Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/PDDYp-PxA0pOnDScvcPMIhZG_-s.roa
File: PDDYp-PxA0pOnDScvcPMIhZG_-s.roa (raw, json)
Hash identifier: xSy0eoGKgxxmxSIkDvi1jmunxybUKK9J/n4lUORoNDw=
Subject key identifier: 3C:30:D8:A7:E3:F1:03:4A:4E:9C:34:9C:BD:C3:CC:22:16:46:FF:EB
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F21D4D4231C3B68474CA446B1E41DDCF4
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/PDDYp-PxA0pOnDScvcPMIhZG_-s.roa
Signing time: Sat 27 Apr 2024 23:12:26 +0000
ROA not before: Sat 27 Apr 2024 23:12:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:21:d4:d4:23:1c:3b:68:47:4c:a4:46:b1:e4:1d:dc:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 27 23:12:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c30d8a7e3f1034a4e9c349cbdc3cc221646ffeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:00:14:a6:1d:f1:21:56:0b:d4:fb:1f:32:6b:
4e:ef:46:06:39:1b:0e:07:ea:53:0c:95:3c:6b:04:
6e:7c:86:7d:63:07:ec:23:10:03:6d:f5:9c:7a:5d:
a0:55:4a:f4:91:ce:45:53:ac:b9:34:73:70:df:73:
b5:65:ac:fd:b4:3d:b0:8c:5d:0e:a6:6a:e8:6e:ff:
c3:6e:c6:2a:65:3e:97:f2:a4:f0:fa:13:45:b5:29:
2a:97:f5:64:9d:c3:04:37:07:40:78:6a:93:0f:70:
ed:1a:c1:54:23:12:91:31:b8:5f:f9:26:f6:f7:ce:
03:5c:54:04:37:97:9c:b7:6f:0e:1b:6e:ff:41:f8:
8e:62:8d:e9:f0:b0:7a:e4:58:87:08:53:2f:42:e3:
c2:78:9b:3d:1b:58:75:60:75:d9:fc:fb:95:4f:2f:
5b:97:09:c3:ae:9d:75:41:c9:3f:39:e6:be:64:eb:
a2:dc:a5:34:d7:18:c9:87:b8:d9:c1:2c:2e:00:cd:
20:e7:01:51:fb:d8:70:66:fd:af:11:bb:ee:f8:b4:
0d:be:9b:2b:0d:f9:a4:02:96:f2:fd:74:87:7a:f7:
07:a6:fc:cb:2f:62:e6:9e:47:c4:53:5b:18:43:93:
c3:0b:ed:44:07:38:81:31:28:80:bc:09:9e:90:9c:
37:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:30:D8:A7:E3:F1:03:4A:4E:9C:34:9C:BD:C3:CC:22:16:46:FF:EB
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/PDDYp-PxA0pOnDScvcPMIhZG_-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
8b:4f:64:eb:ec:9a:0e:76:02:ec:cc:ee:42:d1:d1:e1:4c:83:
ce:9f:1b:02:f2:65:49:e0:a8:ee:be:44:86:ac:7c:d4:48:a7:
d0:fa:93:10:3d:a2:f0:ca:70:f2:de:2c:cf:99:04:28:c6:35:
42:8d:17:16:1b:b0:f7:cc:94:ad:b9:58:4c:06:74:d2:1f:ca:
a3:7b:f2:4c:65:d3:67:25:ee:72:fc:98:30:eb:05:ea:90:4d:
89:c0:d7:89:56:a6:06:e9:62:b6:8d:a8:78:e0:db:56:65:5a:
86:d2:2b:ef:d2:ce:53:2c:30:1f:28:2d:e6:8d:6a:ae:12:48:
72:9d:5f:e6:d6:0e:71:06:aa:0d:64:74:06:10:da:60:3c:90:
d9:51:5e:ee:af:bc:68:1e:ba:ca:0f:13:a0:da:92:00:02:fe:
92:16:42:d8:e8:c9:a8:e6:c1:ca:64:86:3f:3f:3a:27:eb:6c:
4a:f5:03:d2:98:6e:35:c0:b6:8d:cd:dd:d0:a1:fc:99:b1:73:
fd:e9:f3:0c:81:56:af:ef:b2:23:6d:6b:42:df:02:aa:6f:71:
aa:3a:5c:7a:db:22:74:a5:4c:88:62:96:0e:07:d9:9d:f6:3c:
d4:72:20:60:a1:33:e3:70:31:3a:75:e0:b0:77:20:fa:8f:ca:
ed:d7:48:cf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8h1NQjHDtoR0ykRrHkHdz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI3MjMxMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzMwZDhhN2UzZjEwMzRhNGU5YzM0OWNiZGMzY2MyMjE2NDZmZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQAUph3xIVYL1PsfMmtO70YGORsO
B+pTDJU8awRufIZ9YwfsIxADbfWcel2gVUr0kc5FU6y5NHNw33O1Zaz9tD2wjF0O
pmrobv/DbsYqZT6X8qTw+hNFtSkql/VkncMENwdAeGqTD3DtGsFUIxKRMbhf+Sb2
984DXFQEN5ect28OG27/QfiOYo3p8LB65FiHCFMvQuPCeJs9G1h1YHXZ/PuVTy9b
lwnDrp11Qck/Oea+ZOui3KU01xjJh7jZwSwuAM0g5wFR+9hwZv2vEbvu+LQNvpsr
DfmkApby/XSHevcHpvzLL2LmnkfEU1sYQ5PDC+1EBziBMSiAvAmekJw33wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDww2Kfj8QNKTpw0nL3DzCIWRv/rMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUEREWXAtUHhBMHBPbkRTY3ZjUE1JaFpHXy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQCLT2Tr
7JoOdgLszO5C0dHhTIPOnxsC8mVJ4KjuvkSGrHzUSKfQ+pMQPaLwynDy3izPmQQo
xjVCjRcWG7D3zJStuVhMBnTSH8qje/JMZdNnJe5y/Jgw6wXqkE2JwNeJVqYG6WK2
jah44NtWZVqG0ivv0s5TLDAfKC3mjWquEkhynV/m1g5xBqoNZHQGENpgPJDZUV7u
r7xoHrrKDxOg2pIAAv6SFkLY6Mmo5sHKZIY/Pzon62xK9QPSmG41wLaNzd3QofyZ
sXP96fMMgVav77IjbWtC3wKqb3GqOlx62yJ0pUyIYpYOB9md9jzUciBgoTPjcDE6
deCwdyD6j8rt10jP
-----END CERTIFICATE-----
Generated at Sun May 11 22:15:54 2025 by rpki-client