Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sYwHey3qrph_-xyrWaFiSpw2OZ0.roa
File: sYwHey3qrph_-xyrWaFiSpw2OZ0.roa (raw, json)
Hash identifier: bJIZ1r7yE4081SalQrSMLurWTlP60A60/CH7lWnD3wQ=
Subject key identifier: B1:8C:07:7B:2D:EA:AE:98:7F:FB:1C:AB:59:A1:62:4A:9C:36:39:9D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F6CB11940D95BBE64012AC3B7FB1DE15B
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sYwHey3qrph_-xyrWaFiSpw2OZ0.roa
Signing time: Sun 12 May 2024 12:04:56 +0000
ROA not before: Sun 12 May 2024 12:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:6cb0:7f7b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6c:b1:19:40:d9:5b:be:64:01:2a:c3:b7:fb:1d:e1:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 12 12:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b18c077b2deaae987ffb1cab59a1624a9c36399d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:51:87:b5:55:db:2f:93:1c:dc:79:47:6c:9a:
7e:32:b5:87:38:46:cc:27:d9:fd:7c:56:bb:46:3f:
bb:07:27:42:6f:99:a2:99:93:a7:f6:62:68:65:06:
52:41:61:b7:90:88:91:19:90:56:f0:bf:63:e3:53:
2a:f3:c8:e5:e2:86:a8:db:3a:18:9e:27:92:bf:a5:
77:3c:84:4a:5d:91:73:73:67:a2:d6:88:f8:0e:a3:
0b:aa:e5:9b:b1:19:08:46:2a:71:d1:d6:57:0e:bc:
fc:1c:12:53:e9:1e:91:02:da:83:f2:62:6a:67:ce:
ed:8e:28:b2:da:73:d6:4c:47:f4:54:21:f8:c5:6d:
fa:13:71:3f:83:62:2e:61:01:ab:9f:eb:55:9b:d8:
90:3a:42:80:90:34:05:2d:76:73:b1:38:6d:54:b9:
c3:7c:81:d6:aa:94:cf:ae:0b:2e:be:f5:0e:3e:85:
bf:2a:59:9f:7e:6a:27:a8:03:bd:51:12:9e:f5:39:
1f:e5:fe:67:a8:f5:a7:3f:46:3a:95:b5:4c:36:66:
ad:21:36:6f:9e:a4:ce:e0:74:4e:4a:f6:a8:3b:ec:
40:37:a9:e1:10:6d:02:c0:e4:86:b8:eb:9a:c6:28:
0c:98:d3:a5:d5:23:de:8b:e8:c3:6d:fc:56:63:25:
c1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8C:07:7B:2D:EA:AE:98:7F:FB:1C:AB:59:A1:62:4A:9C:36:39:9D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sYwHey3qrph_-xyrWaFiSpw2OZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c3:18:03:31:ae:b6:26:84:a2:aa:00:8b:6d:ef:b2:ec:24:6a:
87:f2:0f:f4:8d:44:5f:cb:b2:37:54:27:a8:f4:52:f6:f5:70:
2f:ee:2e:ca:43:ba:88:1c:6d:10:9f:04:a6:b1:74:87:5a:21:
88:82:5d:b1:6b:2a:61:7c:17:4b:92:1d:ac:a5:f0:b6:1a:a2:
a7:b9:8c:3a:2d:25:ae:8c:89:36:83:0a:c3:52:46:19:4c:94:
5c:00:16:dc:9b:a0:17:8b:78:78:19:d6:ff:9c:b2:74:2b:be:
39:85:b7:ec:45:c8:bb:76:a9:1a:46:3a:12:db:6f:82:48:a3:
2d:10:8c:07:ff:24:48:ac:7c:8b:06:7e:38:fd:2b:f6:5b:fd:
8b:bf:65:68:db:a2:9a:9e:59:c5:d7:a4:cc:c1:72:5c:7d:02:
d7:c1:17:63:22:3a:7e:ca:00:8b:1b:7d:1d:1f:0c:7c:42:6f:
aa:ca:68:7f:85:d9:c8:c0:ab:27:ad:ae:96:8b:20:59:c4:c7:
b3:96:f2:d1:a0:41:a1:02:4e:45:38:47:46:34:92:ad:3b:30:
d6:c6:dd:d8:e9:da:0c:ae:1d:11:73:a8:80:09:71:12:a2:38:
42:39:d3:1f:91:1a:87:ef:06:4c:2d:6f:e3:4b:9f:14:7a:48:
af:f4:d0:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9ssRlA2Vu+ZAEqw7f7HeFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEyMTIwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMThjMDc3YjJkZWFhZTk4N2ZmYjFjYWI1OWExNjI0YTljMzYzOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7lGHtVXbL5Mc3HlHbJp+MrWHOEbM
J9n9fFa7Rj+7BydCb5mimZOn9mJoZQZSQWG3kIiRGZBW8L9j41Mq88jl4oao2zoY
nieSv6V3PIRKXZFzc2ei1oj4DqMLquWbsRkIRipx0dZXDrz8HBJT6R6RAtqD8mJq
Z87tjiiy2nPWTEf0VCH4xW36E3E/g2IuYQGrn+tVm9iQOkKAkDQFLXZzsThtVLnD
fIHWqpTPrgsuvvUOPoW/KlmffmonqAO9URKe9Tkf5f5nqPWnP0Y6lbVMNmatITZv
nqTO4HROSvaoO+xAN6nhEG0CwOSGuOuaxigMmNOl1SPei+jDbfxWYyXB1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLGMB3st6q6Yf/scq1mhYkqcNjmdMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvc1l3SGV5M3FycGhfLXh5cldhRmlTcHcyT1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMMYAzGutiaEoqoAi23v
suwkaofyD/SNRF/LsjdUJ6j0Uvb1cC/uLspDuogcbRCfBKaxdIdaIYiCXbFrKmF8
F0uSHayl8LYaoqe5jDotJa6MiTaDCsNSRhlMlFwAFtyboBeLeHgZ1v+csnQrvjmF
t+xFyLt2qRpGOhLbb4JIoy0QjAf/JEisfIsGfjj9K/Zb/Yu/ZWjbopqeWcXXpMzB
clx9AtfBF2MiOn7KAIsbfR0fDHxCb6rKaH+F2cjAqyetrpaLIFnEx7OW8tGgQaEC
TkU4R0Y0kq07MNbG3djp2gyuHRFzqIAJcRKiOEI50x+RGofvBkwtb+NLnxR6SK/0
0J0=
-----END CERTIFICATE-----
Generated at Sat May 10 13:46:35 2025 by rpki-client