Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/aLWxHxbcOrXipKFi0WBRTs7snF4.roa
File: aLWxHxbcOrXipKFi0WBRTs7snF4.roa (raw, json)
Hash identifier: KEa+tKtlVLiFSijY5sHAltY+r1I/HYTtMRc6n5rz024=
Subject key identifier: 68:B5:B1:1F:16:DC:3A:B5:E2:A4:A1:62:D1:60:51:4E:CE:EC:9C:5E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018EF97CBF8F06370907F65725EFEB7E0274
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/aLWxHxbcOrXipKFi0WBRTs7snF4.roa
Signing time: Sat 20 Apr 2024 03:11:25 +0000
ROA not before: Sat 20 Apr 2024 03:11:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f9:7c:bf:8f:06:37:09:07:f6:57:25:ef:eb:7e:02:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 20 03:11:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68b5b11f16dc3ab5e2a4a162d160514eceec9c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:90:f1:b5:bf:0b:df:9a:36:e7:70:97:df:1d:
e5:86:63:50:fa:ef:72:e0:1d:6d:9f:8e:4a:91:75:
40:6f:25:ef:8b:6c:2f:f6:d9:2e:3d:dc:17:50:d3:
61:46:31:d3:d5:ec:49:ae:18:e1:7d:dc:f3:bd:da:
0a:d4:f5:82:09:18:49:4d:be:1e:06:ed:ce:dd:1c:
e7:ea:7a:17:02:cf:d4:08:c5:4c:92:36:76:be:d9:
0e:b9:d6:e8:84:f0:91:07:b3:8b:09:26:5c:ea:10:
e5:77:72:0a:7f:56:87:55:6d:7d:a5:6a:a6:79:25:
57:0b:9d:1a:80:e8:6b:45:56:25:81:ce:56:7d:e0:
0c:9a:ca:d9:4a:69:bd:ff:0b:f5:05:91:a4:2a:3c:
91:4b:ad:e7:47:27:09:05:c1:f6:11:1c:53:87:c9:
d1:f7:e0:b7:eb:06:6e:26:8d:23:d9:d8:5c:70:77:
1b:69:40:a8:ed:91:16:6a:1e:55:5d:0b:db:70:53:
4e:b2:6e:18:50:4c:49:d6:14:80:32:6a:b4:c7:9f:
5a:c6:eb:1d:3b:39:0e:95:d3:7a:28:ff:60:75:85:
91:f6:13:16:f5:4b:35:2e:1a:80:19:09:8b:c3:bc:
b6:d5:ae:8b:a3:cb:03:81:25:4e:63:8c:73:92:63:
69:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B5:B1:1F:16:DC:3A:B5:E2:A4:A1:62:D1:60:51:4E:CE:EC:9C:5E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/aLWxHxbcOrXipKFi0WBRTs7snF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
Signature Algorithm: sha256WithRSAEncryption
6c:23:46:87:f0:63:e2:ad:e7:43:2e:70:97:63:19:09:2c:f6:
a8:a8:25:ed:e1:97:ea:57:24:ae:61:9a:52:c1:9b:fd:54:b6:
27:f7:c6:e9:92:bb:5e:64:63:1f:83:d9:39:c4:35:0b:fc:a7:
dc:0c:87:67:c2:14:83:d6:fa:25:60:10:d8:bc:2d:90:ce:f1:
a6:8b:4a:3e:f1:f8:09:dd:a7:f3:cd:e1:ae:5d:6d:b6:6b:de:
09:5e:19:46:67:09:df:2e:1c:62:c1:77:4b:d1:07:39:5e:21:
60:57:57:09:fa:91:04:6f:6b:be:9d:5a:59:86:a4:2e:fc:50:
3c:2e:5d:c9:11:4a:a0:53:1f:40:d1:7a:03:cc:f5:54:fe:16:
b3:d6:fa:ac:8d:5d:7b:25:f2:4a:70:5b:e3:13:87:c7:58:33:
08:2b:05:f4:39:c9:58:2b:f5:f4:c8:cc:99:dc:79:4e:81:7f:
b0:e0:73:f5:1f:a0:12:bf:1f:7e:ad:b9:af:b2:9f:e1:c3:9b:
38:0e:c1:fe:11:e3:dd:80:13:2d:1a:05:87:d3:3d:89:95:bf:
27:a1:7f:e1:c1:bd:09:79:40:c2:16:65:8f:a2:4f:df:32:82:
69:a6:7b:c9:2c:c1:69:f3:2f:c9:10:9b:60:a7:c5:49:36:ab:
b1:93:ac:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY75fL+PBjcJB/ZXJe/rfgJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDIwMDMxMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGI1YjExZjE2ZGMzYWI1ZTJhNGExNjJkMTYwNTE0ZWNlZWM5YzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJDxtb8L35o253CX3x3lhmNQ+u9y
4B1tn45KkXVAbyXvi2wv9tkuPdwXUNNhRjHT1exJrhjhfdzzvdoK1PWCCRhJTb4e
Bu3O3Rzn6noXAs/UCMVMkjZ2vtkOudbohPCRB7OLCSZc6hDld3IKf1aHVW19pWqm
eSVXC50agOhrRVYlgc5WfeAMmsrZSmm9/wv1BZGkKjyRS63nRycJBcH2ERxTh8nR
9+C36wZuJo0j2dhccHcbaUCo7ZEWah5VXQvbcFNOsm4YUExJ1hSAMmq0x59axusd
OzkOldN6KP9gdYWR9hMW9Us1LhqAGQmLw7y21a6Lo8sDgSVOY4xzkmNpfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGi1sR8W3Dq14qShYtFgUU7O7JxeMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvYUxXeEh4YmNPclhpcEtGaTBXQlJUczdzbkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwQAYMA0G
CSqGSIb3DQEBCwUAA4IBAQBsI0aH8GPiredDLnCXYxkJLPaoqCXt4ZfqVySuYZpS
wZv9VLYn98bpkrteZGMfg9k5xDUL/KfcDIdnwhSD1volYBDYvC2QzvGmi0o+8fgJ
3afzzeGuXW22a94JXhlGZwnfLhxiwXdL0Qc5XiFgV1cJ+pEEb2u+nVpZhqQu/FA8
Ll3JEUqgUx9A0XoDzPVU/haz1vqsjV17JfJKcFvjE4fHWDMIKwX0OclYK/X0yMyZ
3HlOgX+w4HP1H6ASvx9+rbmvsp/hw5s4DsH+EePdgBMtGgWH0z2Jlb8noX/hwb0J
eUDCFmWPok/fMoJppnvJLMFp8y/JEJtgp8VJNquxk6zX
-----END CERTIFICATE-----
Generated at Tue Apr 29 19:54:54 2025 by rpki-client