Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/mJWGymX7ng2Xh93dSrmgGX8JuAw.roa
File: mJWGymX7ng2Xh93dSrmgGX8JuAw.roa (raw, json)
Hash identifier: kKCYnXGA3dozZ38Y0uyYiwuwCfF63sdQNzXITTTSAaQ=
Subject key identifier: 98:95:86:CA:65:FB:9E:0D:97:87:DD:DD:4A:B9:A0:19:7F:09:B8:0C
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5C2B5DE606C578EC36C6CB3083A9A494
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/mJWGymX7ng2Xh93dSrmgGX8JuAw.roa
Signing time: Thu 09 May 2024 07:04:56 +0000
ROA not before: Thu 09 May 2024 07:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:5c2a:c561/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:2b:5d:e6:06:c5:78:ec:36:c6:cb:30:83:a9:a4:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 9 07:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=989586ca65fb9e0d9787dddd4ab9a0197f09b80c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6c:d9:14:96:96:a0:6d:2b:79:33:2d:54:75:
bd:9c:11:21:5b:d3:5d:e9:57:05:5b:2f:20:fa:4f:
09:5e:ed:7e:74:63:ed:21:2b:c8:6f:9a:47:2d:ec:
20:2b:db:0a:8d:c9:6b:71:0f:de:20:8c:79:91:0f:
0b:cd:46:f9:f0:fd:51:7a:51:3c:c2:e9:19:b7:7d:
db:ce:04:77:40:e2:88:ac:25:d8:7e:84:b1:84:ae:
86:68:96:07:d9:85:73:5f:e2:1a:b1:82:94:b5:db:
e6:d6:c3:60:93:0f:ea:41:77:32:63:ee:92:c0:af:
78:25:74:12:04:0d:cb:55:74:44:bd:17:9d:d2:41:
b7:bf:77:55:32:2d:55:eb:4d:ae:95:75:91:f3:b7:
2f:b6:ea:a3:e2:f2:06:4d:df:35:57:35:24:75:d3:
72:48:5e:7e:9d:5e:6a:d6:cd:5a:bc:d1:e3:a3:db:
d8:48:da:41:ab:10:af:3d:c8:e6:b5:a1:a7:be:5d:
cf:5d:5b:dd:44:4d:03:e3:0d:09:49:77:f3:64:52:
7b:a2:44:11:9a:91:12:97:e5:14:68:d1:8a:6b:a8:
e7:fa:18:06:ee:4f:6a:36:de:e6:c5:21:01:38:42:
f4:96:93:3e:f0:08:ec:57:9e:e0:9b:de:ba:e8:73:
22:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:95:86:CA:65:FB:9E:0D:97:87:DD:DD:4A:B9:A0:19:7F:09:B8:0C
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/mJWGymX7ng2Xh93dSrmgGX8JuAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:71:6b:5d:ab:f0:20:24:54:2d:8c:f6:2e:dd:9f:3d:b7:e0:
01:6c:01:36:5c:d4:ca:81:94:09:b0:b5:99:97:fe:56:a8:75:
2d:d6:62:e6:fe:54:72:df:66:53:1a:0e:7a:2c:76:42:90:c4:
9b:c8:3c:97:bb:b4:4d:78:4b:50:fb:52:32:40:de:64:49:e4:
c5:a0:2e:88:2d:4b:54:7b:c9:66:2a:87:e3:d1:77:4f:63:23:
87:1a:7d:8c:e6:ca:81:6b:b8:26:c7:88:6c:19:c4:de:28:00:
5a:2c:58:2c:9c:53:7b:c1:a4:cc:ca:01:dd:6b:cb:3a:65:82:
4e:cb:1a:a8:2b:f3:9f:7f:34:fc:9b:b8:8b:eb:2f:68:70:09:
40:38:42:12:d3:9b:c2:6d:ed:92:5c:71:62:8a:1b:b2:d5:8f:
9e:f1:a5:0c:84:81:c7:c4:81:7c:29:22:6a:85:96:f7:16:01:
c3:71:0a:84:69:06:dc:48:de:87:e2:e3:98:68:c8:d9:77:7f:
c0:6f:e6:b9:19:22:44:34:fe:e2:e0:f6:a6:53:5f:35:84:79:
d1:d4:ed:4f:59:44:32:48:e1:0c:ac:e5:56:15:15:be:2a:57:
04:6b:3d:ac:af:18:af:20:a9:2e:ef:2e:2a:74:c9:ee:a4:6a:
72:2f:aa:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9cK13mBsV47DbGyzCDqaSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA5MDcwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODk1ODZjYTY1ZmI5ZTBkOTc4N2RkZGQ0YWI5YTAxOTdmMDliODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2zZFJaWoG0reTMtVHW9nBEhW9Nd
6VcFWy8g+k8JXu1+dGPtISvIb5pHLewgK9sKjclrcQ/eIIx5kQ8LzUb58P1RelE8
wukZt33bzgR3QOKIrCXYfoSxhK6GaJYH2YVzX+IasYKUtdvm1sNgkw/qQXcyY+6S
wK94JXQSBA3LVXREvRed0kG3v3dVMi1V602ulXWR87cvtuqj4vIGTd81VzUkddNy
SF5+nV5q1s1avNHjo9vYSNpBqxCvPcjmtaGnvl3PXVvdRE0D4w0JSXfzZFJ7okQR
mpESl+UUaNGKa6jn+hgG7k9qNt7mxSEBOEL0lpM+8AjsV57gm9666HMitwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJiVhspl+54Nl4fd3Uq5oBl/CbgMMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvbUpXR3ltWDduZzJYaDkzZFNybWdHWDhKdUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD9xa12r8CAkVC2M9i7d
nz234AFsATZc1MqBlAmwtZmX/laodS3WYub+VHLfZlMaDnosdkKQxJvIPJe7tE14
S1D7UjJA3mRJ5MWgLogtS1R7yWYqh+PRd09jI4cafYzmyoFruCbHiGwZxN4oAFos
WCycU3vBpMzKAd1ryzplgk7LGqgr859/NPybuIvrL2hwCUA4QhLTm8Jt7ZJccWKK
G7LVj57xpQyEgcfEgXwpImqFlvcWAcNxCoRpBtxI3ofi45hoyNl3f8Bv5rkZIkQ0
/uLg9qZTXzWEedHU7U9ZRDJI4Qys5VYVFb4qVwRrPayvGK8gqS7vLip0ye6kanIv
qiY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 02:38:04 2025 by rpki-client