Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jEfvfROciJp-RYQbdsBrTr7VAx4.roa
File: jEfvfROciJp-RYQbdsBrTr7VAx4.roa (raw, json)
Hash identifier: IS6vEbsQBh+5w2Hxc08ezyCakADRTGKqn6Xx8u2aydo=
Subject key identifier: 8C:47:EF:7D:13:9C:88:9A:7E:45:84:1B:76:C0:6B:4E:BE:D5:03:1E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F3C38F4C5A9F78B4C44D68368A4447466
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jEfvfROciJp-RYQbdsBrTr7VAx4.roa
Signing time: Fri 03 May 2024 02:11:56 +0000
ROA not before: Fri 03 May 2024 02:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3c:38:f4:c5:a9:f7:8b:4c:44:d6:83:68:a4:44:74:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 3 02:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c47ef7d139c889a7e45841b76c06b4ebed5031e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:19:51:ef:90:4e:fa:51:bd:3b:b9:87:b6:28:
67:c6:fa:c7:60:15:e3:b5:35:70:e7:87:0b:90:66:
21:5f:2e:56:86:6f:5a:1b:13:d1:48:b7:b3:08:b6:
55:87:dd:e7:64:cc:f0:82:86:e1:9f:9e:c8:d1:31:
de:af:b1:bc:76:1a:25:f5:50:4c:56:f7:35:54:b2:
36:9d:5e:8f:27:05:18:0c:73:58:b9:08:ab:e5:ee:
34:d7:9e:5e:f0:56:45:07:c0:fe:57:25:5a:c4:01:
9e:2f:f3:55:df:b2:e4:99:49:f9:14:4b:09:b5:f4:
6f:ab:56:09:aa:d7:cd:53:d6:a2:c4:75:7b:17:4a:
6f:27:16:9c:6c:8f:55:17:e4:d7:35:6d:b6:31:e5:
89:26:c4:5d:c7:69:39:f1:2e:31:48:91:be:94:41:
14:3c:09:15:00:49:4e:49:6f:a7:6b:52:5b:10:20:
23:32:57:3d:c8:8f:6f:70:9c:e8:32:70:06:fc:27:
24:a4:f7:98:a4:0d:37:7d:df:fd:f1:fa:2d:26:b9:
83:f5:da:52:10:b0:45:e7:ad:9c:fb:83:33:56:b5:
58:f9:20:96:ec:70:93:1e:55:b5:9f:0a:40:91:68:
36:29:50:4f:33:55:f9:14:77:78:9b:3d:16:1f:36:
f4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:47:EF:7D:13:9C:88:9A:7E:45:84:1B:76:C0:6B:4E:BE:D5:03:1E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jEfvfROciJp-RYQbdsBrTr7VAx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:ae:39:cc:52:22:82:2d:3f:0f:99:be:96:c4:5f:ad:48:5b:
8a:fe:63:5b:d0:f9:ad:71:a2:96:c8:5e:97:b2:a4:a5:5e:99:
c3:a6:cb:87:f5:b4:4d:e7:44:01:59:10:b9:29:3c:0d:b5:7f:
63:8a:13:fd:bf:23:6e:af:ed:87:83:4a:30:cc:1b:3f:ee:ac:
86:1a:1d:89:8f:35:e3:b8:88:59:0c:be:10:a3:8d:54:1a:85:
1d:53:75:17:d3:75:4d:0e:5a:20:7e:cd:f1:ce:48:f2:11:6a:
3b:3a:d3:1b:02:59:f2:17:cb:29:33:82:19:04:c3:a9:dc:3f:
9d:1c:4a:2d:b7:68:60:be:c0:03:f9:0e:a2:b0:68:6b:a4:f1:
56:60:ee:33:07:32:f9:21:c0:8f:a1:4a:4c:02:96:57:e4:c7:
1f:1d:8e:c6:e9:e7:82:a6:b8:ad:01:d5:23:a6:bc:c7:bd:24:
9a:8b:16:68:67:6b:e2:ca:83:36:02:aa:f5:a0:e8:29:f0:3a:
88:e3:e9:bd:1e:09:ab:06:5d:3e:de:3c:c9:d5:90:96:9f:33:
7d:0b:65:a7:2e:e7:a1:e0:1b:ea:23:c1:bb:a8:da:77:7b:13:
a8:a4:ac:7c:61:0d:c0:8c:64:68:39:09:e9:86:22:5f:62:d8:
01:e1:13:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY88OPTFqfeLTETWg2ikRHRmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAzMDIxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzQ3ZWY3ZDEzOWM4ODlhN2U0NTg0MWI3NmMwNmI0ZWJlZDUwMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRlR75BO+lG9O7mHtihnxvrHYBXj
tTVw54cLkGYhXy5Whm9aGxPRSLezCLZVh93nZMzwgobhn57I0THer7G8dhol9VBM
Vvc1VLI2nV6PJwUYDHNYuQir5e40155e8FZFB8D+VyVaxAGeL/NV37LkmUn5FEsJ
tfRvq1YJqtfNU9aixHV7F0pvJxacbI9VF+TXNW22MeWJJsRdx2k58S4xSJG+lEEU
PAkVAElOSW+na1JbECAjMlc9yI9vcJzoMnAG/CckpPeYpA03fd/98fotJrmD9dpS
ELBF562c+4MzVrVY+SCW7HCTHlW1nwpAkWg2KVBPM1X5FHd4mz0WHzb05QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIxH730TnIiafkWEG3bAa06+1QMeMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvakVmdmZST2NpSnAtUllRYmRzQnJUcjdWQXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEauOcxSIoItPw+ZvpbE
X61IW4r+Y1vQ+a1xopbIXpeypKVemcOmy4f1tE3nRAFZELkpPA21f2OKE/2/I26v
7YeDSjDMGz/urIYaHYmPNeO4iFkMvhCjjVQahR1TdRfTdU0OWiB+zfHOSPIRajs6
0xsCWfIXyykzghkEw6ncP50cSi23aGC+wAP5DqKwaGuk8VZg7jMHMvkhwI+hSkwC
llfkxx8djsbp54KmuK0B1SOmvMe9JJqLFmhna+LKgzYCqvWg6CnwOojj6b0eCasG
XT7ePMnVkJafM30LZacu56HgG+ojwbuo2nd7E6ikrHxhDcCMZGg5CemGIl9i2AHh
E+Q=
-----END CERTIFICATE-----
Generated at Sat May 10 22:16:15 2025 by rpki-client