Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/_83FNCmpmAoXKkDgdMf8_c--PJg.roa
File: _83FNCmpmAoXKkDgdMf8_c--PJg.roa (raw, json)
Hash identifier: SPL9wojvw1qfmGVJb/+cU2d21GYIK/yP7Xy8sKJxR5g=
Subject key identifier: FF:CD:C5:34:29:A9:98:0A:17:2A:40:E0:74:C7:FC:FD:CF:BE:3C:98
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA331850262CE65F21FE0D9ECCF55CAEC
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/_83FNCmpmAoXKkDgdMf8_c--PJg.roa
Signing time: Thu 23 May 2024 02:04:42 +0000
ROA not before: Thu 23 May 2024 02:04:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
2001:67c:64:ffff:0:18f:a331:461b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a3:31:85:02:62:ce:65:f2:1f:e0:d9:ec:cf:55:ca:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 23 02:04:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffcdc53429a9980a172a40e074c7fcfdcfbe3c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e7:f7:42:3c:f0:4b:6e:da:f3:35:fe:96:d5:
89:78:c9:a3:9a:2f:a0:01:95:da:47:33:1a:f3:18:
01:ae:cd:0d:47:f2:7e:f2:48:6c:e3:88:f8:9b:8e:
cf:5e:e1:8b:69:d0:f0:90:ed:c6:7a:38:fe:f8:16:
f9:e2:73:9c:60:74:bf:c3:5c:05:b4:d1:bb:0d:35:
ad:61:f8:26:fe:ab:9f:8f:b9:04:3f:18:1f:23:32:
fe:ab:7e:fb:d4:c5:69:71:f8:a7:23:eb:09:ec:43:
50:e0:80:43:65:a5:ee:ce:86:ec:20:20:89:5d:be:
5e:5a:cd:7d:9f:df:18:cb:70:80:63:20:9e:55:08:
05:22:0a:b7:33:0d:dd:4a:8b:e0:a4:2f:e5:42:15:
f8:7a:3f:69:ab:9b:05:cc:90:35:03:49:59:a3:ca:
32:f0:c7:f4:68:58:7f:00:84:39:2e:9c:84:ec:0b:
35:a0:10:74:10:3a:b1:27:46:70:1b:0a:6d:08:89:
67:ae:2d:85:8c:26:2b:48:05:49:e5:0d:dd:a8:2f:
d8:1b:79:bc:90:a7:15:e0:55:8d:ef:fd:47:e8:74:
23:32:63:ed:1d:00:e3:b8:84:a0:28:7f:68:38:f6:
ac:08:7c:51:7c:87:f4:ac:5d:8e:ba:52:92:8f:8f:
fe:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CD:C5:34:29:A9:98:0A:17:2A:40:E0:74:C7:FC:FD:CF:BE:3C:98
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/_83FNCmpmAoXKkDgdMf8_c--PJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:5d:51:a4:70:48:fc:79:97:ba:70:e1:de:37:48:37:55:07:
29:44:29:e8:6b:46:c2:fc:c1:33:3e:44:7d:8e:60:86:5b:55:
62:9b:05:88:fa:0b:e7:86:89:ad:42:37:50:5e:9a:49:1f:1f:
0e:74:86:a6:2c:4e:a5:49:71:40:f3:c4:c2:e9:e2:3e:9c:cc:
21:e4:56:24:4c:71:b0:51:b3:71:ac:2e:34:c2:00:93:8d:2c:
ef:38:47:0d:ee:f2:d7:91:99:bc:5e:2e:56:cc:1f:81:86:16:
ef:74:00:10:ce:f9:17:66:ee:99:16:bc:76:e1:89:98:93:70:
c6:2c:9d:98:b9:02:43:15:95:d9:6a:5e:9a:09:c4:86:6b:aa:
18:50:88:f6:44:f6:a7:61:a0:5b:da:bd:1c:fa:95:96:8f:4e:
44:c9:f8:7b:01:8f:27:34:bb:ed:5e:7a:9e:a9:ad:06:4d:5e:
f5:84:8e:e1:be:cc:38:1b:17:1e:61:b7:e3:46:e7:8d:26:a5:
57:9b:fe:33:6e:d1:5c:17:e8:a9:df:3c:14:bb:dc:c4:e0:e4:
db:ab:2a:a6:24:23:35:29:24:11:b1:8e:26:de:e4:be:9e:a1:
65:03:78:3d:5c:f9:7c:9d:79:7c:e3:51:3e:d1:c5:6a:33:58:
33:d8:36:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+jMYUCYs5l8h/g2ezPVcrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIzMDIwNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNkYzUzNDI5YTk5ODBhMTcyYTQwZTA3NGM3ZmNmZGNmYmUzYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuf3QjzwS27a8zX+ltWJeMmjmi+g
AZXaRzMa8xgBrs0NR/J+8khs44j4m47PXuGLadDwkO3Gejj++Bb54nOcYHS/w1wF
tNG7DTWtYfgm/qufj7kEPxgfIzL+q3771MVpcfinI+sJ7ENQ4IBDZaXuzobsICCJ
Xb5eWs19n98Yy3CAYyCeVQgFIgq3Mw3dSovgpC/lQhX4ej9pq5sFzJA1A0lZo8oy
8Mf0aFh/AIQ5LpyE7As1oBB0EDqxJ0ZwGwptCIlnri2FjCYrSAVJ5Q3dqC/YG3m8
kKcV4FWN7/1H6HQjMmPtHQDjuISgKH9oOPasCHxRfIf0rF2OulKSj4/+QwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP/NxTQpqZgKFypA4HTH/P3PvjyYMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvXzgzRk5DbXBtQW9YS2tEZ2RNZjhfYy0tUEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAERdUaRwSPx5l7pw4d43
SDdVBylEKehrRsL8wTM+RH2OYIZbVWKbBYj6C+eGia1CN1BemkkfHw50hqYsTqVJ
cUDzxMLp4j6czCHkViRMcbBRs3GsLjTCAJONLO84Rw3u8teRmbxeLlbMH4GGFu90
ABDO+Rdm7pkWvHbhiZiTcMYsnZi5AkMVldlqXpoJxIZrqhhQiPZE9qdhoFvavRz6
lZaPTkTJ+HsBjyc0u+1eep6prQZNXvWEjuG+zDgbFx5ht+NG540mpVeb/jNu0VwX
6KnfPBS73MTg5NurKqYkIzUpJBGxjibe5L6eoWUDeD1c+XydeXzjUT7RxWozWDPY
NiM=
-----END CERTIFICATE-----
Generated at Tue Apr 29 20:34:13 2025 by rpki-client