Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Qb2KwlAY1ZX5z75Fpz_jIkQo9wA.roa
File: Qb2KwlAY1ZX5z75Fpz_jIkQo9wA.roa (raw, json)
Hash identifier: mDvwBjUb7T1bxUvXMieN1AR+gRF12C8AxolN8qjOQyw=
Subject key identifier: 41:BD:8A:C2:50:18:D5:95:F9:CF:BE:45:A7:3F:E3:22:44:28:F7:00
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5EFAF7378F6D46C9D9DF8FB7D3F4295E
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Qb2KwlAY1ZX5z75Fpz_jIkQo9wA.roa
Signing time: Thu 09 May 2024 20:10:56 +0000
ROA not before: Thu 09 May 2024 20:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5e:fa:f7:37:8f:6d:46:c9:d9:df:8f:b7:d3:f4:29:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 9 20:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41bd8ac25018d595f9cfbe45a73fe3224428f700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8a:fd:d4:6c:6d:ae:2d:ea:f4:23:93:c2:aa:
22:72:7e:c3:23:7b:98:15:68:a1:2f:3d:e3:c1:3e:
a1:a1:8e:7e:74:d5:98:cf:47:26:22:c3:8d:61:5e:
14:8d:45:fb:c6:1d:ab:df:0f:0f:50:d9:68:78:83:
0f:0d:cd:f5:9b:75:ef:56:76:90:1e:e1:2a:ec:d4:
d7:fa:90:a0:f4:e9:99:05:df:3a:b6:02:a4:b5:8a:
30:26:b2:bd:45:88:7c:bc:78:9f:f2:7f:84:11:aa:
6e:60:d5:78:40:65:d7:d4:97:9b:13:a3:f4:72:0f:
59:7a:1e:c3:ee:b4:05:fa:2b:fd:cc:a8:e1:18:cd:
0e:f2:8c:d7:8b:48:da:96:61:47:4c:31:d9:ed:dc:
e9:49:8c:42:1b:ff:41:ad:71:f1:c9:8e:5a:25:5f:
ac:dd:84:9f:5b:19:02:64:5a:0e:de:f6:de:1b:d7:
b2:56:71:88:9d:28:df:88:ba:62:f7:f8:f9:a9:02:
97:96:a6:c4:19:ad:f8:5c:43:03:10:44:26:77:19:
4a:6c:22:a4:63:9d:f0:14:3e:01:70:0a:1c:80:68:
4a:bf:c8:6e:50:15:4d:b7:9e:55:db:b1:cd:0d:ab:
24:91:14:cf:9a:79:b5:2d:5c:7d:cf:21:b7:92:9c:
8d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BD:8A:C2:50:18:D5:95:F9:CF:BE:45:A7:3F:E3:22:44:28:F7:00
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Qb2KwlAY1ZX5z75Fpz_jIkQo9wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:5f:4f:40:54:81:97:74:3f:29:3a:04:6f:f9:95:60:ac:d8:
ba:6c:30:19:5d:97:a0:50:a2:b9:88:d5:4a:ad:1e:d6:e5:6f:
be:75:c8:b2:e0:33:72:60:aa:a5:a5:0d:38:c0:3a:fb:90:00:
60:99:5e:03:d3:0d:9e:3b:48:3b:e1:3c:38:91:ac:cf:4b:26:
3a:5f:6b:1c:11:84:71:74:d0:15:47:02:21:ab:0e:3e:76:e9:
fe:19:c7:4f:1d:a2:d6:3a:96:04:14:1a:29:6b:82:29:dc:c7:
cc:4e:84:be:f0:a6:6b:88:92:42:94:30:09:96:3b:55:be:49:
01:4f:b9:f2:51:97:1b:c3:a9:c7:70:63:a9:92:ee:65:b3:1b:
2a:9a:4d:02:4d:a5:c0:97:30:32:09:ec:50:06:aa:00:87:60:
cc:70:a2:54:00:da:61:42:43:a9:a4:e1:bb:63:b7:5c:19:fb:
a6:f7:d5:19:a6:e3:fd:51:c0:6f:61:bb:f2:82:b8:dd:c6:d8:
1a:68:60:e9:ec:76:45:9d:d6:83:cd:81:8f:c2:19:e4:24:f5:
5e:fa:3f:60:c9:10:f2:72:02:76:44:35:6a:3a:fd:ef:b2:31:
57:f9:fd:6e:80:3a:57:7b:9e:78:29:65:2a:57:b5:97:9e:63:
d2:6d:75:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9e+vc3j21Gydnfj7fT9CleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA5MjAxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWJkOGFjMjUwMThkNTk1ZjljZmJlNDVhNzNmZTMyMjQ0MjhmNzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtor91Gxtri3q9COTwqoicn7DI3uY
FWihLz3jwT6hoY5+dNWYz0cmIsONYV4UjUX7xh2r3w8PUNloeIMPDc31m3XvVnaQ
HuEq7NTX+pCg9OmZBd86tgKktYowJrK9RYh8vHif8n+EEapuYNV4QGXX1JebE6P0
cg9Zeh7D7rQF+iv9zKjhGM0O8ozXi0jalmFHTDHZ7dzpSYxCG/9BrXHxyY5aJV+s
3YSfWxkCZFoO3vbeG9eyVnGInSjfiLpi9/j5qQKXlqbEGa34XEMDEEQmdxlKbCKk
Y53wFD4BcAocgGhKv8huUBVNt55V27HNDaskkRTPmnm1LVx9zyG3kpyN4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEG9isJQGNWV+c++Rac/4yJEKPcAMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUWIyS3dsQVkxWlg1ejc1RnB6X2pJa1FvOXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAChfT0BUgZd0Pyk6BG/5
lWCs2LpsMBldl6BQormI1UqtHtblb751yLLgM3JgqqWlDTjAOvuQAGCZXgPTDZ47
SDvhPDiRrM9LJjpfaxwRhHF00BVHAiGrDj526f4Zx08dotY6lgQUGilrgincx8xO
hL7wpmuIkkKUMAmWO1W+SQFPufJRlxvDqcdwY6mS7mWzGyqaTQJNpcCXMDIJ7FAG
qgCHYMxwolQA2mFCQ6mk4btjt1wZ+6b31Rmm4/1RwG9hu/KCuN3G2BpoYOnsdkWd
1oPNgY/CGeQk9V76P2DJEPJyAnZENWo6/e+yMVf5/W6AOld7nngpZSpXtZeeY9Jt
dZo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 11:20:02 2025 by rpki-client