Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/e_j3Y5nu93NR1M1h3XrA_60_pvg.roa
File: e_j3Y5nu93NR1M1h3XrA_60_pvg.roa (raw, json)
Hash identifier: 3sEkwX0aO5pO9Y8BHy7OAWkyU3CQHlxirbB9Axi/y7Y=
Subject key identifier: 7B:F8:F7:63:99:EE:F7:73:51:D4:CD:61:DD:7A:C0:FF:AD:3F:A6:F8
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F72B83534EE7C2D912F8A8C26A6D3F0CE
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/e_j3Y5nu93NR1M1h3XrA_60_pvg.roa
Signing time: Mon 13 May 2024 16:10:25 +0000
ROA not before: Mon 13 May 2024 16:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:b8:35:34:ee:7c:2d:91:2f:8a:8c:26:a6:d3:f0:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 13 16:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bf8f76399eef77351d4cd61dd7ac0ffad3fa6f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:12:ab:eb:c3:5a:dd:07:cf:e4:30:3f:52:96:
e8:03:b4:a3:91:c9:2d:f3:cb:23:0e:98:42:d8:cc:
6d:e1:ab:49:95:1b:d3:75:a5:aa:e4:2e:83:94:60:
c0:8a:bb:05:6a:5b:14:48:7e:01:fa:a1:c8:42:99:
3e:83:83:5b:b7:5d:b2:09:80:7f:77:3b:bc:2a:99:
d1:5e:4f:32:21:b6:c9:67:86:ba:a2:a3:37:89:3a:
83:30:9c:cb:f3:63:76:1f:c6:4b:e0:3e:7e:f2:51:
ca:a2:cc:2c:01:04:be:66:e0:d7:b9:8d:c4:44:0f:
cf:fd:a3:e5:f7:c6:b8:ed:62:1e:34:e3:f2:15:62:
ed:77:e5:7c:ea:70:34:55:6e:27:03:7d:3f:29:06:
2e:51:0e:e5:3b:30:08:3c:f0:41:ca:88:70:37:88:
be:5c:30:51:23:7f:4f:70:28:9c:00:8c:02:c0:6f:
00:1d:17:e2:ac:77:c1:0d:4c:47:92:40:6e:e8:9f:
69:18:7c:30:e0:26:ca:79:96:20:67:e4:54:f7:22:
76:17:51:17:fa:b0:f1:87:41:f3:fb:56:ca:02:e8:
e4:c2:6d:8f:9b:8e:20:7b:f4:53:21:b2:47:c6:a1:
55:94:a7:b1:1b:84:64:ce:c6:0d:f6:b8:bf:95:e7:
f6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F8:F7:63:99:EE:F7:73:51:D4:CD:61:DD:7A:C0:FF:AD:3F:A6:F8
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/e_j3Y5nu93NR1M1h3XrA_60_pvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:f8:88:f8:90:99:d7:64:ad:79:5d:d3:be:8b:7b:50:d8:46:
c0:d0:87:6b:70:bc:9d:80:08:55:cf:df:2d:16:81:17:14:8f:
68:95:a3:94:ed:b7:c9:06:88:7d:26:fa:ba:96:48:c6:c5:4f:
c5:2a:2a:7d:d5:26:78:6f:40:3d:ab:d0:dc:f1:aa:84:b5:47:
4c:a3:77:12:e0:51:48:77:60:e7:1f:1c:44:c9:9a:fa:9c:63:
6c:88:95:01:20:2d:dd:6d:20:c9:6e:e3:ab:e4:c4:f8:e9:a8:
d4:5b:b2:59:df:b8:85:89:3a:71:58:b0:16:e0:a7:64:7a:4c:
76:82:3c:05:67:cc:9c:fd:5f:73:05:8b:56:25:8c:14:f8:19:
b3:b8:f1:35:a5:02:fe:88:46:15:36:84:18:1c:e5:ed:be:82:
8d:0b:c3:dc:bc:30:cc:74:8d:a5:0c:21:63:b3:30:e3:86:61:
b4:8c:bc:58:76:aa:81:fc:95:6f:aa:dd:94:44:9d:5e:42:96:
01:8b:e4:39:82:bd:93:8c:b0:35:af:e0:e6:b9:5b:a6:e8:30:
38:6a:5a:89:a5:61:fe:4b:c0:bd:5a:c5:31:b0:6f:76:89:f3:
ac:9a:0f:fb:96:40:0b:9c:76:19:e4:ec:ce:d0:81:09:f1:1b:
7f:6a:60:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9yuDU07nwtkS+KjCam0/DOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEzMTYxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmY4Zjc2Mzk5ZWVmNzczNTFkNGNkNjFkZDdhYzBmZmFkM2ZhNmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxKr68Na3QfP5DA/UpboA7Sjkckt
88sjDphC2Mxt4atJlRvTdaWq5C6DlGDAirsFalsUSH4B+qHIQpk+g4Nbt12yCYB/
dzu8KpnRXk8yIbbJZ4a6oqM3iTqDMJzL82N2H8ZL4D5+8lHKoswsAQS+ZuDXuY3E
RA/P/aPl98a47WIeNOPyFWLtd+V86nA0VW4nA30/KQYuUQ7lOzAIPPBByohwN4i+
XDBRI39PcCicAIwCwG8AHRfirHfBDUxHkkBu6J9pGHww4CbKeZYgZ+RU9yJ2F1EX
+rDxh0Hz+1bKAujkwm2Pm44ge/RTIbJHxqFVlKexG4RkzsYN9ri/lef2kwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHv492OZ7vdzUdTNYd16wP+tP6b4MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZV9qM1k1bnU5M05SMU0xaDNYckFfNjBfcHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJf4iPiQmddkrXld076L
e1DYRsDQh2twvJ2ACFXP3y0WgRcUj2iVo5Ttt8kGiH0m+rqWSMbFT8UqKn3VJnhv
QD2r0NzxqoS1R0yjdxLgUUh3YOcfHETJmvqcY2yIlQEgLd1tIMlu46vkxPjpqNRb
slnfuIWJOnFYsBbgp2R6THaCPAVnzJz9X3MFi1YljBT4GbO48TWlAv6IRhU2hBgc
5e2+go0Lw9y8MMx0jaUMIWOzMOOGYbSMvFh2qoH8lW+q3ZREnV5ClgGL5DmCvZOM
sDWv4Oa5W6boMDhqWomlYf5LwL1axTGwb3aJ86yaD/uWQAucdhnk7M7QgQnxG39q
YOQ=
-----END CERTIFICATE-----
Generated at Mon May 12 19:08:36 2025 by rpki-client