Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fdzla6QIQAtMhOd2b0rZZBujZzY.roa
File: fdzla6QIQAtMhOd2b0rZZBujZzY.roa (raw, json)
Hash identifier: jgYbHskPpf9cXeET83AofeqG8Ge/s+dIoM2jQJYpq8I=
Subject key identifier: 7D:DC:E5:6B:A4:08:40:0B:4C:84:E7:76:6F:4A:D9:64:1B:A3:67:36
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5139D97FCDA9BBF6663B426DB51AC1DE
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fdzla6QIQAtMhOd2b0rZZBujZzY.roa
Signing time: Tue 07 May 2024 04:04:56 +0000
ROA not before: Tue 07 May 2024 04:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:5139:5032/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:51:39:d9:7f:cd:a9:bb:f6:66:3b:42:6d:b5:1a:c1:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 7 04:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ddce56ba408400b4c84e7766f4ad9641ba36736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0e:be:0a:f0:79:94:59:c6:37:b4:4c:e4:7a:
3a:19:25:6b:9d:22:c8:d5:1f:ea:a7:84:32:99:7b:
bb:ad:6c:66:4f:90:6d:26:0b:83:fd:27:e6:f5:50:
80:06:24:e8:3a:d2:52:3a:67:95:15:37:90:a9:10:
5f:77:4d:30:f8:47:87:0a:f9:12:03:df:07:07:61:
fa:21:dd:31:50:df:12:ff:90:18:c8:50:53:6d:f4:
b2:ec:9e:b0:95:55:03:cf:ba:0e:3e:87:e5:1c:ac:
18:c9:41:3d:5e:5f:fc:2d:cc:df:43:ef:7d:18:13:
d7:95:dc:ea:b9:6a:27:1b:c2:d1:77:f0:3b:9b:2f:
b7:89:05:da:c2:46:32:a2:ce:15:8a:14:0b:cb:c0:
ad:ec:54:c8:5b:6d:00:59:ab:e9:0b:4f:bd:7b:26:
02:cc:86:c6:41:f1:f3:52:74:8f:f6:54:c2:3e:33:
01:0b:99:b2:f3:b5:e8:7c:7f:3e:c0:ca:2c:cf:a4:
60:12:c1:07:db:1f:9e:b8:83:3b:70:c9:46:87:d7:
11:3e:b0:49:4d:0d:1a:a9:45:41:56:7d:38:8c:8c:
98:55:94:f4:e1:e8:5b:1e:58:17:42:b9:d4:c6:65:
99:4c:81:fb:86:da:73:20:ab:b6:4f:ab:0b:18:34:
df:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:DC:E5:6B:A4:08:40:0B:4C:84:E7:76:6F:4A:D9:64:1B:A3:67:36
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fdzla6QIQAtMhOd2b0rZZBujZzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:57:5b:87:0c:0b:6a:20:bf:64:e2:ad:4b:d3:7f:8f:b8:a2:
da:65:e0:93:8f:02:6f:be:89:73:18:30:64:df:3b:c2:55:90:
4c:88:c0:e7:e0:4a:f5:a0:6f:d8:ac:fc:26:20:87:c1:69:24:
05:66:89:4b:d4:69:99:16:71:85:57:84:6e:1f:c7:c0:e5:d6:
8f:d4:29:5e:f4:c9:fb:dd:13:db:34:38:c4:dd:5b:c8:0b:0a:
10:49:40:40:65:69:65:50:9a:08:c3:db:c3:82:fd:4e:88:98:
e3:bf:20:ab:36:62:28:19:b8:28:58:8a:a4:8e:5c:e0:d6:bb:
9c:eb:30:f8:0e:54:78:cb:51:1b:ea:e8:86:07:9b:30:6b:d0:
0a:e4:32:16:c2:23:e3:88:81:9c:1c:3f:ca:e3:bc:70:c8:af:
08:b3:1a:9f:18:59:3f:0f:2c:dd:3c:e6:e6:dc:5e:54:c6:bd:
a0:8b:e1:f3:82:aa:60:44:25:e5:f0:1c:05:ec:d9:7b:48:db:
af:bf:7c:1a:d9:07:76:6e:98:71:2d:c1:1f:7c:db:cf:0f:0c:
77:cb:ae:a2:e1:6d:85:9c:47:49:dc:3d:7b:8e:33:be:41:fe:
4d:8f:0d:c9:4f:4f:75:f1:d4:63:04:3e:db:66:24:5f:52:a7:
17:38:9f:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9ROdl/zam79mY7Qm21GsHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA3MDQwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGRjZTU2YmE0MDg0MDBiNGM4NGU3NzY2ZjRhZDk2NDFiYTM2NzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA6+CvB5lFnGN7RM5Ho6GSVrnSLI
1R/qp4QymXu7rWxmT5BtJguD/Sfm9VCABiToOtJSOmeVFTeQqRBfd00w+EeHCvkS
A98HB2H6Id0xUN8S/5AYyFBTbfSy7J6wlVUDz7oOPoflHKwYyUE9Xl/8LczfQ+99
GBPXldzquWonG8LRd/A7my+3iQXawkYyos4VihQLy8Ct7FTIW20AWavpC0+9eyYC
zIbGQfHzUnSP9lTCPjMBC5my87XofH8+wMosz6RgEsEH2x+euIM7cMlGh9cRPrBJ
TQ0aqUVBVn04jIyYVZT04ehbHlgXQrnUxmWZTIH7htpzIKu2T6sLGDTfBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH3c5WukCEALTITndm9K2WQbo2c2MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZmR6bGE2UUlRQXRNaE9kMmIwclpaQnVqWnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFNXW4cMC2ogv2TirUvT
f4+4otpl4JOPAm++iXMYMGTfO8JVkEyIwOfgSvWgb9is/CYgh8FpJAVmiUvUaZkW
cYVXhG4fx8Dl1o/UKV70yfvdE9s0OMTdW8gLChBJQEBlaWVQmgjD28OC/U6ImOO/
IKs2YigZuChYiqSOXODWu5zrMPgOVHjLURvq6IYHmzBr0ArkMhbCI+OIgZwcP8rj
vHDIrwizGp8YWT8PLN085ubcXlTGvaCL4fOCqmBEJeXwHAXs2XtI26+/fBrZB3Zu
mHEtwR98288PDHfLrqLhbYWcR0ncPXuOM75B/k2PDclPT3Xx1GMEPttmJF9Spxc4
n3s=
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:27:47 2025 by rpki-client