Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/kQ9bRvIDbgWezr2OlGLWOMOtI70.roa
File: kQ9bRvIDbgWezr2OlGLWOMOtI70.roa (raw, json)
Hash identifier: p4YnX6ttJdnEIcvOXavK3a9fa/FAEztAP4EVBfKGeGE=
Subject key identifier: 91:0F:5B:46:F2:03:6E:05:9E:CE:BD:8E:94:62:D6:38:C3:AD:23:BD
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9CFF3F024905F8FB5BD35FDCFF3F7BE8
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/kQ9bRvIDbgWezr2OlGLWOMOtI70.roa
Signing time: Tue 21 May 2024 21:12:04 +0000
ROA not before: Tue 21 May 2024 21:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9c:ff:3f:02:49:05:f8:fb:5b:d3:5f:dc:ff:3f:7b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 21:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=910f5b46f2036e059ecebd8e9462d638c3ad23bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b4:da:38:52:59:18:ae:0b:84:a1:ab:68:88:
96:08:80:94:d9:ce:09:c3:aa:8c:0f:bd:32:df:7c:
d4:38:8f:1c:d6:a1:e8:b2:8d:cb:06:85:35:cc:25:
18:f5:fb:f7:54:80:50:0c:e4:b1:ce:0f:e2:09:28:
90:a1:85:e9:fc:a8:f6:52:b0:86:3b:b2:70:f8:53:
b3:30:91:67:e0:03:4a:7b:a1:3c:95:f1:5f:dc:01:
e7:16:10:85:0a:73:fd:62:d5:8b:2c:b8:1e:d9:a4:
d8:57:79:a7:7c:56:a2:89:f6:90:52:55:59:9d:6f:
a2:b3:90:bd:e4:73:55:52:40:30:0e:38:68:ae:1e:
6e:4e:82:97:ce:b0:c5:82:c2:7b:53:48:c2:17:f3:
73:fe:1a:04:63:48:23:e4:e8:15:71:2a:6c:19:84:
2e:02:37:00:c4:52:c6:a7:4e:88:2a:b0:dc:cf:92:
c8:bc:43:b1:bc:85:16:b4:04:86:e8:c9:c4:16:fb:
cb:5d:e9:22:6d:59:dd:9a:cc:23:20:c5:c8:02:00:
83:57:d7:d9:17:15:ba:d9:94:8d:04:9b:3a:10:b4:
c3:79:6b:c8:b0:51:fc:17:37:a1:e1:77:c4:56:9e:
b3:bf:24:2c:d2:f9:eb:bc:82:a5:e9:1e:88:9d:70:
d8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0F:5B:46:F2:03:6E:05:9E:CE:BD:8E:94:62:D6:38:C3:AD:23:BD
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/kQ9bRvIDbgWezr2OlGLWOMOtI70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:b9:50:d6:85:b6:7c:38:89:9d:02:3b:49:be:b5:d0:f6:0a:
cd:0b:cb:69:4d:49:ae:46:b3:99:a7:1b:7e:29:fd:2f:b4:ae:
48:bd:9f:0c:11:36:2b:4e:ac:03:05:3a:ac:a8:7f:d0:1b:bb:
00:79:d3:2b:8f:4b:a3:32:d2:52:f9:ad:16:9b:6d:d0:1c:f6:
5d:b5:a6:b6:f5:84:03:5c:f5:13:4e:69:3d:16:21:b4:fd:69:
dc:32:36:47:2a:8b:f4:7b:a9:a4:4c:82:fe:32:c7:a2:39:5f:
a7:cf:d1:d7:f0:87:fb:bc:c8:b1:3b:a2:27:17:a4:14:1a:61:
ae:54:4a:d2:3d:96:10:b3:64:0b:51:fe:f7:f5:68:32:a7:f1:
d9:9a:cc:f1:24:6c:f4:8e:57:7f:cb:d2:56:ba:3a:19:e0:ca:
38:94:86:50:c6:ab:29:59:f0:62:44:cb:78:eb:32:e2:30:7f:
cf:94:a2:0b:a3:2e:cb:60:88:7e:57:c0:a7:1b:37:6d:78:f3:
eb:14:a8:9d:f3:4f:78:0a:79:77:c8:fc:41:61:31:ac:a0:5a:
a9:17:f6:7e:e9:c9:8b:56:a2:7f:30:a7:e1:ae:8c:b9:8d:e1:
9b:6a:39:b7:c2:30:6e:99:e1:36:da:ab:ab:13:cc:7d:66:51:
da:43:e9:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+c/z8CSQX4+1vTX9z/P3voMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMjExMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTBmNWI0NmYyMDM2ZTA1OWVjZWJkOGU5NDYyZDYzOGMzYWQyM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLTaOFJZGK4LhKGraIiWCICU2c4J
w6qMD70y33zUOI8c1qHoso3LBoU1zCUY9fv3VIBQDOSxzg/iCSiQoYXp/Kj2UrCG
O7Jw+FOzMJFn4ANKe6E8lfFf3AHnFhCFCnP9YtWLLLge2aTYV3mnfFaiifaQUlVZ
nW+is5C95HNVUkAwDjhorh5uToKXzrDFgsJ7U0jCF/Nz/hoEY0gj5OgVcSpsGYQu
AjcAxFLGp06IKrDcz5LIvEOxvIUWtASG6MnEFvvLXekibVndmswjIMXIAgCDV9fZ
FxW62ZSNBJs6ELTDeWvIsFH8Fzeh4XfEVp6zvyQs0vnrvIKl6R6InXDYnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJEPW0byA24Fns69jpRi1jjDrSO9MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEva1E5YlJ2SURiZ1dlenIyT2xHTFdPTU90STcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJq5UNaFtnw4iZ0CO0m+
tdD2Cs0Ly2lNSa5Gs5mnG34p/S+0rki9nwwRNitOrAMFOqyof9AbuwB50yuPS6My
0lL5rRabbdAc9l21prb1hANc9RNOaT0WIbT9adwyNkcqi/R7qaRMgv4yx6I5X6fP
0dfwh/u8yLE7oicXpBQaYa5UStI9lhCzZAtR/vf1aDKn8dmazPEkbPSOV3/L0la6
OhngyjiUhlDGqylZ8GJEy3jrMuIwf8+UogujLstgiH5XwKcbN2148+sUqJ3zT3gK
eXfI/EFhMaygWqkX9n7pyYtWon8wp+GujLmN4ZtqObfCMG6Z4Tbaq6sTzH1mUdpD
6Sk=
-----END CERTIFICATE-----
Generated at Tue Apr 29 15:06:09 2025 by rpki-client