Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/VZ3a0SAIIjLpVuduEQbqy033HRI.roa
File: VZ3a0SAIIjLpVuduEQbqy033HRI.roa (raw, json)
Hash identifier: 4JJLI4XMrkawBsds6JJMDPyJs0c1fHD/sehwrTCnW1M=
Subject key identifier: 55:9D:DA:D1:20:08:22:32:E9:56:E7:6E:11:06:EA:CB:4D:F7:1D:12
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F0D3C0640A0668012F33EE6045226DE33
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/VZ3a0SAIIjLpVuduEQbqy033HRI.roa
Signing time: Tue 23 Apr 2024 23:13:08 +0000
ROA not before: Tue 23 Apr 2024 23:13:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0d:3c:06:40:a0:66:80:12:f3:3e:e6:04:52:26:de:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 23 23:13:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=559ddad120082232e956e76e1106eacb4df71d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fe:b7:0a:a6:47:3a:b5:ed:2e:9a:61:e8:aa:
56:f1:8a:4e:96:1a:6e:d3:8b:8b:84:77:04:52:8c:
aa:92:06:ee:93:a1:b7:a4:8f:75:5a:18:0a:0e:6d:
5c:58:dc:78:f7:24:88:4b:d4:98:76:42:fa:80:23:
8e:87:ea:bb:d7:d4:1a:58:78:6b:3a:49:9f:38:18:
2a:d7:02:fc:2b:87:5a:dc:bf:ab:51:da:26:11:26:
0a:ca:18:0f:ff:67:23:14:4b:6c:2d:60:aa:83:f9:
dc:5d:03:df:00:5a:10:a2:76:b6:e5:88:47:99:49:
12:a0:4e:cf:33:0b:48:10:47:9d:0c:58:09:11:d7:
bd:39:06:2d:e1:8d:77:41:6e:1f:99:fc:45:ab:a8:
32:52:64:13:ba:b7:3d:71:35:86:1a:34:97:6f:98:
05:af:6d:c4:52:89:56:28:5f:14:22:90:9a:90:3e:
08:4a:09:80:6d:7b:4b:21:0e:80:3e:ab:3b:6f:c4:
ca:e2:de:29:e0:4c:ff:66:4e:73:4d:48:7b:06:d0:
a4:89:86:11:84:19:24:68:76:f6:00:7b:39:90:8b:
6e:ad:6d:32:4f:a6:11:09:7f:5b:ae:aa:83:ed:04:
9e:b5:21:d8:9a:70:7e:e6:5d:47:87:17:6c:eb:d0:
4e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:9D:DA:D1:20:08:22:32:E9:56:E7:6E:11:06:EA:CB:4D:F7:1D:12
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/VZ3a0SAIIjLpVuduEQbqy033HRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
97:b2:d4:e7:a3:7b:ef:34:93:c9:64:99:67:54:b7:87:1b:a0:
13:8f:00:8f:4e:d7:e9:f9:12:16:0a:24:be:8a:98:ef:40:c3:
62:e7:34:a0:28:8c:e5:3e:81:cc:6b:bf:13:c5:af:f6:be:99:
d9:88:1f:d9:ce:05:4c:33:a0:1e:c1:b1:c7:d6:51:1f:5f:9c:
be:3b:12:69:df:ba:57:7c:12:21:e4:7c:c7:1c:d0:94:0f:e2:
a2:6f:5a:59:15:e9:39:2e:1a:e6:0c:ec:a1:be:58:b8:a5:cb:
b5:cf:d0:ed:fb:23:09:91:4b:c2:69:a9:42:94:ac:76:1a:07:
28:37:e7:01:9b:77:99:95:88:11:0b:4b:55:5c:8a:45:3d:d7:
73:f9:5e:15:ec:98:8b:50:ee:ba:67:f4:ea:7f:fe:00:cb:36:
96:7b:39:4c:e9:ad:f6:52:da:94:2a:fc:4b:41:db:91:5a:9c:
0c:db:8d:39:dc:0d:95:74:dd:72:7f:49:cb:31:ed:53:c4:f6:
04:79:57:8e:72:f4:93:d5:23:de:e7:e0:aa:0a:38:b4:b4:0d:
d9:c1:a6:c1:ce:79:15:c2:fb:0f:0a:b9:42:4a:fd:69:47:ca:
d4:62:51:d7:8c:6d:1f:11:4a:00:06:2b:d9:92:f2:b1:54:7d:
47:38:72:77
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8NPAZAoGaAEvM+5gRSJt4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDIzMjMxMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTlkZGFkMTIwMDgyMjMyZTk1NmU3NmUxMTA2ZWFjYjRkZjcxZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvv63CqZHOrXtLpph6KpW8YpOlhpu
04uLhHcEUoyqkgbuk6G3pI91WhgKDm1cWNx49ySIS9SYdkL6gCOOh+q719QaWHhr
OkmfOBgq1wL8K4da3L+rUdomESYKyhgP/2cjFEtsLWCqg/ncXQPfAFoQona25YhH
mUkSoE7PMwtIEEedDFgJEde9OQYt4Y13QW4fmfxFq6gyUmQTurc9cTWGGjSXb5gF
r23EUolWKF8UIpCakD4ISgmAbXtLIQ6APqs7b8TK4t4p4Ez/Zk5zTUh7BtCkiYYR
hBkkaHb2AHs5kIturW0yT6YRCX9brqqD7QSetSHYmnB+5l1Hhxds69BOgQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFWd2tEgCCIy6VbnbhEG6stN9x0SMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvVlozYTBTQUlJakxwVnVkdUVRYnF5MDMzSFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQCXstTn
o3vvNJPJZJlnVLeHG6ATjwCPTtfp+RIWCiS+ipjvQMNi5zSgKIzlPoHMa78Txa/2
vpnZiB/ZzgVMM6AewbHH1lEfX5y+OxJp37pXfBIh5HzHHNCUD+Kib1pZFek5Lhrm
DOyhvli4pcu1z9Dt+yMJkUvCaalClKx2GgcoN+cBm3eZlYgRC0tVXIpFPddz+V4V
7JiLUO66Z/Tqf/4AyzaWezlM6a32UtqUKvxLQduRWpwM24053A2VdN1yf0nLMe1T
xPYEeVeOcvST1SPe5+CqCji0tA3ZwabBznkVwvsPCrlCSv1pR8rUYlHXjG0fEUoA
BivZkvKxVH1HOHJ3
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:37:06 2025 by rpki-client