Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/RvrHBqVaHpIvFX9hmTVooi6qnJ0.roa
File: RvrHBqVaHpIvFX9hmTVooi6qnJ0.roa (raw, json)
Hash identifier: Xai9HDz20aaTYIUfjSSahSINEKABa7zssoHiqqs0iWE=
Subject key identifier: 46:FA:C7:06:A5:5A:1E:92:2F:15:7F:61:99:35:68:A2:2E:AA:9C:9D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9086CD72D20D55B0CDB24586A0368C32
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/RvrHBqVaHpIvFX9hmTVooi6qnJ0.roa
Signing time: Sun 19 May 2024 11:05:04 +0000
ROA not before: Sun 19 May 2024 11:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9085:f957/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:90:86:cd:72:d2:0d:55:b0:cd:b2:45:86:a0:36:8c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 19 11:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46fac706a55a1e922f157f61993568a22eaa9c9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:10:36:60:ca:0e:fd:ce:8e:c1:72:82:6f:75:
58:f2:cd:f7:00:71:6f:90:69:5b:1e:58:da:1a:91:
b7:88:9d:64:f4:39:c1:f6:a6:d3:9d:52:1b:59:a0:
3c:9f:2b:0f:76:22:b7:98:92:f9:a1:5c:89:41:0e:
97:bf:3e:0a:cf:7e:71:6c:66:f4:a6:22:2b:0b:f8:
f3:1b:17:7e:7f:0d:c8:32:b6:68:a4:eb:52:df:cd:
a8:16:ba:0c:4a:8c:00:9f:25:ad:7b:7b:7d:15:cf:
b4:aa:cd:a9:f2:ce:39:d7:da:5e:f8:34:95:0f:0e:
8f:dd:a1:79:9e:90:2a:03:01:40:e2:aa:8b:89:d6:
b3:ec:01:33:a4:25:b0:a4:e4:5f:a6:51:ce:50:2b:
84:78:09:1f:49:c8:59:b6:78:27:c1:bc:4c:b6:e7:
df:b4:26:c5:56:ed:63:15:3c:a8:a0:48:43:f8:4a:
c6:78:4c:b9:8c:a9:b2:cf:61:ed:39:5b:84:c1:2d:
e4:dc:5c:b8:44:13:a6:c2:3c:c9:b1:5a:e6:12:70:
da:93:a0:2c:32:e6:da:dc:9d:3a:66:8d:14:ad:b1:
a0:26:1f:51:95:4f:76:0c:34:2a:a1:aa:93:63:35:
b5:c1:3c:08:51:cf:35:01:0a:8b:c3:8e:03:4a:40:
77:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:FA:C7:06:A5:5A:1E:92:2F:15:7F:61:99:35:68:A2:2E:AA:9C:9D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/RvrHBqVaHpIvFX9hmTVooi6qnJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:69:3a:35:72:43:d0:02:73:6e:14:af:80:e9:63:1c:f3:56:
da:18:ed:96:53:5c:ed:b8:d8:b2:e4:43:87:ce:3d:b2:7f:ce:
bf:18:90:57:2a:a0:d9:7d:92:d7:5d:4e:ef:29:c4:ee:9c:65:
d5:1b:53:61:6e:5b:e0:79:ac:85:be:77:74:92:3a:2c:16:48:
ed:29:9b:3a:85:df:ea:43:f2:23:ab:bd:ba:63:41:37:37:52:
87:0e:23:5c:23:cb:91:ab:7f:6e:78:18:af:cf:c9:ef:8f:ff:
cb:bf:33:a4:95:9f:72:7f:af:1d:13:82:9d:f0:7b:fb:99:16:
0a:3d:64:58:fb:73:f8:d0:4a:7c:0d:0a:19:29:e1:25:f1:0b:
35:52:60:2e:ef:06:28:02:89:98:3c:aa:44:b3:fe:be:bd:58:
c9:de:1b:ce:12:75:11:de:ce:51:62:5f:34:cf:67:bf:ca:2b:
39:86:34:d8:64:fc:01:42:56:31:94:c8:39:d4:b9:7d:ab:c7:
72:8f:58:11:97:51:a3:91:7b:42:d4:c4:9d:4d:eb:55:e7:2a:
0d:f6:78:d4:00:07:a3:6d:99:ad:97:0a:da:19:d9:ad:3e:cf:
07:b4:3c:fa:ae:d9:0a:10:ba:cf:9b:fd:dc:05:c3:3a:40:09:
cf:ee:a4:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+Qhs1y0g1VsM2yRYagNowyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE5MTEwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmZhYzcwNmE1NWExZTkyMmYxNTdmNjE5OTM1NjhhMjJlYWE5YzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4hA2YMoO/c6OwXKCb3VY8s33AHFv
kGlbHljaGpG3iJ1k9DnB9qbTnVIbWaA8nysPdiK3mJL5oVyJQQ6Xvz4Kz35xbGb0
piIrC/jzGxd+fw3IMrZopOtS382oFroMSowAnyWte3t9Fc+0qs2p8s4519pe+DSV
Dw6P3aF5npAqAwFA4qqLidaz7AEzpCWwpORfplHOUCuEeAkfSchZtngnwbxMtuff
tCbFVu1jFTyooEhD+ErGeEy5jKmyz2HtOVuEwS3k3Fy4RBOmwjzJsVrmEnDak6As
Muba3J06Zo0UrbGgJh9RlU92DDQqoaqTYzW1wTwIUc81AQqLw44DSkB3AwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEb6xwalWh6SLxV/YZk1aKIuqpydMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUnZySEJxVmFIcEl2Rlg5aG1UVm9vaTZxbkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD5pOjVyQ9ACc24Ur4Dp
YxzzVtoY7ZZTXO242LLkQ4fOPbJ/zr8YkFcqoNl9ktddTu8pxO6cZdUbU2FuW+B5
rIW+d3SSOiwWSO0pmzqF3+pD8iOrvbpjQTc3UocOI1wjy5Grf254GK/Pye+P/8u/
M6SVn3J/rx0Tgp3we/uZFgo9ZFj7c/jQSnwNChkp4SXxCzVSYC7vBigCiZg8qkSz
/r69WMneG84SdRHezlFiXzTPZ7/KKzmGNNhk/AFCVjGUyDnUuX2rx3KPWBGXUaOR
e0LUxJ1N61XnKg32eNQAB6Ntma2XCtoZ2a0+zwe0PPqu2QoQus+b/dwFwzpACc/u
pG0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 05:47:32 2025 by rpki-client