Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/mvRjDXQxN2UlWoZkLtpLGABx_kg.roa
File: mvRjDXQxN2UlWoZkLtpLGABx_kg.roa (raw, json)
Hash identifier: 4175VIgfkMnroQrV22vpHIuR53D4/DJAQIaI8BV6zyU=
Subject key identifier: 9A:F4:63:0D:74:31:37:65:25:5A:86:64:2E:DA:4B:18:00:71:FE:48
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA2FF2A487E2EFB213E29F7947FD9492C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/mvRjDXQxN2UlWoZkLtpLGABx_kg.roa
Signing time: Thu 23 May 2024 01:09:42 +0000
ROA not before: Thu 23 May 2024 01:09:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a2:ff:2a:48:7e:2e:fb:21:3e:29:f7:94:7f:d9:49:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 23 01:09:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9af4630d74313765255a86642eda4b180071fe48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:eb:9c:4b:71:c8:7e:31:dc:0b:3f:7f:74:67:
6e:14:21:f7:ea:48:b6:53:89:ce:e5:fe:db:51:8b:
ba:cb:e8:fb:3c:81:f6:5c:8f:12:92:64:8a:e8:c8:
97:0e:ae:db:a6:2f:61:d2:c2:37:d5:28:c9:7d:d3:
f1:2d:1e:cf:cd:dc:f3:31:e0:8d:42:a1:13:0c:cd:
8a:33:5f:49:ba:ab:39:21:ea:fe:3a:f0:95:43:8d:
57:ee:ad:40:ea:03:92:45:23:89:b7:77:58:bd:bd:
25:1d:c7:e9:6d:25:85:08:00:6a:ba:9c:ad:91:3b:
82:2d:3d:c1:fc:3b:32:0f:54:c5:6e:ab:d3:ba:87:
c9:04:29:b4:41:38:ae:a8:fd:ff:22:e9:81:2f:5d:
82:9b:6a:e9:dc:6e:ad:6c:94:c8:96:7f:f1:b2:31:
22:4b:40:45:70:d5:49:9f:a6:52:3e:c6:89:b4:08:
05:5c:46:23:70:61:9b:cc:76:db:bd:25:b4:15:b7:
ce:7d:52:41:86:8f:7d:ab:f7:f8:f4:03:f6:f0:85:
6c:e8:11:b9:b5:f6:d1:54:da:89:b4:79:5b:21:25:
6f:f9:1c:ab:70:85:0e:0b:21:4c:4e:f4:85:e6:a5:
eb:6d:22:9f:9d:68:04:7d:76:c3:d7:91:c8:0a:ae:
b4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F4:63:0D:74:31:37:65:25:5A:86:64:2E:DA:4B:18:00:71:FE:48
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/mvRjDXQxN2UlWoZkLtpLGABx_kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:26:41:d6:3b:34:fa:f1:3a:0c:75:12:55:ed:f1:25:e3:13:
1a:57:ce:d9:64:61:0a:1e:83:51:71:33:5b:f1:27:de:92:c9:
19:85:10:f1:85:1f:b2:2e:a9:4a:99:a6:fe:2b:44:ac:35:53:
dc:77:28:34:48:7e:41:66:70:05:62:27:1a:01:f1:3b:67:e1:
b8:8f:24:02:cc:b2:7b:9d:83:a9:f1:75:e2:22:f0:d6:8f:2c:
0e:1e:cb:34:ca:ca:90:de:e2:1e:00:2e:6a:c6:e6:ec:99:f7:
0a:45:f0:c6:38:56:c1:03:ed:dc:c6:fb:3c:99:96:01:c9:05:
d8:84:92:e7:ce:e4:d5:c0:8b:2f:55:1d:c2:86:53:a9:6d:90:
89:f6:8f:ba:b0:45:de:56:ba:92:c1:0a:28:d9:51:9f:ee:6a:
b2:5d:4d:0a:7f:9b:bf:8d:5b:ce:84:09:44:c0:76:64:86:1a:
71:f3:44:9c:b8:5b:33:26:d6:a2:84:cc:52:4f:33:f2:bf:f1:
74:82:cf:a7:ee:0b:8c:ad:92:4d:20:01:93:54:ac:14:77:8a:
e5:26:45:28:32:87:ad:1e:08:15:10:ec:c7:a6:8e:db:24:51:
a9:16:bf:7d:bd:3f:0a:ab:58:3d:53:e6:53:af:e8:9a:ee:35:
92:5c:3e:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+i/ypIfi77IT4p95R/2UksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIzMDEwOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWY0NjMwZDc0MzEzNzY1MjU1YTg2NjQyZWRhNGIxODAwNzFmZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuucS3HIfjHcCz9/dGduFCH36ki2
U4nO5f7bUYu6y+j7PIH2XI8SkmSK6MiXDq7bpi9h0sI31SjJfdPxLR7PzdzzMeCN
QqETDM2KM19Juqs5Ier+OvCVQ41X7q1A6gOSRSOJt3dYvb0lHcfpbSWFCABqupyt
kTuCLT3B/DsyD1TFbqvTuofJBCm0QTiuqP3/IumBL12Cm2rp3G6tbJTIln/xsjEi
S0BFcNVJn6ZSPsaJtAgFXEYjcGGbzHbbvSW0FbfOfVJBho99q/f49AP28IVs6BG5
tfbRVNqJtHlbISVv+RyrcIUOCyFMTvSF5qXrbSKfnWgEfXbD15HICq60FwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJr0Yw10MTdlJVqGZC7aSxgAcf5IMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvbXZSakRYUXhOMlVsV29aa0x0cExHQUJ4X2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG4mQdY7NPrxOgx1ElXt
8SXjExpXztlkYQoeg1FxM1vxJ96SyRmFEPGFH7IuqUqZpv4rRKw1U9x3KDRIfkFm
cAViJxoB8Ttn4biPJALMsnudg6nxdeIi8NaPLA4eyzTKypDe4h4ALmrG5uyZ9wpF
8MY4VsED7dzG+zyZlgHJBdiEkufO5NXAiy9VHcKGU6ltkIn2j7qwRd5WupLBCijZ
UZ/uarJdTQp/m7+NW86ECUTAdmSGGnHzRJy4WzMm1qKEzFJPM/K/8XSCz6fuC4yt
kk0gAZNUrBR3iuUmRSgyh60eCBUQ7MemjtskUakWv329PwqrWD1T5lOv6JruNZJc
Phk=
-----END CERTIFICATE-----
Generated at Sun May 11 15:49:55 2025 by rpki-client