Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/zijs93H1QrqapsYdIkES4erGIsA.roa
File: zijs93H1QrqapsYdIkES4erGIsA.roa (raw, json)
Hash identifier: yfx22gSjDEFJ2Pm5W1Asy+SvDC2lnJ6LR8p08cSsFH0=
Subject key identifier: CE:28:EC:F7:71:F5:42:BA:9A:A6:C6:1D:22:41:12:E1:EA:C6:22:C0
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F0CCD3EBFBF36C891BEBF8F414C6326BF
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/zijs93H1QrqapsYdIkES4erGIsA.roa
Signing time: Tue 23 Apr 2024 21:12:08 +0000
ROA not before: Tue 23 Apr 2024 21:12:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0c:cd:3e:bf:bf:36:c8:91:be:bf:8f:41:4c:63:26:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 23 21:12:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce28ecf771f542ba9aa6c61d224112e1eac622c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1b:f4:f2:e5:20:98:8a:78:78:0d:62:a9:93:
25:cb:69:eb:64:fe:56:be:fe:84:75:e3:9e:3c:19:
19:c7:65:29:e3:11:ed:df:c4:75:8c:31:42:fe:21:
47:76:0d:9c:a5:e1:e4:d6:26:a6:56:86:4f:c5:28:
75:89:3d:08:62:50:c2:80:1b:4c:e0:84:fe:38:3e:
8d:3b:27:5c:17:be:17:8d:a4:e6:56:d4:99:69:9a:
d6:43:bc:f6:b6:16:cf:72:2a:cd:11:8d:90:87:84:
78:12:92:49:64:ce:12:8b:ae:67:0b:67:a6:50:7b:
8d:ce:08:57:67:dd:66:03:97:86:dd:af:bd:01:6d:
94:cf:41:e0:c4:a4:77:b3:bf:b1:91:df:eb:60:6f:
63:13:89:81:c4:fa:e1:22:b5:69:a5:eb:e6:87:df:
d8:bc:67:7a:3c:37:74:93:cc:54:de:7f:a6:4b:e5:
10:ec:eb:6d:78:4f:61:3d:4e:42:22:d6:51:b9:21:
84:7f:20:6c:01:be:21:84:98:c9:ff:e2:66:fe:5a:
b7:6f:49:ec:33:94:1b:83:05:ef:a6:bb:f1:02:ae:
ac:b7:2e:9b:35:d4:46:3d:cf:41:b6:2d:c4:69:31:
88:88:50:bd:73:84:1c:cd:9a:a9:1b:c4:6f:2d:1c:
7d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:28:EC:F7:71:F5:42:BA:9A:A6:C6:1D:22:41:12:E1:EA:C6:22:C0
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/zijs93H1QrqapsYdIkES4erGIsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
90:64:bd:7a:8c:a2:70:29:b7:5f:cd:71:fc:51:fc:65:e6:7b:
a7:3e:3d:d4:c8:3c:cb:e5:19:70:99:b5:b5:6d:58:37:77:4b:
12:90:09:2b:85:58:e6:53:c0:04:9d:40:3c:24:b1:3b:2b:9b:
bb:b0:a2:c4:96:7f:e7:30:40:ac:3d:a5:fc:2d:a0:0c:24:ee:
be:2d:42:fb:56:e4:76:05:65:e3:a6:e7:2a:4b:3c:8a:e6:55:
7a:71:6c:fc:8a:ed:26:43:16:29:ac:c8:a6:01:69:3a:2a:9d:
c9:92:28:ed:8c:8b:73:78:aa:d7:5c:e9:6e:d2:0b:aa:b1:38:
9a:e0:94:95:06:7b:64:65:2e:e0:a7:ca:2d:9b:9a:d0:a5:39:
a6:65:7a:44:35:80:05:d8:4d:ee:6b:0c:c4:46:dd:ac:1b:43:
6c:51:c8:8f:42:2c:5b:2c:21:60:e8:5f:5b:c1:d1:af:24:ce:
97:0e:ce:25:c8:22:cd:c0:99:74:58:83:eb:95:e5:d7:0a:88:
0c:3e:71:34:af:0b:c7:13:b9:96:f9:fa:7f:d8:50:d4:71:b3:
a9:5d:94:6b:e9:04:98:ef:59:8c:67:23:2b:1d:ef:c8:13:30:
ae:7e:79:9d:56:b9:ea:9c:f6:12:28:46:fa:27:b3:a3:64:04:
c3:6a:3b:e1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8MzT6/vzbIkb6/j0FMYya/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDIzMjExMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTI4ZWNmNzcxZjU0MmJhOWFhNmM2MWQyMjQxMTJlMWVhYzYyMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBv08uUgmIp4eA1iqZMly2nrZP5W
vv6EdeOePBkZx2Up4xHt38R1jDFC/iFHdg2cpeHk1iamVoZPxSh1iT0IYlDCgBtM
4IT+OD6NOydcF74XjaTmVtSZaZrWQ7z2thbPcirNEY2Qh4R4EpJJZM4Si65nC2em
UHuNzghXZ91mA5eG3a+9AW2Uz0HgxKR3s7+xkd/rYG9jE4mBxPrhIrVppevmh9/Y
vGd6PDd0k8xU3n+mS+UQ7OtteE9hPU5CItZRuSGEfyBsAb4hhJjJ/+Jm/lq3b0ns
M5QbgwXvprvxAq6sty6bNdRGPc9Bti3EaTGIiFC9c4QczZqpG8RvLRx9EQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM4o7Pdx9UK6mqbGHSJBEuHqxiLAMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvemlqczkzSDFRcnFhcHNZZElrRVM0ZXJHSXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQCQZL16
jKJwKbdfzXH8Ufxl5nunPj3UyDzL5RlwmbW1bVg3d0sSkAkrhVjmU8AEnUA8JLE7
K5u7sKLEln/nMECsPaX8LaAMJO6+LUL7VuR2BWXjpucqSzyK5lV6cWz8iu0mQxYp
rMimAWk6Kp3JkijtjItzeKrXXOlu0guqsTia4JSVBntkZS7gp8otm5rQpTmmZXpE
NYAF2E3uawzERt2sG0NsUciPQixbLCFg6F9bwdGvJM6XDs4lyCLNwJl0WIPrleXX
CogMPnE0rwvHE7mW+fp/2FDUcbOpXZRr6QSY71mMZyMrHe/IEzCufnmdVrnqnPYS
KEb6J7OjZATDajvh
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:47:36 2025 by rpki-client