Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/mXocCihkw0G1BwX1sm0U4PwJ0Ok.roa
File: mXocCihkw0G1BwX1sm0U4PwJ0Ok.roa (raw, json)
Hash identifier: aEnpqjkqUEXkz1LesuemIEVjH+d3CexiSX9t0wvSDUM=
Subject key identifier: 99:7A:1C:0A:28:64:C3:41:B5:07:05:F5:B2:6D:14:E0:FC:09:D0:E9
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA0A200B3999C95591A76E71EE7AEF66B
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/mXocCihkw0G1BwX1sm0U4PwJ0Ok.roa
Signing time: Wed 22 May 2024 14:08:42 +0000
ROA not before: Wed 22 May 2024 14:08:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
2001:67c:64:ffff:0:18f:a0a1:653f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:a2:00:b3:99:9c:95:59:1a:76:e7:1e:e7:ae:f6:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 22 14:08:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=997a1c0a2864c341b50705f5b26d14e0fc09d0e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6b:41:a9:82:37:12:9e:d4:90:55:44:8a:29:
61:e5:4d:0d:c8:aa:fb:fe:64:6c:fb:3f:1e:a8:62:
d3:bd:64:55:55:aa:1e:d1:b2:10:08:e3:37:6f:fe:
81:93:1f:b9:79:16:ef:98:39:7f:88:38:d0:28:4e:
eb:1f:84:17:01:66:18:59:79:04:23:0b:fb:6b:ba:
d7:63:98:4d:9a:a6:e3:27:1b:5d:35:33:0b:68:83:
54:f7:3d:43:60:a0:2d:4a:3c:6c:15:cf:5a:66:2f:
8e:ed:30:c6:8e:a5:00:49:04:96:dc:12:3e:fa:ac:
23:b2:0f:79:e0:af:69:74:91:56:79:f7:ad:a2:74:
ac:1c:c0:d2:95:c0:45:1a:40:33:ed:ee:b7:a5:da:
80:2e:83:f5:f6:bf:63:d5:da:97:90:09:60:15:a7:
eb:8e:f5:02:89:cb:4e:e1:42:d9:8a:c3:c4:34:69:
ee:b8:4e:6a:3a:c0:64:32:30:6a:37:39:9b:fe:ca:
9d:66:f8:62:13:da:a4:f9:12:2b:15:36:24:67:d0:
3f:57:39:bb:1e:9f:3b:7a:e2:2b:86:b4:cc:c7:26:
48:ef:3d:32:d5:d2:72:21:1d:6c:32:3a:f8:3e:7d:
a6:db:6c:56:11:2c:ec:7f:7d:3a:cd:b5:ee:fa:79:
b4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:7A:1C:0A:28:64:C3:41:B5:07:05:F5:B2:6D:14:E0:FC:09:D0:E9
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/mXocCihkw0G1BwX1sm0U4PwJ0Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c3:c8:ce:14:c3:72:e1:8b:ef:0d:f5:91:ee:8b:d0:3b:12:8d:
57:f0:d8:d7:36:26:d9:ee:06:98:51:c9:ce:fa:c5:be:c2:96:
8d:cd:db:a0:e5:5f:c4:8f:c2:e4:a8:c9:0a:d1:5c:49:7d:fb:
cf:2a:1d:ac:41:36:99:ae:fb:06:a7:6d:13:b5:c8:89:a1:bf:
3f:24:8a:3d:f9:b7:b0:57:4e:ec:d1:b6:fb:e7:e6:84:b3:85:
7b:25:0a:ec:c1:ab:c5:50:d8:30:18:9e:88:fd:e8:5c:3f:d3:
7d:e3:4f:51:2a:c5:01:42:8e:08:d1:a4:d4:c0:56:0f:fa:bc:
53:89:5f:57:c2:8c:e6:2b:04:25:51:b0:b7:35:8d:67:38:d1:
b9:16:ba:53:81:db:0b:2b:87:9f:9a:33:ed:46:99:28:a4:62:
2d:8e:71:84:c6:0c:51:9f:05:83:36:36:e9:00:38:9a:59:ac:
e0:90:6a:86:ad:44:ed:ba:81:d5:03:6a:b6:fd:db:c5:68:e1:
29:ea:e9:45:d3:e5:1e:0e:43:61:5e:15:05:49:da:37:8c:02:
6b:c8:e7:0c:0e:ea:72:37:bf:77:e9:51:d0:7f:2b:26:b2:99:
cc:e0:30:ec:5f:e5:7d:a2:eb:54:c6:3c:7d:a6:f4:0f:b3:23:
b9:a0:be:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+gogCzmZyVWRp25x7nrvZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIyMTQwODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTdhMWMwYTI4NjRjMzQxYjUwNzA1ZjViMjZkMTRlMGZjMDlkMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGtBqYI3Ep7UkFVEiilh5U0NyKr7
/mRs+z8eqGLTvWRVVaoe0bIQCOM3b/6Bkx+5eRbvmDl/iDjQKE7rH4QXAWYYWXkE
Iwv7a7rXY5hNmqbjJxtdNTMLaINU9z1DYKAtSjxsFc9aZi+O7TDGjqUASQSW3BI+
+qwjsg954K9pdJFWefetonSsHMDSlcBFGkAz7e63pdqALoP19r9j1dqXkAlgFafr
jvUCictO4ULZisPENGnuuE5qOsBkMjBqNzmb/sqdZvhiE9qk+RIrFTYkZ9A/Vzm7
Hp87euIrhrTMxyZI7z0y1dJyIR1sMjr4Pn2m22xWESzsf306zbXu+nm0hwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJl6HAooZMNBtQcF9bJtFOD8CdDpMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvbVhvY0NpaGt3MEcxQndYMXNtMFU0UHdKME9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMPIzhTDcuGL7w31ke6L
0DsSjVfw2Nc2JtnuBphRyc76xb7Clo3N26DlX8SPwuSoyQrRXEl9+88qHaxBNpmu
+wanbRO1yImhvz8kij35t7BXTuzRtvvn5oSzhXslCuzBq8VQ2DAYnoj96Fw/033j
T1EqxQFCjgjRpNTAVg/6vFOJX1fCjOYrBCVRsLc1jWc40bkWulOB2wsrh5+aM+1G
mSikYi2OcYTGDFGfBYM2NukAOJpZrOCQaoatRO26gdUDarb928Vo4Snq6UXT5R4O
Q2FeFQVJ2jeMAmvI5wwO6nI3v3fpUdB/KyaymczgMOxf5X2i61TGPH2m9A+zI7mg
vi8=
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:55:53 2025 by rpki-client