Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ugQ5RNV9Y_Cu1ZadNyUmcs-mcGY.roa
File: ugQ5RNV9Y_Cu1ZadNyUmcs-mcGY.roa (raw, json)
Hash identifier: MvMOuuJrIuGBFXC9PqG51hv40duF60j640oprWOwQJ8=
Subject key identifier: BA:04:39:44:D5:7D:63:F0:AE:D5:96:9D:37:25:26:72:CF:A6:70:66
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F957F629BFEE43CBF2C1FEDF491109031
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ugQ5RNV9Y_Cu1ZadNyUmcs-mcGY.roa
Signing time: Mon 20 May 2024 10:15:04 +0000
ROA not before: Mon 20 May 2024 10:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:95:7f:62:9b:fe:e4:3c:bf:2c:1f:ed:f4:91:10:90:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 20 10:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba043944d57d63f0aed5969d37252672cfa67066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:99:28:fb:9f:da:30:70:06:23:1d:91:b0:69:
15:b4:72:f1:d0:9f:c3:2a:0d:4b:4c:1c:27:c0:93:
61:6f:bb:da:ba:27:59:bc:38:c7:b6:2f:dc:33:28:
56:70:6a:9a:5e:a2:08:21:af:77:ac:16:97:72:e2:
88:73:43:5d:81:2f:b2:29:17:bb:ba:6a:57:c5:ab:
0d:9a:d7:94:c7:68:a3:87:3a:6b:26:f9:33:19:cb:
51:93:8b:8f:da:a3:d5:0b:0b:92:fc:30:ef:e7:62:
77:aa:db:0f:19:ca:94:5e:4a:40:1d:4f:6c:c3:9a:
9c:25:8b:1c:3d:f3:5a:ae:c8:85:19:36:83:65:45:
0b:2a:a1:be:29:e1:43:d0:f8:9c:a7:63:82:c0:4b:
b8:94:97:81:18:c9:db:14:9c:c4:2e:e9:b4:a9:90:
15:f2:af:f6:6f:17:ea:bf:7a:01:d2:f2:3a:1c:2f:
a4:e0:6d:32:9d:11:51:1e:e0:e8:14:e4:23:0d:81:
65:50:06:bd:46:3a:65:c6:35:79:21:c6:f8:53:06:
f1:3f:5c:a8:f5:28:1e:98:1e:cf:0b:fe:70:13:a3:
ca:f4:20:e3:d1:85:74:1f:f8:3c:2e:55:d0:a5:b4:
fd:13:8a:26:02:a9:1a:63:66:3f:96:4d:66:c1:3d:
5e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:04:39:44:D5:7D:63:F0:AE:D5:96:9D:37:25:26:72:CF:A6:70:66
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ugQ5RNV9Y_Cu1ZadNyUmcs-mcGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:23:ee:21:7e:7b:26:11:a5:48:29:c6:ba:b9:ce:fd:df:16:
b3:24:19:17:43:39:43:3a:ed:c6:db:2c:b0:fa:2b:81:bc:88:
47:92:d1:d1:8d:5e:03:37:be:74:70:3e:98:d2:d6:bd:b5:48:
6c:bc:3d:79:8d:97:c0:b9:24:97:1d:6b:cf:ff:23:b5:60:77:
d5:58:fb:fa:d3:3b:e9:32:53:99:36:17:80:97:61:72:86:ea:
be:c8:d8:f5:86:19:2d:be:6f:7f:fb:54:6e:70:58:a0:36:39:
58:f1:8a:99:aa:11:9f:ff:94:22:4d:33:bb:57:22:e5:fa:78:
b5:cf:8c:83:b2:19:0f:da:9d:29:5b:be:d3:00:b2:df:15:39:
af:de:89:44:3f:0e:88:e2:89:9f:d2:9a:b5:a3:52:2a:a5:5f:
07:ba:56:9f:33:c0:6d:79:0b:88:d6:50:ed:f2:23:e0:57:9a:
ee:1d:15:ec:55:0b:e1:9d:64:5a:46:da:55:1d:5f:62:95:f5:
44:a1:84:73:5a:1a:4f:59:7c:95:4d:11:72:f8:3e:66:6d:41:
7b:1a:8f:f2:c7:14:3d:d1:d4:5c:93:91:33:25:e0:1f:53:85:
6f:be:cc:c9:51:9d:39:b4:26:2d:0b:2d:b4:ea:bf:4a:19:49:
6e:65:71:7d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+Vf2Kb/uQ8vywf7fSREJAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIwMTAxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTA0Mzk0NGQ1N2Q2M2YwYWVkNTk2OWQzNzI1MjY3MmNmYTY3MDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpko+5/aMHAGIx2RsGkVtHLx0J/D
Kg1LTBwnwJNhb7vauidZvDjHti/cMyhWcGqaXqIIIa93rBaXcuKIc0NdgS+yKRe7
umpXxasNmteUx2ijhzprJvkzGctRk4uP2qPVCwuS/DDv52J3qtsPGcqUXkpAHU9s
w5qcJYscPfNarsiFGTaDZUULKqG+KeFD0Picp2OCwEu4lJeBGMnbFJzELum0qZAV
8q/2bxfqv3oB0vI6HC+k4G0ynRFRHuDoFOQjDYFlUAa9RjplxjV5Icb4UwbxP1yo
9SgemB7PC/5wE6PK9CDj0YV0H/g8LlXQpbT9E4omAqkaY2Y/lk1mwT1eIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLoEOUTVfWPwrtWWnTclJnLPpnBmMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvdWdRNVJOVjlZX0N1MVphZE55VW1jcy1tY0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABgj7iF+eyYRpUgpxrq5
zv3fFrMkGRdDOUM67cbbLLD6K4G8iEeS0dGNXgM3vnRwPpjS1r21SGy8PXmNl8C5
JJcda8//I7Vgd9VY+/rTO+kyU5k2F4CXYXKG6r7I2PWGGS2+b3/7VG5wWKA2OVjx
ipmqEZ//lCJNM7tXIuX6eLXPjIOyGQ/anSlbvtMAst8VOa/eiUQ/DojiiZ/SmrWj
UiqlXwe6Vp8zwG15C4jWUO3yI+BXmu4dFexVC+GdZFpG2lUdX2KV9UShhHNaGk9Z
fJVNEXL4PmZtQXsaj/LHFD3R1FyTkTMl4B9ThW++zMlRnTm0Ji0LLbTqv0oZSW5l
cX0=
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:19:57 2025 by rpki-client