Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/I3rNKwXAwEMTmBHZnkY6TSizCeQ.roa
File: I3rNKwXAwEMTmBHZnkY6TSizCeQ.roa (raw, json)
Hash identifier: bUf8Lp6PhXDTzmycBJt+XQ3RGlZwpi/Hf97AmQrxXsA=
Subject key identifier: 23:7A:CD:2B:05:C0:C0:43:13:98:11:D9:9E:46:3A:4D:28:B3:09:E4
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F8151104F61D5692E77657C5C538316C3
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/I3rNKwXAwEMTmBHZnkY6TSizCeQ.roa
Signing time: Thu 16 May 2024 12:12:04 +0000
ROA not before: Thu 16 May 2024 12:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:51:10:4f:61:d5:69:2e:77:65:7c:5c:53:83:16:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 16 12:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=237acd2b05c0c043139811d99e463a4d28b309e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0e:a4:bd:7f:9f:41:1e:11:c1:fe:28:3d:c7:
c0:78:d7:a0:8f:83:dc:44:a9:8f:28:03:9f:b3:dc:
29:4c:c1:01:9c:1a:e7:9e:34:b1:38:33:ae:f8:27:
32:9a:98:ab:6d:75:03:00:26:72:5c:9c:25:d4:22:
a1:6b:4d:98:08:b6:2a:a5:a0:1c:68:68:68:1c:56:
ef:c7:01:5a:50:1f:d0:7b:01:00:ac:1f:4c:90:73:
f3:60:67:1a:db:ac:e4:02:c8:6c:35:2b:95:f9:28:
62:4b:d0:c5:20:52:e7:85:52:9f:0a:28:c7:1a:40:
aa:7b:4c:52:e9:c5:03:43:0a:32:1c:26:b5:26:81:
60:e6:a4:ad:66:bf:e1:eb:98:71:f8:9c:80:f2:80:
82:12:dc:4b:f7:f3:8e:f4:6c:da:44:8c:88:ac:27:
4d:3b:98:b6:c6:cb:7e:78:be:77:75:8c:87:0c:9c:
d1:66:b0:72:fc:7f:0b:a4:33:1a:d0:c6:a4:4d:fa:
6b:8e:0d:8b:d9:ce:fe:9b:6f:c0:70:2d:72:d3:c5:
5f:3f:88:ca:c7:38:63:64:d9:4d:b5:b9:bf:9e:95:
ed:70:5d:36:f0:6e:de:b9:ba:0c:cb:47:85:a6:eb:
8a:65:59:f6:57:b2:91:56:5d:a8:f9:2c:7e:a6:62:
93:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7A:CD:2B:05:C0:C0:43:13:98:11:D9:9E:46:3A:4D:28:B3:09:E4
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/I3rNKwXAwEMTmBHZnkY6TSizCeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:c5:e1:d1:48:02:48:8f:50:50:2f:78:fc:70:48:73:55:0a:
c3:2f:7a:15:a1:24:40:eb:21:b9:fe:24:01:b5:8e:6a:54:65:
c1:94:b5:23:50:08:0f:e1:2c:0a:46:76:44:83:ab:fd:c5:28:
8f:6e:0d:97:09:c4:a8:57:d7:00:38:a7:bf:3b:25:c8:4f:60:
1c:f4:85:74:94:50:79:00:f0:03:ca:31:ce:65:68:90:73:cc:
f1:1e:9e:9d:19:0e:fd:04:a4:99:44:4d:03:0a:08:52:82:05:
8e:e7:2c:d7:a2:bd:d7:04:b0:83:7a:15:cc:08:c6:ca:47:9d:
7e:eb:76:35:d2:f5:97:02:b6:60:b4:6d:e8:02:75:f0:09:de:
9b:fe:88:50:36:cb:63:74:df:e0:e8:2a:8a:81:59:e3:a9:7e:
eb:1a:6e:e9:eb:c4:1a:87:36:b7:20:94:1f:62:47:1a:ed:10:
b0:97:2a:25:5e:3b:44:50:55:e9:c6:ba:ce:0a:e7:11:20:93:
9a:ce:25:68:58:5c:32:5d:32:fc:eb:a9:83:d7:5c:bf:d2:a5:
ce:15:ef:6b:f5:c2:98:a3:52:80:08:c4:fe:dd:b9:1c:4e:f4:
08:fa:c4:52:dc:1f:96:d6:e0:41:d6:f8:93:13:aa:f3:ac:61:
89:93:a1:9c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+BURBPYdVpLndlfFxTgxbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE2MTIxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzdhY2QyYjA1YzBjMDQzMTM5ODExZDk5ZTQ2M2E0ZDI4YjMwOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzA6kvX+fQR4Rwf4oPcfAeNegj4Pc
RKmPKAOfs9wpTMEBnBrnnjSxODOu+CcympirbXUDACZyXJwl1CKha02YCLYqpaAc
aGhoHFbvxwFaUB/QewEArB9MkHPzYGca26zkAshsNSuV+ShiS9DFIFLnhVKfCijH
GkCqe0xS6cUDQwoyHCa1JoFg5qStZr/h65hx+JyA8oCCEtxL9/OO9GzaRIyIrCdN
O5i2xst+eL53dYyHDJzRZrBy/H8LpDMa0MakTfprjg2L2c7+m2/AcC1y08VfP4jK
xzhjZNlNtbm/npXtcF028G7euboMy0eFpuuKZVn2V7KRVl2o+Sx+pmKTkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCN6zSsFwMBDE5gR2Z5GOk0oswnkMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvSTNyTkt3WEF3RU1UbUJIWm5rWTZUU2l6Q2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD7F4dFIAkiPUFAvePxw
SHNVCsMvehWhJEDrIbn+JAG1jmpUZcGUtSNQCA/hLApGdkSDq/3FKI9uDZcJxKhX
1wA4p787JchPYBz0hXSUUHkA8APKMc5laJBzzPEenp0ZDv0EpJlETQMKCFKCBY7n
LNeivdcEsIN6FcwIxspHnX7rdjXS9ZcCtmC0begCdfAJ3pv+iFA2y2N03+DoKoqB
WeOpfusabunrxBqHNrcglB9iRxrtELCXKiVeO0RQVenGus4K5xEgk5rOJWhYXDJd
MvzrqYPXXL/Spc4V72v1wpijUoAIxP7duRxO9Aj6xFLcH5bW4EHW+JMTqvOsYYmT
oZw=
-----END CERTIFICATE-----
Generated at Sun May 11 19:57:36 2025 by rpki-client