Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rpi1UOADK_MJQxCXfpFI-umtZmM.roa
File: rpi1UOADK_MJQxCXfpFI-umtZmM.roa (raw, json)
Hash identifier: Uy3Rl2oT+CgcvPJt5bSUjCr6cyAxFkerS70hln/yfL8=
Subject key identifier: AE:98:B5:50:E0:03:2B:F3:09:43:10:97:7E:91:48:FA:E9:AD:66:63
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F2C5868C60FB0ED7148C4B79AA7D80275
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rpi1UOADK_MJQxCXfpFI-umtZmM.roa
Signing time: Tue 30 Apr 2024 00:12:22 +0000
ROA not before: Tue 30 Apr 2024 00:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2c:58:68:c6:0f:b0:ed:71:48:c4:b7:9a:a7:d8:02:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 30 00:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae98b550e0032bf3094310977e9148fae9ad6663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8e:15:9d:26:75:d6:89:af:b2:40:9e:44:fb:
67:fd:8b:af:ec:8e:90:97:6e:73:c4:c0:a5:85:81:
80:a4:4f:d6:f8:00:97:9a:80:9d:1a:a9:ea:02:4c:
6e:6d:c8:ec:e4:ee:c2:78:ed:84:7b:3d:60:06:84:
82:ea:95:ed:00:a6:ef:41:47:39:54:12:6b:94:34:
33:8d:84:1c:41:7c:a7:73:cf:a1:f9:fc:da:a6:b0:
45:b1:03:11:53:d3:73:77:22:16:68:f5:e8:41:94:
89:00:78:45:49:4a:ce:53:a1:a6:a4:3f:45:0e:03:
6c:89:b7:03:6a:e3:1f:5c:6b:90:36:66:48:3c:dd:
f1:51:6c:bb:8f:22:78:01:92:72:a4:c4:32:3c:5b:
2d:a1:41:6f:89:49:5e:53:5e:08:93:31:d1:0d:fb:
50:9a:ab:19:9b:27:0f:57:9a:b4:56:64:ae:9f:72:
37:e9:a8:8b:55:e7:ee:49:3a:02:21:6b:de:e5:37:
a8:68:25:26:ea:1c:93:41:23:69:1f:b1:48:14:fb:
d2:c4:7a:f7:91:29:6d:c2:18:8e:0a:91:f0:8d:2c:
8a:2c:99:a1:c0:2f:77:fd:6d:0d:d9:82:ca:b6:52:
52:10:2e:6c:43:4c:00:08:0b:51:1f:4b:b7:5f:71:
2f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:98:B5:50:E0:03:2B:F3:09:43:10:97:7E:91:48:FA:E9:AD:66:63
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rpi1UOADK_MJQxCXfpFI-umtZmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:e0:cd:ca:d7:ed:c1:09:e8:4d:6a:73:a7:c5:16:aa:e4:0e:
f8:54:62:3a:5e:5c:3e:f9:9b:70:34:30:50:2f:3e:19:59:3d:
c5:04:dc:df:91:21:c9:ea:c6:71:a4:a1:1a:fc:33:ce:e8:55:
59:86:4e:9b:c5:d8:40:60:ba:51:c9:a3:5c:fe:f4:f9:42:5d:
85:c7:c9:41:3a:09:e6:6f:88:ba:73:2f:28:a4:b5:f8:e2:eb:
52:ae:2a:c7:13:a3:51:38:6a:0c:95:41:61:3a:cf:2a:22:af:
4a:62:43:f1:20:be:b6:67:95:87:46:12:5e:3d:d1:22:66:8a:
dc:82:a3:37:b5:85:30:8e:42:e0:7d:4f:36:27:e0:67:6a:44:
50:6a:a6:bb:96:20:e9:b8:58:bb:68:a4:7b:be:57:d7:2e:c5:
54:88:11:dd:1b:59:2c:86:ee:bd:79:d9:4c:0f:fc:3f:f6:05:
4e:72:7e:14:fe:61:04:bd:1d:d4:4a:77:f6:8e:6d:7b:72:e1:
a8:81:ea:98:63:93:6e:d3:55:ab:65:ab:fb:d0:97:07:8f:27:
64:58:fb:85:da:19:df:df:6d:09:83:c4:2e:9c:80:74:bb:26:
90:19:62:8e:5d:68:87:13:d0:1a:4d:e2:ef:10:83:f5:d9:f6:
a7:cc:55:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8sWGjGD7DtcUjEt5qn2AJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDMwMDAxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTk4YjU1MGUwMDMyYmYzMDk0MzEwOTc3ZTkxNDhmYWU5YWQ2NjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo4VnSZ11omvskCeRPtn/Yuv7I6Q
l25zxMClhYGApE/W+ACXmoCdGqnqAkxubcjs5O7CeO2Eez1gBoSC6pXtAKbvQUc5
VBJrlDQzjYQcQXync8+h+fzaprBFsQMRU9NzdyIWaPXoQZSJAHhFSUrOU6GmpD9F
DgNsibcDauMfXGuQNmZIPN3xUWy7jyJ4AZJypMQyPFstoUFviUleU14IkzHRDftQ
mqsZmycPV5q0VmSun3I36aiLVefuSToCIWve5TeoaCUm6hyTQSNpH7FIFPvSxHr3
kSltwhiOCpHwjSyKLJmhwC93/W0N2YLKtlJSEC5sQ0wACAtRH0u3X3EvpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK6YtVDgAyvzCUMQl36RSPrprWZjMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvcnBpMVVPQURLX01KUXhDWGZwRkktdW10Wm1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADrgzcrX7cEJ6E1qc6fF
FqrkDvhUYjpeXD75m3A0MFAvPhlZPcUE3N+RIcnqxnGkoRr8M87oVVmGTpvF2EBg
ulHJo1z+9PlCXYXHyUE6CeZviLpzLyiktfji61KuKscTo1E4agyVQWE6zyoir0pi
Q/EgvrZnlYdGEl490SJmityCoze1hTCOQuB9TzYn4GdqRFBqpruWIOm4WLtopHu+
V9cuxVSIEd0bWSyG7r152UwP/D/2BU5yfhT+YQS9HdRKd/aObXty4aiB6phjk27T
Vatlq/vQlwePJ2RY+4XaGd/fbQmDxC6cgHS7JpAZYo5daIcT0BpN4u8Qg/XZ9qfM
VVs=
-----END CERTIFICATE-----
Generated at Wed Apr 30 02:47:15 2025 by rpki-client