Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/hNUWhCqe74KyxJDnIIPKiTEt1jY.roa
File: hNUWhCqe74KyxJDnIIPKiTEt1jY.roa (raw, json)
Hash identifier: gdzVnAFLwdn4x02KFgGF37UBEBBSm5YI0BSsuzXLzQw=
Subject key identifier: 84:D5:16:84:2A:9E:EF:82:B2:C4:90:E7:20:83:CA:89:31:2D:D6:36
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F4E38CE83959BCFB031219A1FFBFE95DB
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/hNUWhCqe74KyxJDnIIPKiTEt1jY.roa
Signing time: Mon 06 May 2024 14:04:56 +0000
ROA not before: Mon 06 May 2024 14:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:4e38:8a87/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4e:38:ce:83:95:9b:cf:b0:31:21:9a:1f:fb:fe:95:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 6 14:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84d516842a9eef82b2c490e72083ca89312dd636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f0:f0:91:0b:1f:1d:8c:90:7c:12:49:3d:48:
0e:af:cf:2a:d1:66:f9:c8:10:cf:67:63:b6:01:2d:
9a:82:aa:ed:10:51:94:7a:67:92:ba:12:5f:25:20:
aa:05:da:87:5f:40:8a:bc:99:02:de:7b:7b:e7:a6:
ee:20:57:36:72:b0:33:65:ec:af:c5:95:8c:bb:db:
65:04:16:ac:ef:51:b6:2a:65:df:ac:7a:74:45:68:
2e:d1:c4:d2:c2:7d:dc:ab:12:27:e7:66:91:39:8d:
30:86:ab:4f:75:ef:91:70:b3:06:48:ff:e1:27:be:
01:25:fd:23:8a:89:18:c5:6d:28:c1:75:5a:db:76:
f3:de:6a:0a:4c:d9:20:91:84:d6:44:ce:6e:bb:3e:
e1:48:f1:38:57:35:5f:a0:c2:8b:29:7b:3e:0d:ce:
02:0d:b3:2f:e2:a9:c8:03:ca:f6:4a:18:7b:8e:e0:
10:c3:21:d2:d8:bc:24:5a:c6:50:6d:25:bd:91:a5:
32:04:e2:5d:19:44:74:95:21:f4:19:3f:db:64:8c:
e2:fe:cc:c5:ed:34:7d:cc:82:c5:7f:86:f1:69:34:
6b:2a:af:b4:b7:17:93:08:ae:45:1e:f6:96:eb:13:
f6:0e:80:2e:b9:2c:13:a9:92:05:91:0e:56:a2:c1:
92:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D5:16:84:2A:9E:EF:82:B2:C4:90:E7:20:83:CA:89:31:2D:D6:36
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/hNUWhCqe74KyxJDnIIPKiTEt1jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:98:78:46:18:1b:b4:3b:5d:f2:09:c0:83:4c:e8:b6:f3:7f:
91:3e:89:d0:3c:f3:b1:a3:2e:00:ec:a3:53:5e:07:df:6a:c8:
25:7b:71:24:2f:2e:6f:65:1d:c6:ed:dc:d9:5e:cf:a7:09:9f:
1c:92:b4:b4:36:43:ae:90:bf:a3:41:be:ee:5e:57:fe:4e:22:
7a:d7:5a:e7:fb:65:50:4f:f5:16:84:76:57:bd:d0:5a:ad:0d:
ee:48:8e:28:62:cc:ff:6f:da:70:c8:48:84:b0:8e:b4:de:94:
5e:8b:7f:c7:08:3b:77:4b:e8:d6:a6:52:be:74:ff:da:fd:d3:
97:af:9f:cf:1f:c4:33:2f:9e:66:7d:5a:88:0d:03:68:75:1a:
f5:d7:ca:c2:9f:c0:cd:e6:08:bb:4a:2d:e1:9b:d7:e1:17:1a:
62:e2:33:f2:43:c1:d5:45:e1:ac:32:dc:a3:e4:fe:24:7c:83:
a1:3f:83:d6:07:a3:a1:07:f3:e1:2e:46:e8:33:d2:1a:10:3f:
9d:f5:17:a3:67:9a:be:9c:56:d3:d0:35:e4:c2:62:58:a8:03:
c9:f7:1b:34:b8:69:37:9c:d8:2a:21:63:19:4e:46:fe:9a:89:
da:04:83:bf:71:3b:2d:13:e8:fa:d9:eb:18:b1:fd:3e:c6:9c:
03:0e:9b:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9OOM6DlZvPsDEhmh/7/pXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA2MTQwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQ1MTY4NDJhOWVlZjgyYjJjNDkwZTcyMDgzY2E4OTMxMmRkNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfDwkQsfHYyQfBJJPUgOr88q0Wb5
yBDPZ2O2AS2agqrtEFGUemeSuhJfJSCqBdqHX0CKvJkC3nt756buIFc2crAzZeyv
xZWMu9tlBBas71G2KmXfrHp0RWgu0cTSwn3cqxIn52aROY0whqtPde+RcLMGSP/h
J74BJf0jiokYxW0owXVa23bz3moKTNkgkYTWRM5uuz7hSPE4VzVfoMKLKXs+Dc4C
DbMv4qnIA8r2Shh7juAQwyHS2LwkWsZQbSW9kaUyBOJdGUR0lSH0GT/bZIzi/szF
7TR9zILFf4bxaTRrKq+0txeTCK5FHvaW6xP2DoAuuSwTqZIFkQ5WosGSIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFITVFoQqnu+CssSQ5yCDyokxLdY2MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvaE5VV2hDcWU3NEt5eEpEbklJUEtpVEV0MWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEOYeEYYG7Q7XfIJwINM
6Lbzf5E+idA887GjLgDso1NeB99qyCV7cSQvLm9lHcbt3Nlez6cJnxyStLQ2Q66Q
v6NBvu5eV/5OInrXWuf7ZVBP9RaEdle90FqtDe5IjihizP9v2nDISISwjrTelF6L
f8cIO3dL6NamUr50/9r905evn88fxDMvnmZ9WogNA2h1GvXXysKfwM3mCLtKLeGb
1+EXGmLiM/JDwdVF4awy3KPk/iR8g6E/g9YHo6EH8+EuRugz0hoQP531F6Nnmr6c
VtPQNeTCYlioA8n3GzS4aTec2CohYxlORv6aidoEg79xOy0T6PrZ6xix/T7GnAMO
m4k=
-----END CERTIFICATE-----
Generated at Tue Apr 29 19:21:39 2025 by rpki-client