Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/bOdGcB1zGAVvMVmJLjiw56k2PP0.roa
File: bOdGcB1zGAVvMVmJLjiw56k2PP0.roa (raw, json)
Hash identifier: NceT6M+OIkoUq6IkEmrANAWt+xuoWfpWvK4SOIxSaLo=
Subject key identifier: 6C:E7:46:70:1D:73:18:05:6F:31:59:89:2E:38:B0:E7:A9:36:3C:FD
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F1FE66FFD7C8DE18E33C786F2E5DDA8B0
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/bOdGcB1zGAVvMVmJLjiw56k2PP0.roa
Signing time: Sat 27 Apr 2024 14:12:26 +0000
ROA not before: Sat 27 Apr 2024 14:12:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1f:e6:6f:fd:7c:8d:e1:8e:33:c7:86:f2:e5:dd:a8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 27 14:12:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ce746701d7318056f3159892e38b0e7a9363cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:67:c0:87:e2:11:6d:ff:8c:d2:c5:03:a4:bc:
d3:4c:d8:95:bd:64:07:72:e7:0f:5a:e9:72:48:4b:
68:1f:f5:71:ba:c6:58:24:02:70:20:64:4f:69:cf:
b8:a1:a0:a8:f0:c3:11:1a:2a:51:fc:45:7d:08:e6:
ee:5e:a3:9e:9e:87:f6:34:a1:07:23:6c:7b:83:2c:
86:37:25:38:39:c9:06:81:1a:c4:18:75:dd:1e:df:
29:33:c5:17:cb:c4:0d:20:9a:83:a9:28:ec:2f:93:
ee:3c:da:ec:5a:81:f9:c5:e6:f1:ad:0d:6c:ed:9f:
46:b9:e4:f8:3f:8c:d5:06:0c:63:88:64:40:33:28:
f6:06:ec:8f:8e:79:37:26:b3:69:dd:6f:ca:8c:0e:
c0:3b:6b:01:c8:03:d2:68:27:52:78:81:bb:78:0f:
10:0e:9c:2e:a2:ff:d6:69:30:b0:d3:95:a3:27:60:
35:75:0b:9e:fd:e4:39:9b:e4:5c:10:0d:d4:50:86:
93:c2:ab:e0:8c:f7:9e:3c:56:94:96:16:7c:f7:32:
64:d4:b3:55:41:fc:b3:18:42:26:74:17:f8:ef:b4:
d9:5b:85:65:94:14:10:30:75:28:f1:fe:cc:6f:af:
52:1e:07:e4:2a:01:b1:bc:43:18:45:00:5e:df:eb:
bf:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E7:46:70:1D:73:18:05:6F:31:59:89:2E:38:B0:E7:A9:36:3C:FD
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/bOdGcB1zGAVvMVmJLjiw56k2PP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
02:3d:a9:af:e0:da:79:43:19:ed:a7:1c:79:52:03:79:e9:9a:
97:fd:f8:e3:fd:2d:53:cd:01:f8:70:f5:e2:a7:eb:e0:28:e7:
f4:b3:c8:c0:bb:cf:65:2e:b3:6c:de:89:52:51:3d:4d:81:7e:
7b:84:02:58:ce:13:74:79:b1:47:9a:c2:3c:cf:3b:a3:4b:0c:
18:fb:e1:1c:5e:95:9d:3b:68:2d:8f:37:02:73:49:9c:28:76:
6f:15:d3:00:9a:0c:02:d1:af:44:8a:01:77:c4:8e:9c:5d:ac:
d0:65:03:60:ec:e2:87:83:10:3d:fc:d5:49:95:a9:86:61:c2:
c4:ce:3e:ec:7f:4b:96:2f:b1:d4:52:05:af:20:7e:3e:e1:4b:
cb:24:27:b9:68:0b:94:82:e7:53:3f:48:69:1e:0b:84:fe:12:
50:f1:88:ad:09:16:4e:ec:a5:8e:cb:87:8e:e6:9d:8e:e7:50:
7a:f7:f1:98:16:d9:35:12:a5:3d:02:a7:ad:b5:90:81:4b:71:
ad:76:26:6e:de:c4:fe:dd:e2:8f:01:ad:65:65:f6:06:ca:7f:
53:b9:ff:84:a9:86:ce:4b:07:32:58:d9:45:af:9d:e8:51:00:
1b:92:1f:8e:3c:3e:5b:2e:23:8e:33:f8:9f:af:3f:10:af:3b:
f3:71:b6:88
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8f5m/9fI3hjjPHhvLl3aiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI3MTQxMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2U3NDY3MDFkNzMxODA1NmYzMTU5ODkyZTM4YjBlN2E5MzYzY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGfAh+IRbf+M0sUDpLzTTNiVvWQH
cucPWulySEtoH/VxusZYJAJwIGRPac+4oaCo8MMRGipR/EV9CObuXqOenof2NKEH
I2x7gyyGNyU4OckGgRrEGHXdHt8pM8UXy8QNIJqDqSjsL5PuPNrsWoH5xebxrQ1s
7Z9GueT4P4zVBgxjiGRAMyj2BuyPjnk3JrNp3W/KjA7AO2sByAPSaCdSeIG7eA8Q
Dpwuov/WaTCw05WjJ2A1dQue/eQ5m+RcEA3UUIaTwqvgjPeePFaUlhZ89zJk1LNV
QfyzGEImdBf477TZW4VllBQQMHUo8f7Mb69SHgfkKgGxvEMYRQBe3+u/kwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGznRnAdcxgFbzFZiS44sOepNjz9MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvYk9kR2NCMXpHQVZ2TVZtSkxqaXc1NmsyUFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQACPamv
4Np5Qxntpxx5UgN56ZqX/fjj/S1TzQH4cPXip+vgKOf0s8jAu89lLrNs3olSUT1N
gX57hAJYzhN0ebFHmsI8zzujSwwY++EcXpWdO2gtjzcCc0mcKHZvFdMAmgwC0a9E
igF3xI6cXazQZQNg7OKHgxA9/NVJlamGYcLEzj7sf0uWL7HUUgWvIH4+4UvLJCe5
aAuUgudTP0hpHguE/hJQ8YitCRZO7KWOy4eO5p2O51B69/GYFtk1EqU9AqettZCB
S3GtdiZu3sT+3eKPAa1lZfYGyn9Tuf+EqYbOSwcyWNlFr53oUQAbkh+OPD5bLiOO
M/ifrz8QrzvzcbaI
-----END CERTIFICATE-----
Generated at Fri May 9 13:54:56 2025 by rpki-client