Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/XkNvL11sgzl3PT9kzewHl81ZceE.roa
File: XkNvL11sgzl3PT9kzewHl81ZceE.roa (raw, json)
Hash identifier: i6ToDKKOZGztZEQVyE0YPwV9EFp4kKNtEpCnKObPGcI=
Subject key identifier: 5E:43:6F:2F:5D:6C:83:39:77:3D:3F:64:CD:EC:07:97:CD:59:71:E1
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F2CFD35F0AB6B0EE010C8EBF72F745EA7
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/XkNvL11sgzl3PT9kzewHl81ZceE.roa
Signing time: Tue 30 Apr 2024 03:12:22 +0000
ROA not before: Tue 30 Apr 2024 03:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2c:fd:35:f0:ab:6b:0e:e0:10:c8:eb:f7:2f:74:5e:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 30 03:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e436f2f5d6c8339773d3f64cdec0797cd5971e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:58:29:99:82:b2:f0:bb:10:7f:ee:65:c4:f6:
61:11:92:f2:63:7e:8b:2d:15:de:09:f5:ae:a5:f3:
80:82:72:1b:8e:36:16:d2:1a:93:19:41:07:d9:57:
ad:32:67:69:55:ad:c3:7d:6a:38:eb:67:d3:ed:91:
7d:e4:e1:40:a3:58:c2:00:81:9e:36:5c:27:79:a1:
2f:c1:d0:78:35:76:06:92:e2:bb:12:6d:b3:4e:70:
18:27:e1:e5:f2:c7:a4:6e:86:4d:f6:fd:89:ec:66:
5c:f4:3b:e6:f2:84:42:d3:06:12:0d:89:ae:56:bd:
89:aa:d1:fb:da:29:f3:d8:88:db:66:d3:74:18:a7:
d3:c4:47:68:09:04:c9:62:5b:63:e2:26:fc:74:33:
fc:f6:66:7b:ba:5b:60:c9:c8:e9:2a:af:e2:82:5d:
e7:87:d8:89:f5:74:a3:71:80:22:a4:10:fe:bc:78:
b4:89:20:0a:0b:a2:ef:08:86:61:2f:94:cb:5e:86:
94:b5:2e:0f:26:82:cc:15:b1:0e:24:70:4d:84:f2:
99:fc:8b:6d:bf:37:26:a1:3c:74:6f:e2:fc:12:bc:
33:40:d6:12:12:f6:e0:99:6d:8a:a6:46:72:54:f4:
bd:9f:7e:ff:1b:6e:f4:ef:35:ea:fd:d3:30:46:9b:
9a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:43:6F:2F:5D:6C:83:39:77:3D:3F:64:CD:EC:07:97:CD:59:71:E1
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/XkNvL11sgzl3PT9kzewHl81ZceE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:d3:2d:d1:5f:41:a3:b8:d1:df:9b:32:6a:77:10:be:a4:b6:
0a:80:36:b0:44:8b:c3:ef:b1:85:9d:e0:3f:ee:e1:53:63:47:
ce:a3:92:ac:6d:59:a0:48:ea:52:88:aa:a5:8c:98:aa:2d:a7:
e2:be:7b:d5:2a:04:14:0a:ca:17:c2:46:be:33:66:57:ad:ea:
85:8a:e6:22:54:b2:35:68:68:ac:8c:83:6f:f9:dc:9d:8d:20:
e2:dd:7e:c2:79:fa:b6:47:d7:7a:3e:a9:d1:1b:06:df:11:58:
1b:44:c6:7b:2a:94:76:16:42:12:e5:56:44:9b:64:ed:58:26:
8f:c2:90:4f:4d:ec:3a:16:b8:0c:c5:b0:a0:01:ba:ae:5e:d5:
9e:35:77:2f:73:f9:3b:ca:3c:bd:e2:17:84:a9:59:00:36:7e:
e2:8f:9c:22:13:b0:97:0f:2a:3f:95:c1:50:fa:0f:5a:ac:de:
83:9d:8b:93:fb:1e:62:21:7f:7f:1d:89:3e:20:2a:e0:be:74:
d4:c7:2e:ec:bd:57:b5:60:43:e9:30:7f:0b:92:c2:6d:e8:05:
30:e8:35:25:d2:6b:c9:55:d2:54:33:7e:5b:1e:ea:25:41:c0:
07:87:96:75:bd:92:62:6f:81:28:5f:a4:54:41:ff:0c:b9:be:
a3:c1:44:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8s/TXwq2sO4BDI6/cvdF6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDMwMDMxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTQzNmYyZjVkNmM4MzM5NzczZDNmNjRjZGVjMDc5N2NkNTk3MWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFgpmYKy8LsQf+5lxPZhEZLyY36L
LRXeCfWupfOAgnIbjjYW0hqTGUEH2VetMmdpVa3DfWo462fT7ZF95OFAo1jCAIGe
NlwneaEvwdB4NXYGkuK7Em2zTnAYJ+Hl8sekboZN9v2J7GZc9Dvm8oRC0wYSDYmu
Vr2JqtH72inz2IjbZtN0GKfTxEdoCQTJYltj4ib8dDP89mZ7ultgycjpKq/igl3n
h9iJ9XSjcYAipBD+vHi0iSAKC6LvCIZhL5TLXoaUtS4PJoLMFbEOJHBNhPKZ/Itt
vzcmoTx0b+L8ErwzQNYSEvbgmW2KpkZyVPS9n37/G2707zXq/dMwRpuaxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF5Dby9dbIM5dz0/ZM3sB5fNWXHhMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvWGtOdkwxMXNnemwzUFQ5a3pld0hsODFaY2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAfTLdFfQaO40d+bMmp3
EL6ktgqANrBEi8PvsYWd4D/u4VNjR86jkqxtWaBI6lKIqqWMmKotp+K+e9UqBBQK
yhfCRr4zZlet6oWK5iJUsjVoaKyMg2/53J2NIOLdfsJ5+rZH13o+qdEbBt8RWBtE
xnsqlHYWQhLlVkSbZO1YJo/CkE9N7DoWuAzFsKABuq5e1Z41dy9z+TvKPL3iF4Sp
WQA2fuKPnCITsJcPKj+VwVD6D1qs3oOdi5P7HmIhf38diT4gKuC+dNTHLuy9V7Vg
Q+kwfwuSwm3oBTDoNSXSa8lV0lQzflse6iVBwAeHlnW9kmJvgShfpFRB/wy5vqPB
RHg=
-----END CERTIFICATE-----
Generated at Thu May 1 22:05:19 2025 by rpki-client