Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/X5bNTDb3tHRa-pHTnwWxUIvE9-Q.roa
File: X5bNTDb3tHRa-pHTnwWxUIvE9-Q.roa (raw, json)
Hash identifier: WfMbYRzGrPh3vqtAzysjAtcBdJljXQE2Axk4ZEpiK9A=
Subject key identifier: 5F:96:CD:4C:36:F7:B4:74:5A:FA:91:D3:9F:05:B1:50:8B:C4:F7:E4
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA85F34554A342BDE18EA449BA774F0D5
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/X5bNTDb3tHRa-pHTnwWxUIvE9-Q.roa
Signing time: Fri 24 May 2024 02:12:42 +0000
ROA not before: Fri 24 May 2024 02:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a8:5f:34:55:4a:34:2b:de:18:ea:44:9b:a7:74:f0:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 24 02:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f96cd4c36f7b4745afa91d39f05b1508bc4f7e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:36:62:86:1f:2f:9d:85:2b:49:37:b3:ac:28:
59:4c:7e:ee:28:ab:a0:4f:32:a2:f7:23:57:7e:b9:
28:c5:23:1c:65:5f:2b:b2:3d:c4:53:96:4a:36:db:
e9:73:ca:88:5b:c0:5c:7d:4c:09:57:f0:f6:f6:13:
93:f2:ae:20:08:8b:53:cc:ef:8c:1c:f1:48:db:76:
e7:cc:22:28:f5:a6:d8:1d:4f:f0:36:3e:18:ba:28:
d9:9f:f5:59:b6:2c:dd:c4:ab:f2:ee:25:63:6e:7a:
9d:52:f5:2d:ff:35:e2:a3:e1:eb:49:d3:e9:c8:09:
a7:a2:88:d3:6d:21:e5:9d:42:66:c4:3e:3f:c2:2f:
b2:44:62:15:1d:4b:cd:e0:f6:4d:cc:e7:0b:d6:fd:
d9:9c:9a:52:94:e0:46:8c:cc:fb:7b:3b:1b:7e:bd:
19:1d:6a:02:a4:a5:06:ab:3c:c3:76:0d:5a:8d:b1:
6b:03:d3:d2:33:70:5c:e1:cb:12:96:26:04:29:07:
d2:74:63:b5:5f:ce:93:12:2c:77:ae:f7:ef:0c:4b:
ff:53:43:e9:cc:8b:92:06:98:60:cb:18:db:55:5c:
84:9e:e4:be:a3:5a:9d:9d:61:11:66:f8:70:99:05:
9d:95:9c:41:b6:08:a6:89:58:5f:2b:07:ab:08:3b:
a5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:96:CD:4C:36:F7:B4:74:5A:FA:91:D3:9F:05:B1:50:8B:C4:F7:E4
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/X5bNTDb3tHRa-pHTnwWxUIvE9-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:26:fd:5d:32:97:a2:55:e9:33:af:3c:a0:25:8e:de:dc:28:
a5:36:a4:9f:60:f6:2e:0e:39:7f:73:43:5b:de:7b:06:36:91:
b0:e9:5a:40:46:b0:97:1e:3c:3a:ab:57:13:86:3d:20:85:b5:
05:1e:a7:09:4b:10:f4:bd:2e:41:b5:37:4d:ae:4d:ea:98:78:
79:01:e5:52:49:b5:92:ac:11:26:a5:21:7e:cd:bd:63:b6:72:
4a:4e:68:79:d5:63:40:4d:e3:92:41:c3:fe:53:75:6d:bd:d2:
cd:dd:37:13:e7:cb:c4:5b:cd:90:00:d6:ed:d7:37:1a:54:6e:
50:be:b1:99:cc:98:3e:01:43:bc:33:0b:4e:63:86:cb:31:c5:
a2:7c:23:c9:65:f8:f2:40:bc:68:ec:d2:83:24:1b:d8:28:8e:
49:9b:ee:79:02:3c:bc:db:fc:5e:70:1f:20:fa:e5:a1:00:79:
29:4d:69:e7:5e:79:fd:0a:a8:26:e3:dc:8a:8c:f1:65:60:ed:
f2:f9:56:6b:aa:22:de:db:46:cf:b5:4d:95:66:08:96:fc:d8:
e1:da:c9:98:4d:de:29:83:61:44:ee:f5:5f:64:70:4f:5a:29:
a6:0a:ac:d4:03:b8:93:ea:24:40:a4:4e:c8:30:a0:c2:19:df:
a4:2d:7d:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+oXzRVSjQr3hjqRJundPDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTI0MDIxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjk2Y2Q0YzM2ZjdiNDc0NWFmYTkxZDM5ZjA1YjE1MDhiYzRmN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDZihh8vnYUrSTezrChZTH7uKKug
TzKi9yNXfrkoxSMcZV8rsj3EU5ZKNtvpc8qIW8BcfUwJV/D29hOT8q4gCItTzO+M
HPFI23bnzCIo9abYHU/wNj4YuijZn/VZtizdxKvy7iVjbnqdUvUt/zXio+HrSdPp
yAmnoojTbSHlnUJmxD4/wi+yRGIVHUvN4PZNzOcL1v3ZnJpSlOBGjMz7ezsbfr0Z
HWoCpKUGqzzDdg1ajbFrA9PSM3Bc4csSliYEKQfSdGO1X86TEix3rvfvDEv/U0Pp
zIuSBphgyxjbVVyEnuS+o1qdnWERZvhwmQWdlZxBtgimiVhfKwerCDulIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF+WzUw297R0WvqR058FsVCLxPfkMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvWDViTlREYjN0SFJhLXBIVG53V3hVSXZFOS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEEm/V0yl6JV6TOvPKAl
jt7cKKU2pJ9g9i4OOX9zQ1veewY2kbDpWkBGsJcePDqrVxOGPSCFtQUepwlLEPS9
LkG1N02uTeqYeHkB5VJJtZKsESalIX7NvWO2ckpOaHnVY0BN45JBw/5TdW290s3d
NxPny8RbzZAA1u3XNxpUblC+sZnMmD4BQ7wzC05jhssxxaJ8I8ll+PJAvGjs0oMk
G9gojkmb7nkCPLzb/F5wHyD65aEAeSlNaedeef0KqCbj3IqM8WVg7fL5VmuqIt7b
Rs+1TZVmCJb82OHayZhN3imDYUTu9V9kcE9aKaYKrNQDuJPqJECkTsgwoMIZ36Qt
fVk=
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:19:47 2025 by rpki-client