Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/wXj6nwrs3FfpCGdo_BX6hfJi8Xw.roa
File: wXj6nwrs3FfpCGdo_BX6hfJi8Xw.roa (raw, json)
Hash identifier: 1HOHOYKCDRolWjXvL6VJDlr/AMh5DWlAbtB2FPGkTuk=
Subject key identifier: C1:78:FA:9F:0A:EC:DC:57:E9:08:67:68:FC:15:FA:85:F2:62:F1:7C
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5E58008C7D5B432402F5FC627D9A09EF
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/wXj6nwrs3FfpCGdo_BX6hfJi8Xw.roa
Signing time: Thu 09 May 2024 17:12:56 +0000
ROA not before: Thu 09 May 2024 17:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5e:58:00:8c:7d:5b:43:24:02:f5:fc:62:7d:9a:09:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 9 17:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c178fa9f0aecdc57e9086768fc15fa85f262f17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b6:2d:6a:63:82:1e:72:28:73:e6:97:29:d2:
ce:5c:8a:46:d7:f7:ea:11:46:4f:3f:0a:e5:b8:3c:
52:82:e6:d4:c3:62:7e:0b:1d:7f:ad:a2:90:e5:9e:
69:0c:de:40:a7:df:e3:4c:3c:b2:d3:0e:58:59:16:
fe:ed:a5:0b:d3:9e:e5:ea:c0:03:d2:7d:b1:1d:ae:
32:23:3b:2d:4e:00:17:67:b5:bf:de:2d:22:5f:23:
07:11:9c:89:cf:6a:50:2c:31:d6:1d:68:00:ca:52:
06:91:83:fd:40:71:d9:c3:16:52:c2:46:0d:a5:82:
96:23:55:a0:81:5b:47:7f:68:9a:54:84:d0:3f:b3:
4c:33:2b:84:e8:d7:d4:1d:e0:25:4b:21:33:18:c3:
b6:20:b7:df:92:94:f1:e9:59:1c:eb:0c:10:2c:32:
0b:80:07:8d:90:73:b7:57:d5:a8:c5:e4:58:4a:96:
24:3e:80:94:44:6f:19:18:80:95:f9:27:a3:7a:eb:
12:17:25:58:ad:56:9d:bb:96:2a:6a:ff:b9:de:00:
10:9a:da:2b:f2:8b:a8:40:77:cf:59:0d:41:d6:00:
ec:bc:c8:9c:ad:9e:b2:76:3e:05:99:5c:ab:84:97:
ae:b6:10:cf:81:c4:eb:84:e2:20:6e:35:57:90:48:
b4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:78:FA:9F:0A:EC:DC:57:E9:08:67:68:FC:15:FA:85:F2:62:F1:7C
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/wXj6nwrs3FfpCGdo_BX6hfJi8Xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:b5:ab:4f:62:38:0e:3c:a8:b0:53:dd:54:d5:ec:4a:88:94:
54:95:fc:e6:6a:bb:f0:86:24:30:ba:4e:6e:62:f2:a2:bf:91:
cc:55:88:a6:6f:58:1a:68:35:d2:0c:36:00:77:4f:8d:39:20:
de:05:40:ab:24:08:63:dc:97:a7:5d:fa:24:6c:01:f5:77:b2:
7d:15:74:75:f2:be:a7:58:4e:b1:7a:9f:ec:d4:69:46:5e:dc:
db:23:00:33:07:3d:02:53:7f:e6:d5:87:ee:d5:f6:a3:a4:f1:
84:16:c8:01:fd:77:57:6c:65:99:f7:ba:ff:74:34:69:bf:e1:
55:27:84:04:ad:a9:0f:2d:40:dc:b4:e7:01:d8:03:fa:d6:5a:
01:91:cd:d9:66:bc:c7:c2:ab:8b:6c:71:a3:66:f8:38:30:fa:
4f:ac:f2:69:ce:06:63:60:c8:b9:df:69:79:c0:a5:b4:75:0f:
47:95:be:3f:10:f2:d3:0c:86:4f:7b:e4:45:6d:f0:d9:e5:db:
7b:55:6f:a3:f1:d2:93:03:8f:2b:99:4f:d3:b7:42:52:a7:55:
80:66:93:62:84:d6:59:6b:27:35:f9:c8:8b:22:9f:90:c8:df:
33:15:9c:7f:35:47:7f:54:a8:9d:95:59:e7:2a:1d:98:7d:bd:
12:13:26:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9eWACMfVtDJAL1/GJ9mgnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA5MTcxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTc4ZmE5ZjBhZWNkYzU3ZTkwODY3NjhmYzE1ZmE4NWYyNjJmMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrYtamOCHnIoc+aXKdLOXIpG1/fq
EUZPPwrluDxSgubUw2J+Cx1/raKQ5Z5pDN5Ap9/jTDyy0w5YWRb+7aUL057l6sAD
0n2xHa4yIzstTgAXZ7W/3i0iXyMHEZyJz2pQLDHWHWgAylIGkYP9QHHZwxZSwkYN
pYKWI1WggVtHf2iaVITQP7NMMyuE6NfUHeAlSyEzGMO2ILffkpTx6Vkc6wwQLDIL
gAeNkHO3V9WoxeRYSpYkPoCURG8ZGICV+SejeusSFyVYrVadu5Yqav+53gAQmtor
8ouoQHfPWQ1B1gDsvMicrZ6ydj4FmVyrhJeuthDPgcTrhOIgbjVXkEi0eQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMF4+p8K7NxX6QhnaPwV+oXyYvF8MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvd1hqNm53cnMzRmZwQ0dkb19CWDZoZkppOFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF+1q09iOA48qLBT3VTV
7EqIlFSV/OZqu/CGJDC6Tm5i8qK/kcxViKZvWBpoNdIMNgB3T405IN4FQKskCGPc
l6dd+iRsAfV3sn0VdHXyvqdYTrF6n+zUaUZe3NsjADMHPQJTf+bVh+7V9qOk8YQW
yAH9d1dsZZn3uv90NGm/4VUnhAStqQ8tQNy05wHYA/rWWgGRzdlmvMfCq4tscaNm
+Dgw+k+s8mnOBmNgyLnfaXnApbR1D0eVvj8Q8tMMhk975EVt8Nnl23tVb6Px0pMD
jyuZT9O3QlKnVYBmk2KE1llrJzX5yIsin5DI3zMVnH81R39UqJ2VWecqHZh9vRIT
JpQ=
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:24:29 2025 by rpki-client