Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/LPncNnuHJpIhtSA_o-2s1D1MtS0.roa
File: LPncNnuHJpIhtSA_o-2s1D1MtS0.roa (raw, json)
Hash identifier: Pu37ONZBzzc8mTnEeam39eoGJ/95ZVfocm45QeEfJRU=
Subject key identifier: 2C:F9:DC:36:7B:87:26:92:21:B5:20:3F:A3:ED:AC:D4:3D:4C:B5:2D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5A436388803A40370F5DDB9E1A3C1CB6
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/LPncNnuHJpIhtSA_o-2s1D1MtS0.roa
Signing time: Wed 08 May 2024 22:11:56 +0000
ROA not before: Wed 08 May 2024 22:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5a:43:63:88:80:3a:40:37:0f:5d:db:9e:1a:3c:1c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 8 22:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cf9dc367b87269221b5203fa3edacd43d4cb52d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:06:15:6b:78:d8:db:3f:c8:83:aa:61:4a:bc:
56:d4:aa:ca:84:46:9e:7a:bf:10:3b:4d:7e:ff:5f:
df:ef:29:05:19:5d:15:42:85:47:f0:2e:42:de:54:
e8:9e:a5:80:4f:d9:94:00:34:40:df:6f:58:e9:6e:
6a:b1:ae:ec:7f:63:6c:09:fa:b0:f3:dd:6d:11:0b:
98:6c:08:2e:ec:88:89:87:b9:93:d3:7d:ec:17:d9:
e9:e5:30:77:d0:a6:a0:bd:61:cd:11:e7:6b:03:73:
ac:ad:76:46:ae:94:00:36:f3:01:db:d6:b6:d0:0f:
c2:3a:1b:c2:d2:eb:60:21:9b:8c:1d:30:b3:19:ee:
24:ce:a5:55:f3:30:c8:78:ad:d8:00:ae:3d:74:da:
af:ba:64:0e:89:a3:34:9b:55:3c:ba:28:bc:36:9e:
f1:b4:53:a0:e7:31:ea:f0:79:9e:a9:79:fa:05:b9:
15:39:42:46:0e:2d:f6:98:5f:fa:0a:b9:fb:9d:9a:
cf:4c:03:b0:a0:f6:5b:14:45:14:ed:a7:17:f3:d1:
2b:ad:10:60:f9:3d:13:50:dd:ef:2f:0e:2a:eb:93:
24:8f:33:e8:68:bb:5d:76:17:8c:84:d1:6e:16:26:
0f:04:40:f3:73:4c:2b:0d:83:ea:89:5c:8e:db:07:
df:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:F9:DC:36:7B:87:26:92:21:B5:20:3F:A3:ED:AC:D4:3D:4C:B5:2D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/LPncNnuHJpIhtSA_o-2s1D1MtS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:09:fb:24:9c:55:e8:7d:d0:9d:49:14:95:b9:75:9b:0a:36:
45:4c:31:f0:5e:ad:b5:9f:96:1a:cc:f6:6f:c1:29:75:7f:ab:
4a:3e:bc:e4:36:9a:45:b1:14:7b:84:da:19:6f:b6:7e:4c:13:
67:42:21:af:09:5c:1b:c8:47:74:4a:f4:0d:a5:c2:8c:39:71:
e2:ed:fe:cf:9e:97:a3:3b:55:87:9d:31:62:01:1f:f9:a2:5c:
a9:be:39:02:a7:14:a5:e4:75:51:21:79:86:f5:2b:13:42:82:
f9:64:7d:21:55:84:7b:6b:37:03:39:84:d0:0c:ef:4a:3b:d0:
13:5a:8a:db:af:79:f3:39:6a:06:0e:02:7e:e8:9e:85:62:31:
30:5e:e5:66:92:c0:8f:14:b6:19:51:09:af:79:4b:c1:c3:6f:
18:c0:c5:7a:6a:15:b8:7b:14:19:45:77:16:17:87:e5:e2:d9:
c2:18:1d:28:5e:57:4c:b5:76:06:6a:45:41:f6:01:36:91:c5:
48:25:21:42:51:e4:ed:3f:74:62:30:f7:0f:dd:40:f3:9c:b4:
88:c0:3a:09:f2:f0:43:65:44:27:e6:c8:d3:2e:01:27:bb:59:
d8:f9:b1:d7:81:e4:ed:c2:7c:5a:95:80:7b:e7:0e:ce:55:40:
fc:34:7f:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9aQ2OIgDpANw9d254aPBy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA4MjIxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2Y5ZGMzNjdiODcyNjkyMjFiNTIwM2ZhM2VkYWNkNDNkNGNiNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AYVa3jY2z/Ig6phSrxW1KrKhEae
er8QO01+/1/f7ykFGV0VQoVH8C5C3lTonqWAT9mUADRA329Y6W5qsa7sf2NsCfqw
891tEQuYbAgu7IiJh7mT033sF9np5TB30KagvWHNEedrA3OsrXZGrpQANvMB29a2
0A/COhvC0utgIZuMHTCzGe4kzqVV8zDIeK3YAK49dNqvumQOiaM0m1U8uii8Np7x
tFOg5zHq8HmeqXn6BbkVOUJGDi32mF/6Crn7nZrPTAOwoPZbFEUU7acX89ErrRBg
+T0TUN3vLw4q65MkjzPoaLtddheMhNFuFiYPBEDzc0wrDYPqiVyO2wffYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCz53DZ7hyaSIbUgP6PtrNQ9TLUtMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvTFBuY05udUhKcElodFNBX28tMnMxRDFNdFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHIJ+yScVeh90J1JFJW5
dZsKNkVMMfBerbWflhrM9m/BKXV/q0o+vOQ2mkWxFHuE2hlvtn5ME2dCIa8JXBvI
R3RK9A2lwow5ceLt/s+el6M7VYedMWIBH/miXKm+OQKnFKXkdVEheYb1KxNCgvlk
fSFVhHtrNwM5hNAM70o70BNaituvefM5agYOAn7onoViMTBe5WaSwI8UthlRCa95
S8HDbxjAxXpqFbh7FBlFdxYXh+Xi2cIYHSheV0y1dgZqRUH2ATaRxUglIUJR5O0/
dGIw9w/dQPOctIjAOgny8ENlRCfmyNMuASe7Wdj5sdeB5O3CfFqVgHvnDs5VQPw0
fyo=
-----END CERTIFICATE-----
Generated at Fri May 9 00:53:47 2025 by rpki-client