Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rKA2VL055ZeR2dQkIm_Ib20xSCI.roa
File: rKA2VL055ZeR2dQkIm_Ib20xSCI.roa (raw, json)
Hash identifier: +GYmBk7oQUc+1WajhkLhRCTsFGHly+fcKyLfESeFZdE=
Subject key identifier: AC:A0:36:54:BD:39:E5:97:91:D9:D4:24:22:6F:C8:6F:6D:31:48:22
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F77353152F22259FC7AB8C3891B6EB251
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rKA2VL055ZeR2dQkIm_Ib20xSCI.roa
Signing time: Tue 14 May 2024 13:05:25 +0000
ROA not before: Tue 14 May 2024 13:05:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:7734:5688/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:77:35:31:52:f2:22:59:fc:7a:b8:c3:89:1b:6e:b2:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 14 13:05:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aca03654bd39e59791d9d424226fc86f6d314822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:77:a2:5e:3b:9a:2f:d0:1e:13:3d:a2:56:ea:
d3:1c:bd:89:88:45:4a:b5:9a:01:15:84:90:2b:07:
7a:64:95:f3:17:a5:2e:c6:17:bb:4e:5c:1b:a1:ec:
01:47:b8:2d:ac:ff:2f:21:49:f8:55:76:65:ff:35:
0f:6b:42:d2:f5:db:0c:5f:25:07:ad:20:9f:4c:59:
af:61:7c:19:b3:91:b2:a5:ad:27:55:f3:ea:f5:e5:
48:5d:c9:60:39:22:0f:71:30:3a:a6:18:48:1b:d8:
73:90:e6:42:ee:25:c4:50:80:ea:77:80:fe:a9:f5:
e5:02:30:e0:00:09:29:80:f1:4f:69:cd:76:9b:93:
4c:14:7e:a2:75:2d:b5:ad:9b:5f:76:e8:b9:2f:ff:
94:09:77:19:ab:61:cf:bb:e6:b7:0a:aa:cc:70:90:
10:bb:bd:fa:ca:f0:3d:e6:2e:8f:6a:bd:6a:f0:82:
c2:95:92:d4:2b:58:3d:87:a7:13:b7:06:f1:69:27:
8c:3c:1a:ea:cd:65:bf:53:16:c5:f9:79:6e:b4:ee:
a3:3f:27:cf:37:fd:eb:50:0e:df:83:28:4c:21:78:
da:5c:36:d3:59:6c:16:ba:e5:c0:06:2a:77:50:62:
ee:b0:07:70:74:2c:fc:69:a8:69:b0:60:91:0b:7e:
e2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A0:36:54:BD:39:E5:97:91:D9:D4:24:22:6F:C8:6F:6D:31:48:22
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rKA2VL055ZeR2dQkIm_Ib20xSCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
be:06:91:ab:11:82:ec:a5:c2:c6:49:39:9d:d5:2e:db:46:49:
6a:70:ff:78:35:14:c8:fd:4f:75:66:f2:93:82:0a:eb:46:a0:
cc:b4:c1:be:52:c7:a8:fd:c7:6c:4e:52:09:4e:52:f0:05:1f:
7f:85:f3:a8:97:ec:29:ff:71:bf:70:f8:85:27:09:64:dd:50:
3f:59:8f:0a:32:a7:a2:4c:81:23:c8:49:ce:db:0e:d6:b6:91:
16:f0:87:fa:d8:63:fe:84:4c:da:25:0e:d6:a1:60:ac:98:40:
51:fd:04:3d:d9:a1:59:24:9e:b0:2f:b2:3e:0b:70:c4:14:13:
87:5b:ae:34:77:ee:9b:73:ab:9b:81:fc:b5:8b:09:07:f8:53:
5a:66:df:8f:2e:7e:2c:d4:ab:2a:54:a3:17:f2:86:d5:10:ee:
a7:9b:7e:32:28:ac:20:43:cc:fa:34:54:01:b8:19:91:7c:85:
53:62:48:8a:f1:6c:fe:4b:18:d9:71:7a:99:51:aa:b9:4e:13:
40:68:ef:bd:1d:ec:09:70:a4:bb:03:5b:43:e0:e2:fc:60:0c:
8c:9c:e9:e6:09:8a:7e:e5:17:a2:6a:14:9c:b1:de:f8:9a:c4:
db:58:ab:5d:30:5b:2b:f2:2f:7d:c0:ae:e1:a2:c2:bd:60:8c:
12:9a:ea:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY93NTFS8iJZ/Hq4w4kbbrJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE0MTMwNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2EwMzY1NGJkMzllNTk3OTFkOWQ0MjQyMjZmYzg2ZjZkMzE0ODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XeiXjuaL9AeEz2iVurTHL2JiEVK
tZoBFYSQKwd6ZJXzF6Uuxhe7TlwboewBR7gtrP8vIUn4VXZl/zUPa0LS9dsMXyUH
rSCfTFmvYXwZs5Gypa0nVfPq9eVIXclgOSIPcTA6phhIG9hzkOZC7iXEUIDqd4D+
qfXlAjDgAAkpgPFPac12m5NMFH6idS21rZtfdui5L/+UCXcZq2HPu+a3CqrMcJAQ
u736yvA95i6Par1q8ILClZLUK1g9h6cTtwbxaSeMPBrqzWW/UxbF+XlutO6jPyfP
N/3rUA7fgyhMIXjaXDbTWWwWuuXABip3UGLusAdwdCz8aahpsGCRC37ikQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKygNlS9OeWXkdnUJCJvyG9tMUgiMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvcktBMlZMMDU1WmVSMmRRa0ltX0liMjB4U0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL4GkasRguylwsZJOZ3V
LttGSWpw/3g1FMj9T3Vm8pOCCutGoMy0wb5Sx6j9x2xOUglOUvAFH3+F86iX7Cn/
cb9w+IUnCWTdUD9Zjwoyp6JMgSPISc7bDta2kRbwh/rYY/6ETNolDtahYKyYQFH9
BD3ZoVkknrAvsj4LcMQUE4dbrjR37ptzq5uB/LWLCQf4U1pm348ufizUqypUoxfy
htUQ7qebfjIorCBDzPo0VAG4GZF8hVNiSIrxbP5LGNlxeplRqrlOE0Bo770d7Alw
pLsDW0Pg4vxgDIyc6eYJin7lF6JqFJyx3viaxNtYq10wWyvyL33AruGiwr1gjBKa
6h4=
-----END CERTIFICATE-----
Generated at Fri May 9 08:54:02 2025 by rpki-client