Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ZH6Sb7noZx3dUMNJ8Rl3k8idpFY.roa
File: ZH6Sb7noZx3dUMNJ8Rl3k8idpFY.roa (raw, json)
Hash identifier: 4j221GipDDrPJm4Xuhea1fxfueh9MLtMsaleCt3xSW4=
Subject key identifier: 64:7E:92:6F:B9:E8:67:1D:DD:50:C3:49:F1:19:77:93:C8:9D:A4:56
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F6B36FD65949C89E5F2FE5E0BAD9BFFCE
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ZH6Sb7noZx3dUMNJ8Rl3k8idpFY.roa
Signing time: Sun 12 May 2024 05:11:56 +0000
ROA not before: Sun 12 May 2024 05:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6b:36:fd:65:94:9c:89:e5:f2:fe:5e:0b:ad:9b:ff:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 12 05:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=647e926fb9e8671ddd50c349f1197793c89da456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:25:70:f8:c2:64:6a:f9:f8:6b:1e:45:a9:69:
b8:e0:0e:ee:f7:0d:4d:0d:98:b0:b9:60:79:7f:a3:
19:73:3f:bb:97:2e:4f:57:ad:65:03:01:93:08:52:
d4:51:27:d2:50:2a:08:ec:9b:3b:a4:0b:d8:56:78:
eb:5f:41:5f:67:db:d8:98:c8:03:d2:d7:41:c5:38:
a5:3e:00:7e:cc:97:0e:bb:48:28:f3:3c:db:02:e2:
ad:38:66:59:be:32:05:9b:3c:08:48:40:c0:4b:6f:
1c:de:cc:e0:40:46:86:65:33:23:5b:ee:dc:ae:67:
4a:de:fc:47:b5:47:de:75:57:1b:45:76:6f:b0:2b:
8e:14:bb:f4:cf:16:cb:08:5b:f9:ce:7a:1b:f5:fe:
8a:7d:89:c1:ba:ea:9b:2d:18:b4:88:ef:11:c2:96:
1a:7a:82:70:24:78:54:0b:c8:e5:c2:34:44:41:c0:
44:dd:30:8b:94:df:4a:9a:99:f3:1c:a2:c2:19:e1:
12:17:22:be:ee:2d:fa:42:e8:a3:92:f2:6b:e4:5b:
18:7e:0c:fe:7f:63:e5:55:1f:b3:ec:83:6a:f3:32:
dc:a2:a7:89:a9:1b:29:de:b1:2a:81:f3:c7:57:2e:
de:21:a7:14:9d:93:85:d1:e9:c5:0d:56:7c:21:ca:
9a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:7E:92:6F:B9:E8:67:1D:DD:50:C3:49:F1:19:77:93:C8:9D:A4:56
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ZH6Sb7noZx3dUMNJ8Rl3k8idpFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b9:df:70:c0:b8:0d:03:36:88:5e:2d:41:be:41:10:be:9f:5e:
76:ca:1e:bf:24:9d:fd:20:95:be:73:5c:70:4c:3e:37:d6:33:
13:62:40:80:f1:7a:8f:6f:e5:98:68:35:42:99:b0:3d:b5:a2:
b4:41:97:a7:44:ba:23:88:37:16:a3:d0:5f:c1:f8:96:89:d6:
44:24:39:bc:b7:2d:3c:31:4b:e3:b1:2f:08:0f:a3:0c:2b:3a:
b1:ab:e9:2a:9a:ef:17:59:1a:06:97:cc:01:ad:d7:ae:e6:59:
e8:0d:41:b8:dd:26:f7:3b:c3:69:a8:1c:57:1a:55:1a:eb:16:
ea:87:98:bc:c9:3e:60:67:38:1f:d1:e8:d7:16:13:61:29:c6:
07:12:11:bf:2a:32:3a:f4:c3:79:27:eb:a3:fe:50:ac:b9:dd:
a2:b4:c5:e3:7b:f7:9b:cc:63:8b:1a:61:8b:18:9a:69:56:30:
a6:c4:a3:97:b0:24:b4:0b:c3:b0:32:be:b3:13:95:5b:ff:3a:
83:fc:21:ed:39:46:80:71:c1:75:84:de:12:59:e5:73:ee:2c:
9a:93:84:4b:c5:bc:d9:9c:95:98:48:24:02:e7:d7:66:02:74:
d1:88:7a:39:34:32:76:2b:bf:fc:37:24:0e:7a:1a:e9:eb:72:
f6:7d:a1:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9rNv1llJyJ5fL+Xgutm//OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEyMDUxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDdlOTI2ZmI5ZTg2NzFkZGQ1MGMzNDlmMTE5Nzc5M2M4OWRhNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSVw+MJkavn4ax5FqWm44A7u9w1N
DZiwuWB5f6MZcz+7ly5PV61lAwGTCFLUUSfSUCoI7Js7pAvYVnjrX0FfZ9vYmMgD
0tdBxTilPgB+zJcOu0go8zzbAuKtOGZZvjIFmzwISEDAS28c3szgQEaGZTMjW+7c
rmdK3vxHtUfedVcbRXZvsCuOFLv0zxbLCFv5znob9f6KfYnBuuqbLRi0iO8RwpYa
eoJwJHhUC8jlwjREQcBE3TCLlN9KmpnzHKLCGeESFyK+7i36QuijkvJr5FsYfgz+
f2PlVR+z7INq8zLcoqeJqRsp3rEqgfPHVy7eIacUnZOF0enFDVZ8IcqawwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGR+km+56Gcd3VDDSfEZd5PInaRWMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvWkg2U2I3bm9aeDNkVU1OSjhSbDNrOGlkcEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALnfcMC4DQM2iF4tQb5B
EL6fXnbKHr8knf0glb5zXHBMPjfWMxNiQIDxeo9v5ZhoNUKZsD21orRBl6dEuiOI
Nxaj0F/B+JaJ1kQkOby3LTwxS+OxLwgPowwrOrGr6Sqa7xdZGgaXzAGt167mWegN
QbjdJvc7w2moHFcaVRrrFuqHmLzJPmBnOB/R6NcWE2EpxgcSEb8qMjr0w3kn66P+
UKy53aK0xeN795vMY4saYYsYmmlWMKbEo5ewJLQLw7AyvrMTlVv/OoP8Ie05RoBx
wXWE3hJZ5XPuLJqThEvFvNmclZhIJALn12YCdNGIejk0MnYrv/w3JA56GunrcvZ9
oT0=
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:23:13 2025 by rpki-client