cd:18:4f:b2:56:5b:f2:c1:c5:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 22 04:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20ca98d2d78670116ce59a80d48eda7cd8cbbdca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5f:19:9e:15:e9:c4:41:5a:9f:36:bb:3d:d8:
50:68:f1:34:dc:a0:69:0c:f2:9d:a6:ca:09:91:ea:
2e:49:c2:25:f6:af:a0:16:6b:4d:60:ee:9b:4e:f6:
f9:36:62:71:d2:dc:c6:25:38:19:44:cf:13:54:59:
54:23:69:66:a8:49:d3:25:70:16:ae:9f:cf:d6:49:
43:ca:d1:8e:7c:5e:b5:86:a5:e0:04:5c:ea:b3:fc:
ea:ea:53:8c:10:21:99:30:30:52:db:e9:72:9c:02:
0f:c5:a8:e3:ec:68:bb:3f:7b:f9:44:8e:2c:83:b2:
16:97:6b:2b:0f:d2:a7:22:11:71:98:5f:8e:9b:0f:
12:7a:78:4b:45:27:5e:f5:2b:a7:fb:e2:9d:a9:de:
96:ee:4d:1d:15:3f:25:f1:45:ed:b1:7a:3a:e7:4c:
23:7b:8b:1e:89:b3:87:1f:f2:f1:b2:b0:c8:2a:e7:
c3:9b:2b:fa:49:c8:c6:96:a2:b9:6a:44:32:c9:2d:
69:70:31:a5:47:19:69:1f:76:c8:44:8a:c8:20:08:
00:3e:9b:6b:ed:0b:4a:6f:66:d6:08:b6:cf:54:e6:
0a:39:d6:2c:1f:3f:ac:25:5b:92:a1:56:26:7f:8a:
ab:1d:67:df:e9:f0:02:bc:16:ae:d7:13:f3:e1:1a:
5d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:CA:98:D2:D7:86:70:11:6C:E5:9A:80:D4:8E:DA:7C:D8:CB:BD:CA
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/IMqY0teGcBFs5ZqA1I7afNjLvco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:85:86:68:c0:61:a4:5b:d0:70:28:56:0f:1a:ed:40:52:09:
77:06:26:9b:cc:d9:f1:1e:93:43:ac:a2:e1:84:4f:33:05:08:
17:07:c6:07:02:5e:7e:93:1c:bf:2f:65:40:2c:df:0f:71:3e:
35:0e:7e:f6:cd:24:16:af:41:32:93:bf:76:e6:b1:d2:5e:8a:
fe:7e:6e:31:aa:32:ea:c2:1b:a3:56:f3:ad:7f:13:45:0b:e1:
00:19:5b:2c:16:48:a2:1d:fb:66:82:26:99:34:e6:4c:64:29:
1a:9d:25:7f:70:07:5a:bc:19:62:6a:2f:34:ed:04:4d:ff:40:
5f:d5:01:d6:eb:03:e7:02:8f:d1:4f:d8:35:a7:4d:09:4e:43:
b8:80:e2:68:af:70:4d:b7:3f:34:26:8b:ce:b5:33:77:2e:82:
82:43:73:4e:8a:c1:2c:61:14:15:86:10:a4:9b:40:f3:25:ea:
8a:c6:90:8c:d3:b9:f9:d6:48:fb:bf:13:67:08:7d:3e:b2:c8:
2b:0e:f2:11:b0:84:9f:f3:38:b9:b5:36:4d:25:6a:2c:22:8e:
73:cd:4d:65:90:19:9f:1e:e8:d7:4c:42:95:c9:a0:f0:3d:8f:
00:26:4a:26:f5:19:3e:5b:21:81:f4:49:89:1e:99:15:41:86:
70:b1:0f:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+ef8SNpWPNGE+yVlvywcXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIyMDQxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGNhOThkMmQ3ODY3MDExNmNlNTlhODBkNDhlZGE3Y2Q4Y2JiZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF8ZnhXpxEFanza7PdhQaPE03KBp
DPKdpsoJkeouScIl9q+gFmtNYO6bTvb5NmJx0tzGJTgZRM8TVFlUI2lmqEnTJXAW
rp/P1klDytGOfF61hqXgBFzqs/zq6lOMECGZMDBS2+lynAIPxajj7Gi7P3v5RI4s
g7IWl2srD9KnIhFxmF+Omw8SenhLRSde9Sun++Kdqd6W7k0dFT8l8UXtsXo650wj
e4seibOHH/LxsrDIKufDmyv6ScjGlqK5akQyyS1pcDGlRxlpH3bIRIrIIAgAPptr
7QtKb2bWCLbPVOYKOdYsHz+sJVuSoVYmf4qrHWff6fACvBau1xPz4RpdBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCDKmNLXhnARbOWagNSO2nzYy73KMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvSU1xWTB0ZUdjQkZzNVpxQTFJN2FmTmpMdmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGOFhmjAYaRb0HAoVg8a
7UBSCXcGJpvM2fEek0OsouGETzMFCBcHxgcCXn6THL8vZUAs3w9xPjUOfvbNJBav
QTKTv3bmsdJeiv5+bjGqMurCG6NW861/E0UL4QAZWywWSKId+2aCJpk05kxkKRqd
JX9wB1q8GWJqLzTtBE3/QF/VAdbrA+cCj9FP2DWnTQlOQ7iA4mivcE23PzQmi861
M3cugoJDc06KwSxhFBWGEKSbQPMl6orGkIzTufnWSPu/E2cIfT6yyCsO8hGwhJ/z
OLm1Nk0laiwijnPNTWWQGZ8e6NdMQpXJoPA9jwAmSib1GT5bIYH0SYkemRVBhnCx
DxY=
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:52:24 2025 by rpki-client