Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/nSMw8K79LM-vGqmErPtklYxnaYg.roa
File: nSMw8K79LM-vGqmErPtklYxnaYg.roa (raw, json)
Hash identifier: i4Lwz8WooEfO+mOgq7+8zCUNcx8WM26PdGfF8lnsPhA=
Subject key identifier: 9D:23:30:F0:AE:FD:2C:CF:AF:1A:A9:84:AC:FB:64:95:8C:67:69:88
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F31B4DFFA77321B12E5BAB3756C610F5C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/nSMw8K79LM-vGqmErPtklYxnaYg.roa
Signing time: Wed 01 May 2024 01:11:28 +0000
ROA not before: Wed 01 May 2024 01:11:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:31:b4:df:fa:77:32:1b:12:e5:ba:b3:75:6c:61:0f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 1 01:11:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d2330f0aefd2ccfaf1aa984acfb64958c676988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:35:38:fb:7d:ee:de:27:01:a6:f1:fc:d9:d4:
dd:9b:40:03:be:cd:03:02:69:4d:f4:bf:a9:ef:01:
2a:ae:e6:0a:18:28:75:85:b9:40:c4:96:9c:66:2b:
88:14:6f:de:76:cc:9e:ec:ad:9b:c5:f9:ee:b0:49:
b9:fb:c0:de:69:43:f9:d0:1e:8f:cc:30:bf:0c:30:
ab:b6:80:8e:b1:23:74:b3:ba:d0:09:5c:86:fa:cc:
3a:2a:ee:df:31:a3:e4:15:8d:12:94:8c:6d:21:ac:
1c:51:ff:19:e3:27:5f:28:0e:13:99:53:27:c9:22:
84:24:dc:90:4d:ce:5b:21:28:53:06:e3:e6:f5:e3:
4b:9a:cc:2d:af:af:4d:80:52:a0:4e:45:05:8e:3b:
4e:21:37:82:50:3a:be:75:05:ea:59:a6:79:87:1c:
76:95:44:4c:1d:77:d1:7f:f7:81:41:77:47:cd:a4:
d4:4f:33:47:0a:58:59:e7:13:32:8b:e4:4e:44:44:
d5:8f:87:73:72:6b:07:ba:20:60:68:9e:41:32:f5:
8d:f0:7d:ef:ec:6d:62:e9:30:82:21:f0:e7:04:f7:
f3:47:fe:89:65:11:77:e1:4e:6f:5c:cd:05:05:f3:
4a:a5:d7:c2:cf:d1:18:cc:b9:22:ee:05:9f:8a:cd:
8a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:23:30:F0:AE:FD:2C:CF:AF:1A:A9:84:AC:FB:64:95:8C:67:69:88
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/nSMw8K79LM-vGqmErPtklYxnaYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:ab:bd:53:99:fa:cc:f7:c4:d4:d6:8a:cd:9c:f0:9e:90:12:
c5:51:53:3d:54:34:b7:90:9c:76:a5:d1:ec:ca:1f:98:eb:0d:
04:42:9b:ae:f5:47:87:fd:bc:63:02:b9:1d:69:f3:e8:83:25:
9b:b5:5e:d4:23:b8:c9:bb:73:39:b9:8f:fd:57:62:14:70:49:
18:6a:63:ff:2a:29:cf:ca:4a:ce:a2:9c:c7:ce:0e:c2:18:65:
1b:4e:c2:22:f4:91:4f:82:7e:7a:d7:ef:58:54:d8:0f:b2:4f:
41:5b:d4:ea:90:83:d4:ff:db:0d:76:80:fb:62:31:81:ad:a3:
d9:9b:74:2a:d0:a0:01:c9:28:07:7c:66:f0:20:af:82:26:e5:
23:af:4f:e6:b2:dc:7a:62:0d:61:4e:94:ea:61:70:fc:e6:49:
b5:f6:71:ca:54:53:0a:41:9f:ee:68:f9:00:52:a3:4b:b6:b7:
38:89:f9:05:68:69:ec:a8:58:6e:ae:cd:cc:8b:7e:f5:34:11:
cf:6c:8c:b0:49:14:e6:48:e1:a6:3f:b2:10:89:68:08:d8:de:
8f:05:a8:f3:43:f0:7c:c8:be:ed:26:38:9a:bb:9b:ae:fc:4e:
4b:76:b2:44:d5:d7:ec:57:a1:e9:4c:53:19:34:05:4c:70:c5:
4c:67:5a:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8xtN/6dzIbEuW6s3VsYQ9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAxMDExMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDIzMzBmMGFlZmQyY2NmYWYxYWE5ODRhY2ZiNjQ5NThjNjc2OTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzU4+33u3icBpvH82dTdm0ADvs0D
AmlN9L+p7wEqruYKGCh1hblAxJacZiuIFG/edsye7K2bxfnusEm5+8DeaUP50B6P
zDC/DDCrtoCOsSN0s7rQCVyG+sw6Ku7fMaPkFY0SlIxtIawcUf8Z4ydfKA4TmVMn
ySKEJNyQTc5bIShTBuPm9eNLmswtr69NgFKgTkUFjjtOITeCUDq+dQXqWaZ5hxx2
lURMHXfRf/eBQXdHzaTUTzNHClhZ5xMyi+RORETVj4dzcmsHuiBgaJ5BMvWN8H3v
7G1i6TCCIfDnBPfzR/6JZRF34U5vXM0FBfNKpdfCz9EYzLki7gWfis2KawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ0jMPCu/SzPrxqphKz7ZJWMZ2mIMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvblNNdzhLNzlMTS12R3FtRXJQdGtsWXhuYVlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIervVOZ+sz3xNTWis2c
8J6QEsVRUz1UNLeQnHal0ezKH5jrDQRCm671R4f9vGMCuR1p8+iDJZu1XtQjuMm7
czm5j/1XYhRwSRhqY/8qKc/KSs6inMfODsIYZRtOwiL0kU+CfnrX71hU2A+yT0Fb
1OqQg9T/2w12gPtiMYGto9mbdCrQoAHJKAd8ZvAgr4Im5SOvT+ay3HpiDWFOlOph
cPzmSbX2ccpUUwpBn+5o+QBSo0u2tziJ+QVoaeyoWG6uzcyLfvU0Ec9sjLBJFOZI
4aY/shCJaAjY3o8FqPND8HzIvu0mOJq7m678Tkt2skTV1+xXoelMUxk0BUxwxUxn
WpM=
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:34:43 2025 by rpki-client