Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/VF19GeIBfDOMBooyUpaBkS_LKLM.roa
File: VF19GeIBfDOMBooyUpaBkS_LKLM.roa (raw, json)
Hash identifier: gaVNX+d+6iZaqZd0SDkD7uaCW1zsX4/VIYM6uYpAe+M=
Subject key identifier: 54:5D:7D:19:E2:01:7C:33:8C:06:8A:32:52:96:81:91:2F:CB:28:B3
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F630F9655A8A3E484AF22D41C8EA1D114
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/VF19GeIBfDOMBooyUpaBkS_LKLM.roa
Signing time: Fri 10 May 2024 15:11:56 +0000
ROA not before: Fri 10 May 2024 15:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:63:0f:96:55:a8:a3:e4:84:af:22:d4:1c:8e:a1:d1:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 10 15:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=545d7d19e2017c338c068a32529681912fcb28b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e3:ba:23:9f:02:73:7a:99:a5:d3:ed:21:d6:
08:0b:2c:96:6e:41:30:88:fa:f2:3d:06:1b:77:28:
82:98:a9:a9:bb:67:c3:00:02:3d:50:af:99:64:4a:
70:78:83:8b:cc:f6:14:79:54:07:98:78:c5:c9:0c:
5f:d1:fe:24:40:e7:41:56:52:c6:11:c3:b6:d5:1c:
be:6a:af:02:08:bf:22:75:15:9d:dd:77:f8:bc:c4:
57:a2:4d:a5:23:d1:5d:8c:0f:dc:3b:d4:00:52:6e:
43:ff:c0:d6:85:96:3a:7a:ed:23:d4:c9:c4:07:f1:
2d:b2:7f:1a:1d:ac:9e:ab:b8:aa:4d:1b:66:1e:6a:
6f:68:60:29:1d:85:07:84:2e:aa:60:6f:69:87:db:
03:16:ce:ac:35:50:0f:26:e9:47:50:cf:7b:46:36:
d5:41:f9:44:21:33:57:72:da:5f:4a:4b:3f:a6:cb:
fc:6c:52:ce:9c:5c:6d:28:1c:ce:78:09:c6:07:bf:
9c:5a:45:ef:86:a8:7d:4a:a2:96:0c:41:7e:4b:2a:
79:20:9d:fc:8a:bb:83:bf:e6:76:4b:ca:14:7d:f8:
76:e3:68:55:72:f1:bf:2b:3f:a7:a8:2f:d0:54:14:
cb:e5:33:48:e3:da:b0:e7:7f:b9:34:9f:ed:80:3b:
0f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:5D:7D:19:E2:01:7C:33:8C:06:8A:32:52:96:81:91:2F:CB:28:B3
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/VF19GeIBfDOMBooyUpaBkS_LKLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:d9:47:6a:36:60:fa:4a:c8:95:1a:70:10:88:d0:32:ff:ba:
71:61:b1:02:b1:0f:52:5e:18:32:8c:c9:76:b6:a2:58:71:1e:
5c:57:ba:ad:62:03:63:5c:fa:28:7c:0c:55:ab:97:7e:ef:f6:
4f:11:1a:20:78:c7:da:4a:15:1a:f4:eb:e4:0b:88:9c:b9:68:
0e:73:27:de:42:9b:f4:21:34:95:39:7c:2f:c3:d7:e4:c9:53:
5e:7c:68:9a:e3:09:4d:df:a9:36:22:47:72:bb:ec:d4:9d:5e:
29:6c:66:16:b3:34:75:1b:09:cb:09:de:ba:2c:b7:d6:47:e9:
97:3e:0b:aa:16:52:a8:d3:e4:72:11:18:08:92:61:fa:cc:10:
20:c9:04:36:b0:2f:01:b3:ba:49:18:e4:74:12:b0:a3:a6:09:
8a:cf:ef:e1:e1:85:50:6a:2e:46:c9:c4:31:65:2a:07:3e:9d:
78:0f:7a:be:51:49:74:7a:41:53:14:f5:06:41:28:7b:a0:1a:
f1:42:17:1f:78:77:44:5e:66:f5:ed:e4:8d:37:f9:fa:b0:4e:
1d:1f:32:8f:e8:47:67:e7:34:c0:b8:fb:b7:89:7f:c5:07:3e:
c6:b7:bc:a7:18:2d:30:2e:89:c4:8e:16:dc:7d:b6:48:a6:a3:
f9:10:6f:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9jD5ZVqKPkhK8i1ByOodEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEwMTUxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDVkN2QxOWUyMDE3YzMzOGMwNjhhMzI1Mjk2ODE5MTJmY2IyOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquO6I58Cc3qZpdPtIdYICyyWbkEw
iPryPQYbdyiCmKmpu2fDAAI9UK+ZZEpweIOLzPYUeVQHmHjFyQxf0f4kQOdBVlLG
EcO21Ry+aq8CCL8idRWd3Xf4vMRXok2lI9FdjA/cO9QAUm5D/8DWhZY6eu0j1MnE
B/Etsn8aHayeq7iqTRtmHmpvaGApHYUHhC6qYG9ph9sDFs6sNVAPJulHUM97RjbV
QflEITNXctpfSks/psv8bFLOnFxtKBzOeAnGB7+cWkXvhqh9SqKWDEF+Syp5IJ38
iruDv+Z2S8oUffh242hVcvG/Kz+nqC/QVBTL5TNI49qw53+5NJ/tgDsPUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFRdfRniAXwzjAaKMlKWgZEvyyizMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvVkYxOUdlSUJmRE9NQm9veVVwYUJrU19MS0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHfZR2o2YPpKyJUacBCI
0DL/unFhsQKxD1JeGDKMyXa2olhxHlxXuq1iA2Nc+ih8DFWrl37v9k8RGiB4x9pK
FRr06+QLiJy5aA5zJ95Cm/QhNJU5fC/D1+TJU158aJrjCU3fqTYiR3K77NSdXils
ZhazNHUbCcsJ3rost9ZH6Zc+C6oWUqjT5HIRGAiSYfrMECDJBDawLwGzukkY5HQS
sKOmCYrP7+HhhVBqLkbJxDFlKgc+nXgPer5RSXR6QVMU9QZBKHugGvFCFx94d0Re
ZvXt5I03+fqwTh0fMo/oR2fnNMC4+7eJf8UHPsa3vKcYLTAuicSOFtx9tkimo/kQ
b4A=
-----END CERTIFICATE-----
Generated at Fri May 9 01:03:09 2025 by rpki-client