Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/tY9KgIsTv71ytw7BDA4UrJibLaQ.roa
File: tY9KgIsTv71ytw7BDA4UrJibLaQ.roa (raw, json)
Hash identifier: VLh60lPC94t4TYyCAaSE1f5OV8Nxf9h4AiDKKiDszsc=
Subject key identifier: B5:8F:4A:80:8B:13:BF:BD:72:B7:0E:C1:0C:0E:14:AC:98:9B:2D:A4
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F73217D9086A54E312C14F6D3F24C806A
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/tY9KgIsTv71ytw7BDA4UrJibLaQ.roa
Signing time: Mon 13 May 2024 18:05:25 +0000
ROA not before: Mon 13 May 2024 18:05:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:7320:b02f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:73:21:7d:90:86:a5:4e:31:2c:14:f6:d3:f2:4c:80:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 13 18:05:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b58f4a808b13bfbd72b70ec10c0e14ac989b2da4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f4:b9:44:ab:20:34:72:e3:f7:a3:ca:9b:2c:
13:6a:9e:cc:03:62:a9:cd:de:3f:a3:7a:ce:51:36:
cc:18:87:f7:91:54:75:4d:ff:ff:02:a0:2c:5c:18:
b7:bb:e6:22:3d:3b:48:2d:19:ae:74:65:8d:a1:c0:
9f:77:cc:1c:25:95:a3:05:23:f1:66:e0:a4:07:d6:
29:ff:2f:b6:f7:c6:1e:3d:eb:db:71:77:d3:cc:40:
7e:fd:1d:c9:3c:9d:7c:77:94:92:b2:2e:ce:91:e0:
6e:6f:ff:4c:ef:90:b0:68:ae:45:d5:d7:86:41:b3:
cd:28:88:fb:7a:fb:70:ca:93:94:e8:50:d1:0c:be:
a2:9f:b8:e2:34:6c:07:34:d1:6c:87:76:b9:a3:b8:
17:03:52:86:b5:98:b4:77:d0:63:61:30:d2:0d:28:
20:9e:5d:25:a0:e0:28:1e:fe:57:e7:ac:8f:a8:1b:
38:92:89:de:e0:a1:c2:b1:7f:49:2f:eb:eb:bb:dc:
f1:b1:9d:77:91:36:fc:35:5e:87:b9:eb:fc:99:d7:
ae:2a:7a:57:82:25:f7:de:7d:8b:c1:a1:33:2c:4d:
96:64:46:13:90:93:68:8a:94:45:8c:40:87:8a:03:
b5:63:9d:6a:06:6c:e3:cb:f9:18:2d:56:b3:96:03:
7b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:8F:4A:80:8B:13:BF:BD:72:B7:0E:C1:0C:0E:14:AC:98:9B:2D:A4
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/tY9KgIsTv71ytw7BDA4UrJibLaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:56:0b:59:7b:51:a1:55:ab:98:e3:10:cc:77:ae:d6:ae:d7:
fa:d1:4d:5f:c9:58:ed:51:14:02:b8:fd:e8:ff:93:02:54:38:
66:d0:97:af:87:c7:7c:b7:23:c9:f2:60:27:ff:fe:21:67:68:
ff:38:38:4d:64:76:0f:32:2e:f1:11:2b:ee:2b:7f:88:3e:6d:
3e:dd:b6:a8:15:52:3a:2d:36:58:fd:70:6c:e0:88:4d:a0:c4:
8e:e4:bf:4f:f0:5b:54:38:36:7d:8f:43:61:56:d8:c9:39:ea:
54:8f:34:31:ea:8e:66:07:3d:f9:55:43:17:a1:79:4a:92:5d:
b6:fa:c9:d5:45:04:03:e6:e2:03:dd:73:ba:17:f1:66:e1:3d:
86:55:34:ae:e9:7e:a0:aa:13:2e:c3:b7:e2:cc:91:d8:f0:be:
fd:c4:61:65:3e:d3:e4:13:f1:27:a6:89:7e:53:57:51:4d:6b:
de:a6:59:03:59:6c:31:cc:54:18:eb:51:8c:72:96:5c:82:f9:
a0:64:02:89:9f:fe:13:5d:04:30:32:71:63:7a:25:aa:08:aa:
ca:07:bb:36:08:d9:95:51:98:88:d3:00:b5:4f:6b:de:36:52:
5a:3c:e0:42:ee:0c:7f:d5:21:01:78:f8:7c:84:6d:31:9a:cf:
38:3f:3b:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9zIX2QhqVOMSwU9tPyTIBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEzMTgwNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNThmNGE4MDhiMTNiZmJkNzJiNzBlYzEwYzBlMTRhYzk4OWIyZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfS5RKsgNHLj96PKmywTap7MA2Kp
zd4/o3rOUTbMGIf3kVR1Tf//AqAsXBi3u+YiPTtILRmudGWNocCfd8wcJZWjBSPx
ZuCkB9Yp/y+298YePevbcXfTzEB+/R3JPJ18d5SSsi7OkeBub/9M75CwaK5F1deG
QbPNKIj7evtwypOU6FDRDL6in7jiNGwHNNFsh3a5o7gXA1KGtZi0d9BjYTDSDSgg
nl0loOAoHv5X56yPqBs4kone4KHCsX9JL+vru9zxsZ13kTb8NV6Huev8mdeuKnpX
giX33n2LwaEzLE2WZEYTkJNoipRFjECHigO1Y51qBmzjy/kYLVazlgN7GQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLWPSoCLE7+9crcOwQwOFKyYmy2kMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvdFk5S2dJc1R2NzF5dHc3QkRBNFVySmliTGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABxWC1l7UaFVq5jjEMx3
rtau1/rRTV/JWO1RFAK4/ej/kwJUOGbQl6+Hx3y3I8nyYCf//iFnaP84OE1kdg8y
LvERK+4rf4g+bT7dtqgVUjotNlj9cGzgiE2gxI7kv0/wW1Q4Nn2PQ2FW2Mk56lSP
NDHqjmYHPflVQxeheUqSXbb6ydVFBAPm4gPdc7oX8WbhPYZVNK7pfqCqEy7Dt+LM
kdjwvv3EYWU+0+QT8SemiX5TV1FNa96mWQNZbDHMVBjrUYxyllyC+aBkAomf/hNd
BDAycWN6JaoIqsoHuzYI2ZVRmIjTALVPa942Ulo84ELuDH/VIQF4+HyEbTGazzg/
O8U=
-----END CERTIFICATE-----
Generated at Tue Apr 29 15:06:37 2025 by rpki-client