Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/s0Kj-S10m0BQ3NHgKMNBeBVHKAI.roa
File: s0Kj-S10m0BQ3NHgKMNBeBVHKAI.roa (raw, json)
Hash identifier: YuS/ZcLKHlmBJ7WwaRkx1CYjVdFSogbNL7JCSeV7Qj8=
Subject key identifier: B3:42:A3:F9:2D:74:9B:40:50:DC:D1:E0:28:C3:41:78:15:47:28:02
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F253C576B31F04BAE1097977592A3AFFD
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/s0Kj-S10m0BQ3NHgKMNBeBVHKAI.roa
Signing time: Sun 28 Apr 2024 15:04:22 +0000
ROA not before: Sun 28 Apr 2024 15:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:253c:46a9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:25:3c:57:6b:31:f0:4b:ae:10:97:97:75:92:a3:af:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 28 15:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b342a3f92d749b4050dcd1e028c3417815472802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:4b:25:b5:f3:7c:23:5e:54:c0:bf:8a:a2:36:
27:97:12:1a:90:ca:f4:c1:91:e5:37:6c:72:c0:b7:
43:69:85:53:53:74:8e:a1:a3:d6:7e:d6:52:a8:c5:
40:13:ad:da:0e:c9:e8:d5:ba:16:b1:1f:1d:b0:ee:
75:37:20:e3:e5:6e:9e:e9:2a:77:46:ea:e1:11:7a:
60:b5:6c:68:2f:ed:e0:58:4a:58:25:94:9c:96:b1:
a8:8f:86:01:d8:e0:1c:9c:b0:5c:e8:85:97:81:77:
c9:08:65:4d:c5:53:b0:68:0f:b3:45:50:27:4e:58:
78:25:a0:22:e7:60:ec:11:2e:b2:6f:0c:97:00:3d:
aa:90:cf:e5:73:b4:87:8f:23:25:d2:1b:92:c1:ab:
e7:05:5e:d4:10:05:b6:6b:41:01:ee:08:04:3b:91:
c5:30:ed:b1:c0:31:ba:80:c0:6b:fa:6a:a8:b4:b3:
ab:4d:0c:84:75:4e:b6:d4:c5:85:7d:cc:96:a3:29:
09:fa:0f:a6:ac:db:e2:00:00:79:73:1e:ee:7c:f7:
42:c2:ff:d0:9b:e5:3a:8e:e8:da:b0:73:df:ad:5a:
8e:95:81:54:31:c2:6e:53:05:34:ba:7e:30:9b:91:
cf:01:63:ec:2c:e8:9f:91:97:4b:35:19:5d:b5:a4:
1f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:42:A3:F9:2D:74:9B:40:50:DC:D1:E0:28:C3:41:78:15:47:28:02
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/s0Kj-S10m0BQ3NHgKMNBeBVHKAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
2001:67c:64:ffff:0:18f:253c:46a9/128
Signature Algorithm: sha256WithRSAEncryption
5e:66:7d:10:ec:9c:8a:4e:8d:4b:9b:fc:f2:ba:a1:1c:28:cd:
ac:21:53:cb:a5:d1:7b:1a:3a:72:a9:d0:88:d7:12:d2:6e:e8:
47:f0:6c:71:a0:53:8c:87:4c:f2:d0:77:3e:76:93:e0:63:de:
07:9d:b8:92:16:57:2e:33:65:08:07:08:67:28:e5:96:2f:d5:
40:f7:99:3c:11:ba:15:b5:49:43:04:46:2b:32:be:7b:32:3a:
bf:20:f8:4e:ec:ff:c6:7d:db:48:ce:5c:55:a4:05:21:99:39:
01:81:1e:bd:d5:1d:be:b5:3d:88:ee:70:7d:68:2b:a1:a8:e5:
68:75:2d:f4:05:a9:c6:d0:25:3b:4e:13:af:b3:e8:f5:4a:a2:
3a:4c:ea:57:70:96:97:c1:a6:55:1f:50:ab:21:4b:9c:af:8f:
be:04:8e:d4:5b:89:e4:9a:ad:f8:6e:63:cd:b0:08:f6:16:18:
1a:eb:63:00:b4:fe:55:aa:07:29:aa:5a:50:b8:fd:ec:11:fa:
1a:36:98:c2:f4:c1:6c:1f:08:85:24:92:8a:22:a2:85:71:a1:
99:ec:99:90:90:d4:fb:2f:c4:92:d7:9c:43:82:fa:b8:e6:a0:
a2:a5:76:8e:17:b8:fd:9f:29:a9:8a:4f:c7:45:e4:34:16:ff:
db:e6:e1:ad
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY8lPFdrMfBLrhCXl3WSo6/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI4MTUwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzQyYTNmOTJkNzQ5YjQwNTBkY2QxZTAyOGMzNDE3ODE1NDcyODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60sltfN8I15UwL+KojYnlxIakMr0
wZHlN2xywLdDaYVTU3SOoaPWftZSqMVAE63aDsno1boWsR8dsO51NyDj5W6e6Sp3
RurhEXpgtWxoL+3gWEpYJZSclrGoj4YB2OAcnLBc6IWXgXfJCGVNxVOwaA+zRVAn
Tlh4JaAi52DsES6ybwyXAD2qkM/lc7SHjyMl0huSwavnBV7UEAW2a0EB7ggEO5HF
MO2xwDG6gMBr+mqotLOrTQyEdU621MWFfcyWoykJ+g+mrNviAAB5cx7ufPdCwv/Q
m+U6jujasHPfrVqOlYFUMcJuUwU0un4wm5HPAWPsLOifkZdLNRldtaQfgwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFLNCo/ktdJtAUNzR4CjDQXgVRygCMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvczBLai1TMTBtMEJRM05IZ0tNTkJlQlZIS0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAMBAIAATAGAwQDwQAYMCwE
AgACMCYDEQAgAQZ8AGT//wAAAY8FQ55BAxEAIAEGfABk//8AAAGPJTxGqTANBgkq
hkiG9w0BAQsFAAOCAQEAXmZ9EOycik6NS5v88rqhHCjNrCFTy6XRexo6cqnQiNcS
0m7oR/BscaBTjIdM8tB3PnaT4GPeB524khZXLjNlCAcIZyjlli/VQPeZPBG6FbVJ
QwRGKzK+ezI6vyD4Tuz/xn3bSM5cVaQFIZk5AYEevdUdvrU9iO5wfWgroajlaHUt
9AWpxtAlO04Tr7Po9UqiOkzqV3CWl8GmVR9QqyFLnK+PvgSO1FuJ5Jqt+G5jzbAI
9hYYGutjALT+VaoHKapaULj97BH6GjaYwvTBbB8IhSSSiiKihXGhmeyZkJDU+y/E
ktecQ4L6uOagoqV2jhe4/Z8pqYpPx0XkNBb/2+bhrQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 19:10:32 2025 by rpki-client