Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ZXB20drYsqPc7C-nHsS5JqbmApQ.roa
File: ZXB20drYsqPc7C-nHsS5JqbmApQ.roa (raw, json)
Hash identifier: OutjVgZttNKjeqYocINfQsMFf1GsUDFeXaFHoXmhs7U=
Subject key identifier: 65:70:76:D1:DA:D8:B2:A3:DC:EC:2F:A7:1E:C4:B9:26:A6:E6:02:94
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F6979203A264B29EDD1C0F0D45BBF18CC
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ZXB20drYsqPc7C-nHsS5JqbmApQ.roa
Signing time: Sat 11 May 2024 21:04:56 +0000
ROA not before: Sat 11 May 2024 21:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:6978:89f8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:69:79:20:3a:26:4b:29:ed:d1:c0:f0:d4:5b:bf:18:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 11 21:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=657076d1dad8b2a3dcec2fa71ec4b926a6e60294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:73:bb:71:41:a2:d4:6f:9e:6a:ab:14:ba:32:
5f:b5:b0:b1:ba:ca:0a:3d:c4:f5:51:5b:a4:f6:f8:
d3:4d:bb:bc:17:26:71:3c:6e:07:86:63:d3:cf:39:
ee:fa:27:52:a8:29:12:2d:ac:6b:11:c1:de:4a:da:
d6:9d:24:ef:c7:c7:55:d9:ab:9e:3a:e8:98:26:4f:
1f:ab:a8:e0:71:06:71:ce:93:b9:3d:6b:f2:48:9a:
03:9e:aa:10:a9:be:2f:a6:1c:3f:d4:f3:61:6f:a6:
65:ff:be:eb:82:64:4a:96:94:39:ae:f3:56:76:bc:
68:67:6f:92:58:f4:e5:69:51:bf:a9:51:78:a2:b2:
25:14:61:11:8b:27:98:58:4b:96:58:01:80:91:fb:
b1:d0:1e:a6:60:44:c7:69:4c:40:2d:30:2b:37:93:
4e:9d:52:f5:5a:57:00:79:f9:fb:93:ec:30:f8:62:
56:61:cd:73:bb:89:0c:b9:39:bf:5f:b5:44:c9:98:
fa:5c:06:1c:f4:54:4e:03:77:03:79:e4:90:7e:e5:
c9:57:b3:95:bb:61:8f:1d:2c:2f:b0:bc:bd:fd:68:
f2:e5:bd:36:1a:d1:c2:55:28:03:b6:f4:33:67:fc:
58:aa:07:8a:cf:5a:d9:87:ec:1b:5f:80:2a:b1:41:
c2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:70:76:D1:DA:D8:B2:A3:DC:EC:2F:A7:1E:C4:B9:26:A6:E6:02:94
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ZXB20drYsqPc7C-nHsS5JqbmApQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
08:87:1a:64:a0:08:3b:cd:5a:1c:92:6c:5b:b4:d7:99:19:dd:
a3:cd:9b:ee:06:a4:d2:a5:2b:1a:12:c7:aa:ae:c9:0c:a6:42:
33:70:bc:60:71:f7:08:2d:b5:d9:3a:74:2b:1e:a9:b9:32:bd:
26:12:68:7a:c6:a8:c5:31:85:a3:98:31:70:9a:e9:a6:cc:0a:
1b:aa:26:a3:fa:dd:f5:97:fd:05:15:a0:2a:31:7f:19:5d:90:
af:59:37:62:0f:5e:17:31:47:b3:96:d3:f5:97:08:64:d5:f8:
96:c9:65:dc:42:34:dd:8e:68:5f:90:11:58:40:2e:9d:78:08:
c0:d1:71:0a:3c:27:e3:35:85:6b:d4:10:fe:99:b7:ec:c5:13:
28:21:2b:01:dd:44:db:91:d1:71:ae:20:9e:3f:83:10:e9:d6:
c3:f4:d5:9d:11:af:01:82:9d:81:2c:2f:98:12:64:b9:ed:85:
85:8d:30:a9:73:7c:0a:94:9c:2c:14:3a:96:d7:9c:ab:50:76:
d6:e3:ad:18:c5:44:6e:d6:ed:24:8c:c0:56:0d:4c:ab:07:fe:
60:c5:67:b0:c5:22:9e:ad:67:55:b1:a4:65:0b:af:78:92:56:
1c:1a:09:08:8d:15:08:ef:60:e0:4e:6f:b0:e0:43:6d:c1:ac:
f9:0b:cb:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9peSA6Jksp7dHA8NRbvxjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTExMjEwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTcwNzZkMWRhZDhiMmEzZGNlYzJmYTcxZWM0YjkyNmE2ZTYwMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHO7cUGi1G+eaqsUujJftbCxusoK
PcT1UVuk9vjTTbu8FyZxPG4HhmPTzznu+idSqCkSLaxrEcHeStrWnSTvx8dV2aue
OuiYJk8fq6jgcQZxzpO5PWvySJoDnqoQqb4vphw/1PNhb6Zl/77rgmRKlpQ5rvNW
drxoZ2+SWPTlaVG/qVF4orIlFGERiyeYWEuWWAGAkfux0B6mYETHaUxALTArN5NO
nVL1WlcAefn7k+ww+GJWYc1zu4kMuTm/X7VEyZj6XAYc9FROA3cDeeSQfuXJV7OV
u2GPHSwvsLy9/Wjy5b02GtHCVSgDtvQzZ/xYqgeKz1rZh+wbX4AqsUHCxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGVwdtHa2LKj3Owvpx7EuSam5gKUMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvWlhCMjBkcllzcVBjN0MtbkhzUzVKcWJtQXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAiHGmSgCDvNWhySbFu0
15kZ3aPNm+4GpNKlKxoSx6quyQymQjNwvGBx9wgttdk6dCseqbkyvSYSaHrGqMUx
haOYMXCa6abMChuqJqP63fWX/QUVoCoxfxldkK9ZN2IPXhcxR7OW0/WXCGTV+JbJ
ZdxCNN2OaF+QEVhALp14CMDRcQo8J+M1hWvUEP6Zt+zFEyghKwHdRNuR0XGuIJ4/
gxDp1sP01Z0RrwGCnYEsL5gSZLnthYWNMKlzfAqUnCwUOpbXnKtQdtbjrRjFRG7W
7SSMwFYNTKsH/mDFZ7DFIp6tZ1WxpGULr3iSVhwaCQiNFQjvYOBOb7DgQ23BrPkL
y9g=
-----END CERTIFICATE-----
Generated at Fri May 9 01:48:55 2025 by rpki-client