Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/xQlqwKAVQMG0vijtqd4wIEuATaU.roa
File: xQlqwKAVQMG0vijtqd4wIEuATaU.roa (raw, json)
Hash identifier: UU6bXq2kHIIhG/fgxn/N+Hy1GIE/iobcos/uT5X7el0=
Subject key identifier: C5:09:6A:C0:A0:15:40:C1:B4:BE:28:ED:A9:DE:30:20:4B:80:4D:A5
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F28E896DDA38CC10B454AFB1D9B2549DB
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/xQlqwKAVQMG0vijtqd4wIEuATaU.roa
Signing time: Mon 29 Apr 2024 08:11:22 +0000
ROA not before: Mon 29 Apr 2024 08:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:e8:96:dd:a3:8c:c1:0b:45:4a:fb:1d:9b:25:49:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 29 08:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5096ac0a01540c1b4be28eda9de30204b804da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ad:20:77:00:d4:18:0b:63:ea:11:b6:33:60:
f7:a9:3d:df:3b:c2:23:3b:0a:2a:e2:ff:c5:c2:27:
5a:8f:fe:a1:f9:07:0f:fb:db:f9:b5:4e:63:e9:2b:
19:1d:ac:ab:2c:d0:d9:80:2a:4c:8e:1b:b3:10:e8:
85:a3:e6:99:e4:43:51:36:fd:a3:59:ca:3f:d7:e6:
38:0f:21:86:96:7a:e5:4b:84:e0:72:fb:49:ad:66:
99:42:76:d6:65:30:79:b2:d4:04:f9:ae:b1:04:3c:
57:44:42:64:1c:e4:a0:71:ce:db:42:bd:0e:c8:d1:
ee:8a:e1:8f:fb:c2:68:e3:c8:e0:2b:a9:49:71:3c:
7c:c7:7a:aa:9b:4e:d1:b3:4d:6e:3e:7e:f6:36:94:
e1:fd:3b:8c:4d:43:94:dc:e6:2c:2d:43:56:ad:ba:
26:66:af:50:64:ff:c3:01:7d:8b:f0:14:1d:39:1c:
33:07:75:c5:8d:bb:69:43:1c:47:29:66:c0:fd:30:
95:34:73:d6:56:23:71:9f:3e:b7:cb:ff:41:71:00:
59:01:a8:eb:ed:6a:05:d1:ca:13:55:ff:68:57:25:
4e:e1:be:4e:5c:d9:61:fc:d4:d2:a0:58:59:91:4f:
8f:a6:01:b7:75:90:01:8a:d5:28:a3:83:6f:68:1f:
d4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:09:6A:C0:A0:15:40:C1:B4:BE:28:ED:A9:DE:30:20:4B:80:4D:A5
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/xQlqwKAVQMG0vijtqd4wIEuATaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
28:03:56:eb:e9:43:de:80:cb:eb:b7:f6:08:2d:e9:94:38:3a:
16:c7:60:f2:20:28:27:8f:6b:69:41:72:35:ae:28:2f:e5:74:
6e:1d:84:01:64:9d:28:f8:2f:79:23:77:ac:ad:48:a7:b0:62:
bd:bc:04:f9:98:83:a4:d6:21:19:81:d1:a3:bd:aa:10:c4:c3:
44:c2:0b:a7:1d:50:b9:a4:e2:a7:a7:11:93:f9:5d:29:6d:31:
1b:fe:ce:04:df:ef:f3:a1:b1:1a:26:60:d3:f7:98:d3:4e:2e:
d2:67:ce:02:eb:df:b8:1f:9d:f2:d9:e0:6d:96:26:4d:3b:a6:
8e:3d:28:4e:34:ed:b3:b3:11:dd:68:b3:04:21:3a:24:69:9d:
a0:f4:e2:c2:59:6e:15:7f:a5:a5:58:31:98:95:8c:b6:b7:1c:
78:0d:0c:f4:4e:12:ec:f5:5d:98:76:fb:c0:99:b4:0c:24:a2:
aa:a1:ad:16:56:1c:25:3a:01:78:a6:ab:f9:dc:c0:37:cf:ba:
2a:17:c0:0b:a5:4b:28:ab:c1:13:c7:28:9f:0e:21:c1:6d:ed:
b1:60:6e:af:99:a7:2e:1e:5d:55:ca:e8:2c:f5:de:5b:40:ed:
a7:a1:84:8e:33:2e:0c:de:a1:41:0e:2d:de:b9:ac:a2:64:4f:
4b:b1:e4:98
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8o6Jbdo4zBC0VK+x2bJUnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI5MDgxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTA5NmFjMGEwMTU0MGMxYjRiZTI4ZWRhOWRlMzAyMDRiODA0ZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvK0gdwDUGAtj6hG2M2D3qT3fO8Ij
Owoq4v/Fwidaj/6h+QcP+9v5tU5j6SsZHayrLNDZgCpMjhuzEOiFo+aZ5ENRNv2j
Wco/1+Y4DyGGlnrlS4TgcvtJrWaZQnbWZTB5stQE+a6xBDxXREJkHOSgcc7bQr0O
yNHuiuGP+8Jo48jgK6lJcTx8x3qqm07Rs01uPn72NpTh/TuMTUOU3OYsLUNWrbom
Zq9QZP/DAX2L8BQdORwzB3XFjbtpQxxHKWbA/TCVNHPWViNxnz63y/9BcQBZAajr
7WoF0coTVf9oVyVO4b5OXNlh/NTSoFhZkU+PpgG3dZABitUoo4NvaB/UEwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMUJasCgFUDBtL4o7aneMCBLgE2lMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEveFFscXdLQVZRTUcwdmlqdHFkNHdJRXVBVGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQAoA1br
6UPegMvrt/YILemUODoWx2DyICgnj2tpQXI1rigv5XRuHYQBZJ0o+C95I3esrUin
sGK9vAT5mIOk1iEZgdGjvaoQxMNEwgunHVC5pOKnpxGT+V0pbTEb/s4E3+/zobEa
JmDT95jTTi7SZ84C69+4H53y2eBtliZNO6aOPShONO2zsxHdaLMEITokaZ2g9OLC
WW4Vf6WlWDGYlYy2txx4DQz0ThLs9V2YdvvAmbQMJKKqoa0WVhwlOgF4pqv53MA3
z7oqF8ALpUsoq8ETxyifDiHBbe2xYG6vmacuHl1Vyugs9d5bQO2noYSOMy4M3qFB
Di3euayiZE9LseSY
-----END CERTIFICATE-----
Generated at Wed Apr 30 07:36:51 2025 by rpki-client