Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/RspLdRmkHtZtsktkZZFAuHZsKRU.roa
File: RspLdRmkHtZtsktkZZFAuHZsKRU.roa (raw, json)
Hash identifier: lP+/v1qN9OArp1cF6f75HfMYzcnz1AXmPkCFhmoTyPs=
Subject key identifier: 46:CA:4B:75:19:A4:1E:D6:6D:B2:4B:64:65:91:40:B8:76:6C:29:15
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018EFCB55F2EFD04B511019DFA0D684C4691
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/RspLdRmkHtZtsktkZZFAuHZsKRU.roa
Signing time: Sat 20 Apr 2024 18:12:08 +0000
ROA not before: Sat 20 Apr 2024 18:12:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fc:b5:5f:2e:fd:04:b5:11:01:9d:fa:0d:68:4c:46:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 20 18:12:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46ca4b7519a41ed66db24b64659140b8766c2915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:71:b9:79:e0:49:a3:54:22:1a:35:74:60:fd:
b2:8a:ff:4d:e0:47:2a:a0:9f:8f:34:25:50:0b:71:
c1:fb:57:29:56:28:e9:3b:bb:b0:c1:b6:65:00:ac:
55:b3:79:6d:dc:03:39:c5:79:04:ff:4a:e3:09:73:
30:f5:44:83:d0:b1:fc:a0:06:78:ca:42:2e:7e:7d:
16:2d:20:11:71:d3:bd:7b:70:5e:fb:ae:c7:36:93:
c3:cc:d7:c7:7c:8c:01:f6:3e:d0:df:34:08:58:a8:
ce:80:2f:96:f6:e4:4f:f2:f3:8f:d0:40:de:d2:11:
93:e0:01:b5:51:33:cc:20:a5:5c:15:4e:40:6e:9f:
6e:f4:f3:09:46:0e:c0:2b:22:1d:20:8e:1a:85:c2:
97:67:14:91:b2:8d:53:f6:e6:8a:bd:d7:0f:00:16:
4e:8f:b0:8b:12:0d:98:c0:c8:a5:d9:ef:12:e2:6a:
67:c2:7d:18:bf:36:94:de:a5:a0:57:36:5a:8f:d6:
05:9b:1d:cc:13:62:6f:4c:96:26:09:74:9e:00:05:
08:22:31:a0:d0:a9:88:d3:91:b6:44:32:c9:03:6c:
78:cd:3c:b1:3b:96:80:69:f3:4a:b0:11:c5:0c:87:
02:98:09:7e:e5:cb:07:77:00:79:4e:d5:39:86:f6:
b0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:CA:4B:75:19:A4:1E:D6:6D:B2:4B:64:65:91:40:B8:76:6C:29:15
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/RspLdRmkHtZtsktkZZFAuHZsKRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
Signature Algorithm: sha256WithRSAEncryption
ca:88:8a:28:38:1f:7c:67:db:95:fe:f7:de:de:ae:c8:36:8c:
df:97:52:b8:ea:4e:30:f0:bc:f3:51:b8:31:63:5f:c6:14:ea:
09:87:be:a2:c5:bc:eb:8a:de:db:13:f8:0c:9d:39:48:25:fc:
04:db:0e:e2:44:5f:85:e9:6e:01:9e:12:96:14:1a:0f:9d:64:
34:82:cd:5a:f1:ca:ff:71:64:db:d1:f8:99:d5:86:f8:73:54:
e3:a4:c5:db:f7:77:2e:ba:09:2e:7f:eb:6b:e1:b5:0b:4a:58:
f4:e6:60:cb:bf:90:9a:71:ff:a9:1a:d1:ba:f4:f8:03:87:d0:
da:40:64:97:cb:f2:b9:1c:69:ec:ae:95:02:da:55:c0:6b:36:
de:13:71:ff:08:3c:78:b7:0a:53:8f:77:3e:96:56:e5:59:e5:
f9:88:ff:37:a2:01:c4:5c:9a:37:19:2c:7e:4c:e1:9f:8b:48:
97:57:e8:19:9a:eb:ac:a9:06:ba:5d:6a:7e:92:4b:0b:ba:54:
9a:4c:90:41:f1:48:58:bd:ba:0f:07:5e:83:09:cf:10:01:2b:
03:75:00:d2:13:42:de:20:5f:26:65:bd:ac:dd:63:94:dc:a9:
35:82:a7:88:3a:23:b3:cc:f4:e2:37:55:67:0c:09:45:82:c8:
74:1a:50:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY78tV8u/QS1EQGd+g1oTEaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDIwMTgxMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmNhNGI3NTE5YTQxZWQ2NmRiMjRiNjQ2NTkxNDBiODc2NmMyOTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynG5eeBJo1QiGjV0YP2yiv9N4Ecq
oJ+PNCVQC3HB+1cpVijpO7uwwbZlAKxVs3lt3AM5xXkE/0rjCXMw9USD0LH8oAZ4
ykIufn0WLSARcdO9e3Be+67HNpPDzNfHfIwB9j7Q3zQIWKjOgC+W9uRP8vOP0EDe
0hGT4AG1UTPMIKVcFU5Abp9u9PMJRg7AKyIdII4ahcKXZxSRso1T9uaKvdcPABZO
j7CLEg2YwMil2e8S4mpnwn0YvzaU3qWgVzZaj9YFmx3ME2JvTJYmCXSeAAUIIjGg
0KmI05G2RDLJA2x4zTyxO5aAafNKsBHFDIcCmAl+5csHdwB5TtU5hvawBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEbKS3UZpB7WbbJLZGWRQLh2bCkVMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUnNwTGRSbWtIdFp0c2t0a1paRkF1SFpzS1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwQAYMA0G
CSqGSIb3DQEBCwUAA4IBAQDKiIooOB98Z9uV/vfe3q7INozfl1K46k4w8LzzUbgx
Y1/GFOoJh76ixbzrit7bE/gMnTlIJfwE2w7iRF+F6W4BnhKWFBoPnWQ0gs1a8cr/
cWTb0fiZ1Yb4c1TjpMXb93cuugkuf+tr4bULSlj05mDLv5Cacf+pGtG69PgDh9Da
QGSXy/K5HGnsrpUC2lXAazbeE3H/CDx4twpTj3c+llblWeX5iP83ogHEXJo3GSx+
TOGfi0iXV+gZmuusqQa6XWp+kksLulSaTJBB8UhYvboPB16DCc8QASsDdQDSE0Le
IF8mZb2s3WOU3Kk1gqeIOiOzzPTiN1VnDAlFgsh0GlCt
-----END CERTIFICATE-----
Generated at Thu May 1 07:20:21 2025 by rpki-client