Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/WZ4wUcf8zmNQB_UwAmMDJXx_xDQ.roa
File: WZ4wUcf8zmNQB_UwAmMDJXx_xDQ.roa (raw, json)
Hash identifier: SHud6H8CRvULkL+Y37ZNKpsJPphlbQkRNTJs/ISlLCw=
Subject key identifier: 59:9E:30:51:C7:FC:CE:63:50:07:F5:30:02:63:03:25:7C:7F:C4:34
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F2EEF56D4E0EBAA2F59BF7EFD01712FB0
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/WZ4wUcf8zmNQB_UwAmMDJXx_xDQ.roa
Signing time: Tue 30 Apr 2024 12:16:28 +0000
ROA not before: Tue 30 Apr 2024 12:16:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:ef:56:d4:e0:eb:aa:2f:59:bf:7e:fd:01:71:2f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 30 12:16:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=599e3051c7fcce635007f530026303257c7fc434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c6:e4:3b:82:35:5d:34:73:32:9c:61:d6:3b:
c1:da:3f:01:65:da:09:75:a3:40:45:0a:92:11:1e:
f5:56:4b:50:36:ec:46:89:0e:83:34:71:94:db:a0:
b0:9f:58:cf:27:ad:b7:5d:40:f4:b6:bc:c6:0d:3e:
63:46:c4:3b:04:13:e9:fd:51:33:ba:52:52:22:28:
39:41:61:a1:96:e2:0f:f4:0a:dd:72:22:d3:10:9a:
d6:69:bb:5e:2e:0a:bd:f8:b8:a0:4e:aa:af:f6:df:
1d:7a:37:30:54:ae:25:0e:d7:61:58:30:3a:9f:4a:
b1:f6:fa:30:b2:c3:6c:82:ae:f5:15:ef:37:d1:be:
61:f8:da:9c:f5:2f:5a:07:88:5c:2c:60:d6:4e:8d:
d5:a8:0f:ec:42:cc:21:44:6d:8f:f7:9f:ac:b1:0e:
f6:3a:06:48:8f:32:ef:21:61:ef:d4:70:11:a5:c0:
42:74:95:ff:05:6a:97:e8:3b:15:1e:2a:68:c5:80:
be:e8:fb:84:46:d0:c1:fb:07:2c:09:37:c5:9d:43:
f2:8d:ff:6f:9c:48:81:72:9e:01:41:20:d9:45:73:
b4:a1:02:17:50:42:18:81:00:5f:3d:a6:09:cd:cd:
e9:c4:07:1b:70:9f:d7:a8:34:54:4b:ed:f4:be:8d:
64:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:9E:30:51:C7:FC:CE:63:50:07:F5:30:02:63:03:25:7C:7F:C4:34
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/WZ4wUcf8zmNQB_UwAmMDJXx_xDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:2b:82:70:ee:05:db:3d:24:8f:d8:e3:de:19:11:8b:ba:10:
62:4e:0c:15:21:5e:07:c9:67:d1:b3:30:61:30:62:3d:51:90:
38:23:70:21:8c:d2:d2:e7:4c:51:84:a0:5c:9c:e0:0e:3a:47:
b8:25:35:6f:55:d0:76:e1:ed:b6:b5:b9:00:bd:ae:f6:40:44:
5c:c4:8a:2a:2c:63:3e:cf:dd:83:8a:00:38:bc:5e:f5:40:48:
a7:9f:b2:22:54:ba:da:51:c5:2d:ba:6e:08:c2:ce:7d:a3:c4:
aa:61:73:65:3c:64:aa:b2:6b:bf:c2:b9:36:9e:77:35:1f:29:
79:f7:aa:07:75:c8:50:68:8b:4d:7a:44:61:27:8f:4c:30:cf:
75:1c:b8:aa:54:f6:45:62:6c:8d:a7:65:45:ee:42:84:16:f9:
a8:99:02:47:ac:2b:89:42:52:30:c0:c7:8e:d2:a1:38:0f:11:
0c:51:f5:d7:56:f6:a2:c7:f9:b7:d5:e4:b7:a4:32:a0:df:33:
ec:cc:9f:45:2c:c2:ed:2d:28:f7:e8:82:cb:4e:e3:1f:03:f9:
2a:b7:d7:ca:97:47:5f:08:ce:02:4f:6c:ba:0a:64:85:45:81:
4d:d0:da:76:34:19:ad:18:30:2a:d8:ed:21:e2:46:f0:10:81:
09:6c:07:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8u71bU4OuqL1m/fv0BcS+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDMwMTIxNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTllMzA1MWM3ZmNjZTYzNTAwN2Y1MzAwMjYzMDMyNTdjN2ZjNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsbkO4I1XTRzMpxh1jvB2j8BZdoJ
daNARQqSER71VktQNuxGiQ6DNHGU26Cwn1jPJ623XUD0trzGDT5jRsQ7BBPp/VEz
ulJSIig5QWGhluIP9ArdciLTEJrWabteLgq9+LigTqqv9t8dejcwVK4lDtdhWDA6
n0qx9vowssNsgq71Fe830b5h+Nqc9S9aB4hcLGDWTo3VqA/sQswhRG2P95+ssQ72
OgZIjzLvIWHv1HARpcBCdJX/BWqX6DsVHipoxYC+6PuERtDB+wcsCTfFnUPyjf9v
nEiBcp4BQSDZRXO0oQIXUEIYgQBfPaYJzc3pxAcbcJ/XqDRUS+30vo1kCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFmeMFHH/M5jUAf1MAJjAyV8f8Q0MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvV1o0d1VjZjh6bU5RQl9Vd0FtTURKWHhfeERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKQrgnDuBds9JI/Y494Z
EYu6EGJODBUhXgfJZ9GzMGEwYj1RkDgjcCGM0tLnTFGEoFyc4A46R7glNW9V0Hbh
7ba1uQC9rvZARFzEiiosYz7P3YOKADi8XvVASKefsiJUutpRxS26bgjCzn2jxKph
c2U8ZKqya7/CuTaedzUfKXn3qgd1yFBoi016RGEnj0wwz3UcuKpU9kVibI2nZUXu
QoQW+aiZAkesK4lCUjDAx47SoTgPEQxR9ddW9qLH+bfV5LekMqDfM+zMn0Uswu0t
KPfogstO4x8D+Sq318qXR18IzgJPbLoKZIVFgU3Q2nY0Ga0YMCrY7SHiRvAQgQls
B0U=
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:24:32 2025 by rpki-client