Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/eGJjnYa-eHsr2cQ7gZFZWaC-w2c.roa
File: eGJjnYa-eHsr2cQ7gZFZWaC-w2c.roa (raw, json)
Hash identifier: CLD8TAdR4+AAWOnl/z69oHcGdjBqpIqYQFhtNwsx6Eg=
Subject key identifier: 78:62:63:9D:86:BE:78:7B:2B:D9:C4:3B:81:91:59:59:A0:BE:C3:67
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9BEF555268AE71E5D006AA78A180F8F3
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/eGJjnYa-eHsr2cQ7gZFZWaC-w2c.roa
Signing time: Tue 21 May 2024 16:15:04 +0000
ROA not before: Tue 21 May 2024 16:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:ef:55:52:68:ae:71:e5:d0:06:aa:78:a1:80:f8:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 16:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7862639d86be787b2bd9c43b81915959a0bec367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2b:d6:fa:ec:d9:50:2f:39:4e:62:3d:ed:e4:
08:71:05:cf:fc:f0:17:14:61:f9:6a:28:cf:d8:2d:
3a:dc:e7:ef:d9:9c:52:39:72:c4:6f:c6:18:4f:df:
9d:ce:18:24:93:a1:51:ef:9a:c1:8f:1b:b3:47:b7:
25:9d:fc:d3:8f:8b:45:0d:8b:b5:55:aa:4b:ed:d5:
23:0c:bc:91:57:62:0d:d6:c1:9e:6f:26:ca:90:b9:
4e:1b:a2:4c:57:92:6e:6f:f7:c7:c3:22:bc:4c:e5:
fb:43:a9:38:30:a0:42:84:b0:02:c3:cf:f0:d0:79:
cd:97:71:1c:77:64:ea:69:65:f4:64:01:31:e8:11:
fa:c7:4c:3d:b2:50:26:f4:aa:ad:0b:1e:20:07:0e:
e1:00:1a:fd:cf:82:3a:9d:4b:b7:ce:8b:5f:da:3e:
8b:11:25:aa:ba:ed:f7:00:be:23:ca:3d:29:de:cb:
70:c1:0e:8b:ce:b7:b2:b0:7f:57:84:1c:9f:4a:6c:
b4:f1:aa:d6:c0:95:ea:aa:d3:68:41:b8:c9:21:64:
c6:43:04:24:9b:86:f2:c4:3d:f3:30:18:81:35:ee:
30:db:e1:5f:77:f8:d5:51:d1:97:f9:ae:ba:a3:6a:
86:f7:df:9f:8f:93:23:96:ef:e5:ab:3d:c0:81:7e:
2b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:62:63:9D:86:BE:78:7B:2B:D9:C4:3B:81:91:59:59:A0:BE:C3:67
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/eGJjnYa-eHsr2cQ7gZFZWaC-w2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:f1:94:f4:66:ae:e7:d4:8f:7e:b4:16:8c:4c:ab:fd:12:60:
26:ce:10:ec:61:69:6d:6d:75:c6:22:9f:e3:11:fe:91:55:ef:
b0:5f:24:d7:6b:df:b1:5b:f7:56:96:13:91:be:b1:9c:c3:5f:
06:b1:9e:71:61:73:ce:77:52:fd:80:39:fd:7d:ba:da:e0:96:
c4:94:cd:6d:02:20:ab:3e:99:38:3b:61:10:20:b1:5d:8e:18:
49:95:0b:52:9b:7e:fc:e9:0f:6b:77:50:68:63:11:f8:69:59:
56:00:c3:28:61:c3:c8:b1:14:ef:98:be:28:a3:99:44:07:0a:
aa:12:c4:d2:fa:ca:ed:41:39:99:2a:93:92:4a:5b:6b:ef:34:
2c:08:5c:ca:b0:e6:de:52:f5:51:91:14:c2:9b:7e:2e:73:a2:
bd:62:ec:6f:b1:a9:57:52:76:9d:73:c8:d1:25:87:ff:5c:9b:
47:15:ba:1a:cd:2b:8b:16:1d:ac:de:70:de:63:b1:88:f8:2e:
2b:2a:b7:b4:ee:ee:9c:2a:29:ac:0f:94:29:74:f0:c4:7f:4a:
3d:6c:51:c0:9e:46:ab:3c:89:e2:63:cf:2a:d1:ad:48:f3:cd:
76:22:81:58:9a:17:ef:c3:3c:a1:b6:9e:86:04:0c:61:a3:9b:
44:d1:16:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+b71VSaK5x5dAGqnihgPjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMTYxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODYyNjM5ZDg2YmU3ODdiMmJkOWM0M2I4MTkxNTk1OWEwYmVjMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSvW+uzZUC85TmI97eQIcQXP/PAX
FGH5aijP2C063Ofv2ZxSOXLEb8YYT9+dzhgkk6FR75rBjxuzR7clnfzTj4tFDYu1
VapL7dUjDLyRV2IN1sGebybKkLlOG6JMV5Jub/fHwyK8TOX7Q6k4MKBChLACw8/w
0HnNl3Ecd2TqaWX0ZAEx6BH6x0w9slAm9KqtCx4gBw7hABr9z4I6nUu3zotf2j6L
ESWquu33AL4jyj0p3stwwQ6LzreysH9XhByfSmy08arWwJXqqtNoQbjJIWTGQwQk
m4byxD3zMBiBNe4w2+Ffd/jVUdGX+a66o2qG99+fj5Mjlu/lqz3AgX4r2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHhiY52Gvnh7K9nEO4GRWVmgvsNnMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZUdKam5ZYS1lSHNyMmNRN2daRlpXYUMtdzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGvxlPRmrufUj360FoxM
q/0SYCbOEOxhaW1tdcYin+MR/pFV77BfJNdr37Fb91aWE5G+sZzDXwaxnnFhc853
Uv2AOf19utrglsSUzW0CIKs+mTg7YRAgsV2OGEmVC1KbfvzpD2t3UGhjEfhpWVYA
wyhhw8ixFO+YviijmUQHCqoSxNL6yu1BOZkqk5JKW2vvNCwIXMqw5t5S9VGRFMKb
fi5zor1i7G+xqVdSdp1zyNElh/9cm0cVuhrNK4sWHazecN5jsYj4Lisqt7Tu7pwq
KawPlCl08MR/Sj1sUcCeRqs8ieJjzyrRrUjzzXYigViaF+/DPKG2noYEDGGjm0TR
FkQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:07:11 2025 by rpki-client