Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rvfJSKTRmyloH4FkcW8-rNYTS8g.roa
File: rvfJSKTRmyloH4FkcW8-rNYTS8g.roa (raw, json)
Hash identifier: qTwoLlA+Y6jziAcGhJQBt1sqr35VHnARgDK4ApRlVhE=
Subject key identifier: AE:F7:C9:48:A4:D1:9B:29:68:1F:81:64:71:6F:3E:AC:D6:13:4B:C8
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA97007DB5D8B0575E82F95F34FECEAC7
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rvfJSKTRmyloH4FkcW8-rNYTS8g.roa
Signing time: Fri 24 May 2024 07:10:42 +0000
ROA not before: Fri 24 May 2024 07:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a9:70:07:db:5d:8b:05:75:e8:2f:95:f3:4f:ec:ea:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 24 07:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aef7c948a4d19b29681f8164716f3eacd6134bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bb:a0:af:c3:7f:91:40:64:71:f7:c2:ea:db:
d7:18:96:62:43:eb:5d:76:62:77:ee:a1:cb:89:09:
dd:8f:44:38:43:10:1d:4c:14:24:eb:5b:fa:04:ee:
b8:eb:1c:c2:34:c2:4b:60:5d:52:43:10:0c:7c:23:
7f:ac:aa:47:1f:37:be:7d:63:b4:17:ac:00:1c:23:
90:0b:7e:c7:08:f2:9c:a4:96:bf:72:29:8a:78:cc:
f0:46:c7:64:54:8c:6d:dd:1d:51:d5:9e:37:4e:10:
d3:90:df:07:58:2c:fa:d8:de:f6:4d:18:e1:f4:29:
1b:56:5c:3e:0e:98:75:9b:ab:ea:df:90:04:8b:df:
c1:62:bf:d1:2b:a5:b6:f2:f9:93:45:8f:7a:25:6d:
8a:d1:7f:ce:bd:f4:17:be:71:2a:dd:1e:3b:fa:95:
07:40:39:c7:5f:fd:1c:76:4e:7d:19:60:d1:51:d0:
9a:9c:74:b0:fb:90:6d:fa:97:c1:b3:4d:d0:fa:aa:
c7:70:c7:74:cd:93:d0:37:b7:8c:59:5f:47:1e:76:
b0:72:c1:e1:16:87:c3:3d:c6:49:f0:2c:83:5c:f0:
58:35:20:57:d1:80:74:9d:d9:cb:32:11:ba:69:f2:
03:1e:4c:d5:e7:8b:96:9a:8e:42:c6:13:75:ca:d2:
2d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F7:C9:48:A4:D1:9B:29:68:1F:81:64:71:6F:3E:AC:D6:13:4B:C8
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rvfJSKTRmyloH4FkcW8-rNYTS8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ba:08:06:10:be:50:30:f5:7c:49:b6:c8:e1:78:91:0d:52:d2:
57:8f:16:39:1c:f0:4d:75:78:7c:30:a5:32:c5:ad:cb:f5:e7:
6e:26:03:d3:d9:79:c1:40:83:e0:c0:3a:fa:ec:ae:04:49:4f:
4b:6d:85:0d:0b:94:55:0a:88:57:02:5b:5f:09:bd:15:79:dd:
cb:7d:9b:4c:4c:3b:8f:e7:b9:50:76:11:58:96:07:e2:52:f0:
be:03:f8:16:e3:6b:67:b0:3c:bc:c6:97:47:a1:0d:4a:8a:f9:
62:58:1a:06:85:09:a2:64:d2:7c:47:5f:9b:07:fc:dc:bc:e2:
e7:9e:3c:50:d1:87:e7:19:e4:d1:b6:b1:66:b3:36:78:2a:b6:
28:53:11:ee:48:00:c8:16:0b:6c:0f:c8:0b:b2:03:c0:ae:60:
da:fd:3e:e2:fc:71:64:ac:7b:96:c3:3a:a0:da:a4:ca:e3:0c:
dc:0a:bf:c9:74:6a:4d:38:dd:02:e9:32:51:18:c4:4e:37:a7:
8a:21:8a:94:bc:41:3a:88:f3:92:9e:6e:b7:3c:5e:c6:3c:a1:
e2:d1:42:1f:96:78:e5:e6:62:41:35:18:82:8f:8a:38:65:03:
35:c9:a8:80:6d:e5:74:bb:c1:13:fa:aa:02:cb:2c:e9:e7:4d:
de:f2:fb:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+pcAfbXYsFdegvlfNP7OrHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTI0MDcxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWY3Yzk0OGE0ZDE5YjI5NjgxZjgxNjQ3MTZmM2VhY2Q2MTM0YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rugr8N/kUBkcffC6tvXGJZiQ+td
dmJ37qHLiQndj0Q4QxAdTBQk61v6BO646xzCNMJLYF1SQxAMfCN/rKpHHze+fWO0
F6wAHCOQC37HCPKcpJa/cimKeMzwRsdkVIxt3R1R1Z43ThDTkN8HWCz62N72TRjh
9CkbVlw+Dph1m6vq35AEi9/BYr/RK6W28vmTRY96JW2K0X/OvfQXvnEq3R47+pUH
QDnHX/0cdk59GWDRUdCanHSw+5Bt+pfBs03Q+qrHcMd0zZPQN7eMWV9HHnawcsHh
FofDPcZJ8CyDXPBYNSBX0YB0ndnLMhG6afIDHkzV54uWmo5CxhN1ytItcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK73yUik0ZspaB+BZHFvPqzWE0vIMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvcnZmSlNLVFJteWxvSDRGa2NXOC1yTllUUzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALoIBhC+UDD1fEm2yOF4
kQ1S0lePFjkc8E11eHwwpTLFrcv1524mA9PZecFAg+DAOvrsrgRJT0tthQ0LlFUK
iFcCW18JvRV53ct9m0xMO4/nuVB2EViWB+JS8L4D+Bbja2ewPLzGl0ehDUqK+WJY
GgaFCaJk0nxHX5sH/Ny84ueePFDRh+cZ5NG2sWazNngqtihTEe5IAMgWC2wPyAuy
A8CuYNr9PuL8cWSse5bDOqDapMrjDNwKv8l0ak043QLpMlEYxE43p4ohipS8QTqI
85Kebrc8XsY8oeLRQh+WeOXmYkE1GIKPijhlAzXJqIBt5XS7wRP6qgLLLOnnTd7y
+3M=
-----END CERTIFICATE-----
Generated at Sat May 10 16:44:52 2025 by rpki-client