Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/HWEMM4OnogU_np9-CO5sD2UuJBM.roa
File: HWEMM4OnogU_np9-CO5sD2UuJBM.roa (raw, json)
Hash identifier: qpMgbmJ9dNeBlPjwiCW059QAQvaNdOuRiUZBWiXr/uo=
Subject key identifier: 1D:61:0C:33:83:A7:A2:05:3F:9E:9F:7E:08:EE:6C:0F:65:2E:24:13
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F660A3867C91725B263305AE9EFC00699
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/HWEMM4OnogU_np9-CO5sD2UuJBM.roa
Signing time: Sat 11 May 2024 05:04:56 +0000
ROA not before: Sat 11 May 2024 05:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:6609:bb2b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:66:0a:38:67:c9:17:25:b2:63:30:5a:e9:ef:c0:06:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 11 05:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d610c3383a7a2053f9e9f7e08ee6c0f652e2413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:84:30:b2:98:37:65:27:c3:1e:58:a7:99:60:
c1:b9:6e:37:d8:8d:83:a4:d5:e6:2b:d5:f9:fb:77:
af:d4:1f:db:6a:d2:3f:0b:21:55:2c:d7:f5:96:d5:
c7:83:89:34:8f:93:a6:cd:6e:4a:4a:5d:72:84:28:
13:8a:ae:37:02:d7:ec:6d:c3:45:1a:08:b4:15:bc:
e3:24:6b:d8:b0:20:2e:0e:24:99:23:6e:1b:73:32:
e7:43:fb:c3:a6:95:dd:ee:b4:04:9c:ac:b4:af:d3:
6c:90:6e:bd:c5:26:e7:60:be:01:bc:25:ac:1b:8a:
50:15:14:82:25:7c:d6:c7:13:6e:bd:11:d5:57:c2:
86:98:64:68:c1:ed:e9:21:3f:a5:1f:b0:9e:7b:58:
77:3e:6a:d8:f4:e8:0a:12:74:c9:9b:19:d3:39:0e:
6e:f5:b4:5e:5f:a9:11:42:4c:ee:c5:5b:b7:c1:2e:
e0:6c:9e:0d:4c:ea:fa:dd:19:c1:74:79:59:36:dc:
90:f1:b4:38:d6:01:9a:2d:db:db:5a:68:e7:fb:89:
16:4c:dc:17:cd:b1:05:1d:68:83:85:62:33:e8:83:
dc:86:4d:86:ee:9a:55:2a:a2:ee:5c:1c:09:98:21:
da:ae:c6:5c:04:b3:1a:63:bc:f3:33:fa:77:44:b5:
c8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:61:0C:33:83:A7:A2:05:3F:9E:9F:7E:08:EE:6C:0F:65:2E:24:13
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/HWEMM4OnogU_np9-CO5sD2UuJBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d2:bf:af:6b:1b:0d:3d:ad:18:52:94:3a:27:ed:bb:5c:51:f1:
60:1f:ed:75:67:af:39:ed:2b:8e:e2:d3:ce:1e:1d:f9:98:69:
0b:51:15:72:48:9d:f9:a1:1b:23:f5:bf:eb:fd:55:67:64:27:
79:b3:4f:b6:24:ad:b9:16:70:5d:9b:f7:b8:3e:28:47:df:fd:
d5:37:63:c2:f3:ff:a2:28:a7:35:20:f9:75:df:19:99:85:1b:
5c:7a:ed:30:19:64:15:b4:ba:45:22:1b:08:07:37:61:f8:8b:
65:24:47:c0:4a:7d:d8:51:21:57:c2:5b:4e:dc:0f:65:f7:69:
3f:6c:fe:98:03:00:69:25:25:e4:62:db:0c:d5:61:ee:9b:53:
fc:af:88:3c:b7:0e:3e:59:bc:65:b7:15:62:d3:8d:bb:e9:82:
43:0a:ad:54:1a:fa:13:23:a8:3d:7d:31:aa:58:f8:ad:de:3f:
dc:0b:c1:1c:4d:5b:34:61:9a:b8:6d:c4:6d:ec:56:68:7d:f0:
f3:41:e0:b1:f9:65:2b:7c:99:f6:3f:70:fb:71:d1:dc:70:e9:
5b:1d:e3:4d:d4:18:81:d8:60:9e:f8:95:e0:7f:0b:fa:49:c7:
aa:c5:c8:a3:5a:27:35:d2:0e:05:8e:6b:17:f1:c3:60:e2:4f:
0a:fa:de:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9mCjhnyRclsmMwWunvwAaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTExMDUwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDYxMGMzMzgzYTdhMjA1M2Y5ZTlmN2UwOGVlNmMwZjY1MmUyNDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYQwspg3ZSfDHlinmWDBuW432I2D
pNXmK9X5+3ev1B/batI/CyFVLNf1ltXHg4k0j5OmzW5KSl1yhCgTiq43AtfsbcNF
Ggi0FbzjJGvYsCAuDiSZI24bczLnQ/vDppXd7rQEnKy0r9NskG69xSbnYL4BvCWs
G4pQFRSCJXzWxxNuvRHVV8KGmGRowe3pIT+lH7Cee1h3PmrY9OgKEnTJmxnTOQ5u
9bReX6kRQkzuxVu3wS7gbJ4NTOr63RnBdHlZNtyQ8bQ41gGaLdvbWmjn+4kWTNwX
zbEFHWiDhWIz6IPchk2G7ppVKqLuXBwJmCHarsZcBLMaY7zzM/p3RLXIJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB1hDDODp6IFP56ffgjubA9lLiQTMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvSFdFTU00T25vZ1VfbnA5LUNPNXNEMlV1SkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANK/r2sbDT2tGFKUOift
u1xR8WAf7XVnrzntK47i084eHfmYaQtRFXJInfmhGyP1v+v9VWdkJ3mzT7YkrbkW
cF2b97g+KEff/dU3Y8Lz/6IopzUg+XXfGZmFG1x67TAZZBW0ukUiGwgHN2H4i2Uk
R8BKfdhRIVfCW07cD2X3aT9s/pgDAGklJeRi2wzVYe6bU/yviDy3Dj5ZvGW3FWLT
jbvpgkMKrVQa+hMjqD19MapY+K3eP9wLwRxNWzRhmrhtxG3sVmh98PNB4LH5ZSt8
mfY/cPtx0dxw6Vsd403UGIHYYJ74leB/C/pJx6rFyKNaJzXSDgWOaxfxw2DiTwr6
3mU=
-----END CERTIFICATE-----
Generated at Fri May 9 10:27:08 2025 by rpki-client