Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/2UvqO_L2diT-299yZRDyAVi2kuc.roa
File: 2UvqO_L2diT-299yZRDyAVi2kuc.roa (raw, json)
Hash identifier: feuZMJys+n9nzeUGXBMBrf177Mu+QFtEjsFQ+BrDSmQ=
Subject key identifier: D9:4B:EA:3B:F2:F6:76:24:FE:DB:DF:72:65:10:F2:01:58:B6:92:E7
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF530487B2DB5924AEBE426396ED85ED2
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/2UvqO_L2diT-299yZRDyAVi2kuc.roa
Signing time: Fri 19 Apr 2024 07:09:25 +0000
ROA not before: Fri 19 Apr 2024 07:09:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:f1f3:8b1f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:30:48:7b:2d:b5:92:4a:eb:e4:26:39:6e:d8:5e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 19 07:09:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d94bea3bf2f67624fedbdf726510f20158b692e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:38:1e:d9:e9:a2:24:48:57:55:b4:79:78:ec:
a0:fc:32:2b:cd:52:39:ef:c7:fa:c2:a7:84:44:fb:
c3:e7:b9:0b:30:3a:34:d6:08:51:64:bb:ad:74:0f:
60:d9:b0:eb:68:26:a0:15:4e:c3:c6:d7:43:0f:e8:
c5:dc:4c:42:85:0e:23:07:dc:a8:29:3a:01:b3:aa:
7a:74:2a:6a:6a:63:15:4f:99:0c:5b:92:b5:52:b0:
94:7d:f9:83:67:c4:c4:d4:bd:67:49:04:e5:df:5e:
ec:c2:45:64:2b:55:6d:b2:9a:3e:c7:97:71:87:78:
b3:be:89:a9:96:08:4a:13:af:eb:31:1f:4c:c7:5c:
e7:ad:98:33:c1:43:5c:73:36:3d:20:51:2b:db:42:
32:01:a7:64:17:ba:72:82:82:fa:af:42:71:14:f8:
a1:af:56:20:0c:d2:fa:1e:8e:40:d7:c3:04:38:2f:
b1:11:ea:3e:6b:55:2c:00:f2:21:5f:a0:b4:5c:8b:
88:46:84:89:c0:b5:68:51:1a:0f:4d:d1:c0:7b:ba:
df:75:fd:27:50:ac:9f:bd:07:40:11:db:55:16:78:
9c:82:f3:0a:16:e9:08:fc:4a:ff:ef:ce:63:e2:11:
cd:f1:92:15:22:59:92:37:77:19:0e:4d:5f:8a:53:
40:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:4B:EA:3B:F2:F6:76:24:FE:DB:DF:72:65:10:F2:01:58:B6:92:E7
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/2UvqO_L2diT-299yZRDyAVi2kuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:f0:90:c8:4b:c8:25:df:35:21:62:e3:c6:fb:96:f1:e4:45:
ae:55:ba:e7:ab:cb:94:2f:e5:14:cf:b8:39:6a:2a:f4:59:9d:
85:11:92:a4:e3:9d:6a:b0:62:07:69:20:e9:89:56:23:cf:b1:
ac:0d:4e:63:59:6c:8d:31:91:90:ed:a8:29:f9:0e:b9:e2:de:
ed:00:9d:a2:f1:ee:12:92:63:ec:70:88:bf:bd:2a:82:bb:9e:
98:ea:60:a0:cf:52:80:87:f0:f6:b1:52:03:0a:07:84:65:65:
44:af:db:d5:65:56:fb:fd:30:eb:49:6a:de:c4:c3:d6:a7:8d:
d5:94:4c:54:ae:ab:86:45:17:ee:8b:74:34:ae:41:91:28:46:
6c:72:f1:d8:c6:c5:fd:cf:0e:d6:b1:0a:32:f8:a0:19:51:54:
f6:0f:37:cb:46:16:25:6b:3d:70:cd:48:62:c0:03:08:bf:45:
ea:a2:d8:c8:13:8f:80:0d:ac:30:9d:f6:38:5b:2a:c9:c5:37:
fe:c4:6c:e6:d9:19:d5:2c:76:58:53:bd:8f:40:73:06:e8:b9:
a7:fc:b4:fc:12:8f:74:30:02:9d:e5:76:c3:93:57:03:6f:a7:
20:7c:fe:df:11:77:6e:ca:f9:bb:97:c2:a3:d9:bf:19:93:59:
a1:81:0e:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY71MEh7LbWSSuvkJjlu2F7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE5MDcwOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTRiZWEzYmYyZjY3NjI0ZmVkYmRmNzI2NTEwZjIwMTU4YjY5MmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjge2emiJEhXVbR5eOyg/DIrzVI5
78f6wqeERPvD57kLMDo01ghRZLutdA9g2bDraCagFU7DxtdDD+jF3ExChQ4jB9yo
KToBs6p6dCpqamMVT5kMW5K1UrCUffmDZ8TE1L1nSQTl317swkVkK1Vtspo+x5dx
h3izvomplghKE6/rMR9Mx1znrZgzwUNcczY9IFEr20IyAadkF7pygoL6r0JxFPih
r1YgDNL6Ho5A18MEOC+xEeo+a1UsAPIhX6C0XIuIRoSJwLVoURoPTdHAe7rfdf0n
UKyfvQdAEdtVFnicgvMKFukI/Er/785j4hHN8ZIVIlmSN3cZDk1filNAiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNlL6jvy9nYk/tvfcmUQ8gFYtpLnMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvMlV2cU9fTDJkaVQtMjk5eVpSRHlBVmkya3VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACbwkMhLyCXfNSFi48b7
lvHkRa5Vuuery5Qv5RTPuDlqKvRZnYURkqTjnWqwYgdpIOmJViPPsawNTmNZbI0x
kZDtqCn5Drni3u0AnaLx7hKSY+xwiL+9KoK7npjqYKDPUoCH8PaxUgMKB4RlZUSv
29VlVvv9MOtJat7Ew9anjdWUTFSuq4ZFF+6LdDSuQZEoRmxy8djGxf3PDtaxCjL4
oBlRVPYPN8tGFiVrPXDNSGLAAwi/Reqi2MgTj4ANrDCd9jhbKsnFN/7EbObZGdUs
dlhTvY9Acwbouaf8tPwSj3QwAp3ldsOTVwNvpyB8/t8Rd27K+buXwqPZvxmTWaGB
Dvg=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:20:50 2025 by rpki-client