Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ju3Aopzt5PBZZfaSXqrvfWdSIYE.roa
File: ju3Aopzt5PBZZfaSXqrvfWdSIYE.roa (raw, json)
Hash identifier: lIXoooUIvHhnq7Yedu7J9SYKIHKTnlTvwqR2utMnF2I=
Subject key identifier: 8E:ED:C0:A2:9C:ED:E4:F0:59:65:F6:92:5E:AA:EF:7D:67:52:21:81
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F1F77A8E1B3BD3C2AA60C85851893C7E2
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ju3Aopzt5PBZZfaSXqrvfWdSIYE.roa
Signing time: Sat 27 Apr 2024 12:11:26 +0000
ROA not before: Sat 27 Apr 2024 12:11:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1f:77:a8:e1:b3:bd:3c:2a:a6:0c:85:85:18:93:c7:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 27 12:11:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8eedc0a29cede4f05965f6925eaaef7d67522181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0e:5d:71:f5:80:ed:05:78:d6:d7:23:ec:da:
ad:93:a7:35:3f:6f:45:1f:92:a6:42:ba:a4:8c:47:
11:0d:df:63:81:91:0b:44:ab:13:79:92:26:e5:83:
0e:0e:b4:8e:69:95:fd:bd:5b:63:60:8a:99:26:6b:
5b:65:3b:e1:2b:54:45:08:77:3d:93:ad:f2:41:3c:
e1:a0:96:21:27:5e:33:94:ff:84:4f:0c:50:43:a1:
3d:c9:4f:66:98:42:3d:fe:c0:ad:c4:32:7b:95:d3:
10:32:7b:f0:9f:54:8b:db:df:ba:be:4d:c3:36:93:
df:79:aa:f0:5f:06:7c:e5:be:ad:a2:8e:5b:33:56:
06:94:6c:18:0e:a7:74:90:f7:a4:4e:9f:0b:ae:6f:
0e:04:ab:2f:3b:90:f4:d5:d8:ea:b2:36:fd:57:d9:
e4:4f:a8:8b:90:5e:06:a1:17:7a:10:69:ba:2b:23:
d8:67:5f:84:e3:21:93:ff:a2:dd:09:5a:13:f1:cd:
56:44:cd:0e:c7:cf:29:10:23:d5:8a:8c:dd:a8:61:
95:c1:24:51:2c:96:d2:65:09:7e:6d:59:bc:08:f2:
a6:46:f9:d9:9a:80:d0:d3:53:e2:0a:66:07:49:a8:
9f:c7:73:e1:79:dd:60:71:5d:f0:9b:ce:86:21:48:
9c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:ED:C0:A2:9C:ED:E4:F0:59:65:F6:92:5E:AA:EF:7D:67:52:21:81
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ju3Aopzt5PBZZfaSXqrvfWdSIYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
51:e8:81:05:d1:66:39:68:2b:c1:c1:5b:43:eb:ec:02:5c:9c:
c8:12:56:c3:83:b7:f6:21:50:1c:1e:35:49:57:56:06:53:12:
57:3b:bd:03:dd:9d:2c:ef:1c:1a:8b:19:68:c2:00:87:2b:50:
4d:01:bd:41:0d:40:de:db:80:c4:db:99:37:ee:8c:39:62:a7:
a9:e6:f1:1e:74:6b:80:41:55:ef:1c:eb:c3:74:ab:2f:9b:d3:
05:52:0f:28:81:17:26:dd:72:e6:d8:fa:f5:c2:a0:25:52:c8:
e7:da:d3:62:1c:a5:1d:c2:3c:91:ae:7b:cd:7b:42:8e:68:0d:
cf:98:ba:d5:66:1f:fe:b4:a2:85:df:e8:67:74:c2:d2:78:4b:
27:39:ef:b2:b6:d8:6f:a8:8c:38:b6:62:c6:fd:3f:7d:02:2a:
17:3a:2e:36:05:ca:87:7c:1f:08:26:d6:9d:cf:5b:ce:2b:b7:
f3:31:4b:26:b7:87:c7:04:b5:ff:ee:e4:60:37:10:a1:83:59:
fe:b1:0c:51:ea:87:b5:52:a4:1a:1e:48:6a:3f:a8:e3:0a:89:
59:47:e8:b8:da:d3:64:5b:c8:40:80:4c:6f:bd:92:dd:f2:0b:
c7:93:db:d7:42:f3:ca:c1:36:a9:57:30:10:b7:19:a6:ff:1d:
27:7e:bc:a7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8fd6jhs708KqYMhYUYk8fiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI3MTIxMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWVkYzBhMjljZWRlNGYwNTk2NWY2OTI1ZWFhZWY3ZDY3NTIyMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw5dcfWA7QV41tcj7Nqtk6c1P29F
H5KmQrqkjEcRDd9jgZELRKsTeZIm5YMODrSOaZX9vVtjYIqZJmtbZTvhK1RFCHc9
k63yQTzhoJYhJ14zlP+ETwxQQ6E9yU9mmEI9/sCtxDJ7ldMQMnvwn1SL29+6vk3D
NpPfearwXwZ85b6too5bM1YGlGwYDqd0kPekTp8Lrm8OBKsvO5D01djqsjb9V9nk
T6iLkF4GoRd6EGm6KyPYZ1+E4yGT/6LdCVoT8c1WRM0Ox88pECPViozdqGGVwSRR
LJbSZQl+bVm8CPKmRvnZmoDQ01PiCmYHSaifx3Phed1gcV3wm86GIUicsQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFI7twKKc7eTwWWX2kl6q731nUiGBMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvanUzQW9wenQ1UEJaWmZhU1hxcnZmV2RTSVlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQBR6IEF
0WY5aCvBwVtD6+wCXJzIElbDg7f2IVAcHjVJV1YGUxJXO70D3Z0s7xwaixlowgCH
K1BNAb1BDUDe24DE25k37ow5Yqep5vEedGuAQVXvHOvDdKsvm9MFUg8ogRcm3XLm
2Pr1wqAlUsjn2tNiHKUdwjyRrnvNe0KOaA3PmLrVZh/+tKKF3+hndMLSeEsnOe+y
tthvqIw4tmLG/T99AioXOi42BcqHfB8IJtadz1vOK7fzMUsmt4fHBLX/7uRgNxCh
g1n+sQxR6oe1UqQaHkhqP6jjColZR+i42tNkW8hAgExvvZLd8gvHk9vXQvPKwTap
VzAQtxmm/x0nfryn
-----END CERTIFICATE-----
Generated at Sun May 11 01:31:30 2025 by rpki-client