Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/V5zt0uyqmIMSSesdzwV788YsqpQ.roa
File: V5zt0uyqmIMSSesdzwV788YsqpQ.roa (raw, json)
Hash identifier: nfrCpu1tEWfq82kZmjyNzhQqHR8Dpi1b0Zl4pBuVXgM=
Subject key identifier: 57:9C:ED:D2:EC:AA:98:83:12:49:EB:1D:CF:05:7B:F3:C6:2C:AA:94
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F2D350D2F177EBB2B48E43E786B11398A
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/V5zt0uyqmIMSSesdzwV788YsqpQ.roa
Signing time: Tue 30 Apr 2024 04:13:22 +0000
ROA not before: Tue 30 Apr 2024 04:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2d:35:0d:2f:17:7e:bb:2b:48:e4:3e:78:6b:11:39:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 30 04:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=579cedd2ecaa98831249eb1dcf057bf3c62caa94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:18:86:af:a9:ee:52:f9:e1:5a:89:b2:79:7c:
48:2b:25:72:bb:5b:79:a7:8a:05:36:4f:55:65:33:
d2:dc:93:70:c7:a5:18:d5:0b:c0:f6:e5:f5:6c:3f:
74:80:5f:78:2c:36:ad:bc:5e:1e:fb:fc:77:45:b5:
ea:ff:a1:04:ba:0f:07:5c:78:9e:b9:93:37:17:96:
54:39:77:7a:57:66:06:0a:84:4f:15:f6:c9:62:de:
94:61:49:43:cc:10:a4:c8:dd:3a:c6:43:2f:2d:53:
53:fd:8a:9d:75:88:cb:64:bc:28:5a:1f:75:06:a7:
c3:72:04:be:ef:79:69:24:b8:e3:a9:63:af:29:ea:
41:18:f5:af:bb:19:7e:40:36:e1:cb:6e:61:5f:36:
c3:8a:b9:91:e5:19:4a:a4:75:ff:05:25:78:96:d1:
cc:2a:be:fc:e0:c1:95:69:dc:80:de:bc:d7:28:75:
be:98:4d:20:d2:f7:14:c5:02:fe:37:17:ce:54:43:
ee:32:13:9a:14:8c:f3:f1:fa:7f:7c:c4:e9:e7:51:
c9:77:9a:b9:9f:05:aa:f2:e3:e8:2a:10:5c:10:cd:
fe:a8:10:a5:79:f4:ab:74:77:ec:32:ca:cb:41:9f:
73:26:b2:f1:f5:e4:1c:6d:57:a2:8b:60:f1:6e:60:
a3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:9C:ED:D2:EC:AA:98:83:12:49:EB:1D:CF:05:7B:F3:C6:2C:AA:94
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/V5zt0uyqmIMSSesdzwV788YsqpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
92:91:f3:c1:b6:d1:c7:94:d7:31:aa:63:e3:94:00:e0:94:62:
ef:84:f5:c8:89:12:88:eb:07:6b:31:0b:2e:26:0e:50:27:c5:
d5:16:7b:65:0c:1d:f8:ce:40:99:17:61:bc:56:70:9e:6f:10:
64:8d:d6:46:1d:ce:22:5a:9b:17:11:83:04:05:aa:81:89:3c:
8d:02:91:b3:b3:08:49:f5:49:76:c6:ce:ee:c9:c0:3a:9e:a5:
6b:ff:f0:56:ec:a0:8a:0b:1d:d7:02:9f:02:a7:40:3d:1f:71:
70:55:da:33:a6:5e:b2:58:c0:f3:8b:14:4b:27:49:4a:97:1c:
55:27:0a:e5:2a:91:37:1e:f4:27:42:40:32:a4:bb:06:7d:e6:
f9:be:4c:5c:54:d6:3f:e4:83:98:10:94:93:52:eb:e7:b8:a5:
88:09:12:76:bd:96:77:5d:6a:63:27:9f:df:18:f0:53:02:c1:
ad:a8:03:50:fb:0d:65:ae:97:52:a1:bb:c5:38:85:d1:ef:b5:
a1:c7:ac:44:8d:f4:0b:50:e7:af:51:5d:dc:9e:7e:63:f4:58:
16:a4:f7:2b:72:91:91:d1:3c:11:69:6a:26:1e:7f:0f:ae:29:
93:14:6a:33:08:6b:d6:6a:73:90:c6:4b:b7:94:59:2f:f0:21:
7b:08:f3:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8tNQ0vF367K0jkPnhrETmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDMwMDQxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzljZWRkMmVjYWE5ODgzMTI0OWViMWRjZjA1N2JmM2M2MmNhYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBiGr6nuUvnhWomyeXxIKyVyu1t5
p4oFNk9VZTPS3JNwx6UY1QvA9uX1bD90gF94LDatvF4e+/x3RbXq/6EEug8HXHie
uZM3F5ZUOXd6V2YGCoRPFfbJYt6UYUlDzBCkyN06xkMvLVNT/YqddYjLZLwoWh91
BqfDcgS+73lpJLjjqWOvKepBGPWvuxl+QDbhy25hXzbDirmR5RlKpHX/BSV4ltHM
Kr784MGVadyA3rzXKHW+mE0g0vcUxQL+NxfOVEPuMhOaFIzz8fp/fMTp51HJd5q5
nwWq8uPoKhBcEM3+qBClefSrdHfsMsrLQZ9zJrLx9eQcbVeii2DxbmCjiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFec7dLsqpiDEknrHc8Fe/PGLKqUMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvVjV6dDB1eXFtSU1TU2VzZHp3Vjc4OFlzcXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJKR88G20ceU1zGqY+OU
AOCUYu+E9ciJEojrB2sxCy4mDlAnxdUWe2UMHfjOQJkXYbxWcJ5vEGSN1kYdziJa
mxcRgwQFqoGJPI0CkbOzCEn1SXbGzu7JwDqepWv/8FbsoIoLHdcCnwKnQD0fcXBV
2jOmXrJYwPOLFEsnSUqXHFUnCuUqkTce9CdCQDKkuwZ95vm+TFxU1j/kg5gQlJNS
6+e4pYgJEna9lnddamMnn98Y8FMCwa2oA1D7DWWul1Khu8U4hdHvtaHHrESN9AtQ
569RXdyefmP0WBak9ytykZHRPBFpaiYefw+uKZMUajMIa9Zqc5DGS7eUWS/wIXsI
834=
-----END CERTIFICATE-----
Generated at Fri May 2 01:46:07 2025 by rpki-client