Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/v8Wj8MRbP3aL5YReSlKcWWoGTyc.roa
File: v8Wj8MRbP3aL5YReSlKcWWoGTyc.roa (raw, json)
Hash identifier: SwhrklOtWHIrWOnOB/FNvArJAfLfFlc92EHr/l6H4WA=
Subject key identifier: BF:C5:A3:F0:C4:5B:3F:76:8B:E5:84:5E:4A:52:9C:59:6A:06:4F:27
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA1B767FC748D9A0077226078E470543C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/v8Wj8MRbP3aL5YReSlKcWWoGTyc.roa
Signing time: Wed 22 May 2024 19:11:42 +0000
ROA not before: Wed 22 May 2024 19:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a1:b7:67:fc:74:8d:9a:00:77:22:60:78:e4:70:54:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 22 19:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfc5a3f0c45b3f768be5845e4a529c596a064f27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:50:ca:bc:9e:ef:9f:bb:50:05:c1:f4:0b:15:
d8:fe:d2:d7:1b:65:8a:40:53:fa:98:6a:6e:85:91:
e6:e1:9a:79:26:66:37:95:90:d8:a9:08:63:19:7b:
49:a9:54:9a:07:2a:c7:39:80:ac:f1:8e:51:a4:f0:
0d:c6:1c:b0:07:c9:ee:92:f0:ca:68:03:ed:10:fc:
6a:34:ed:ad:bc:71:be:1e:a3:3b:83:d4:cf:cd:d3:
f5:58:4f:0f:ec:4b:9c:0f:b8:d6:10:36:ca:ba:5e:
e5:c3:1c:28:15:15:ca:4e:59:a4:dc:ff:4f:cb:98:
0d:4e:a3:76:c6:0c:bb:6c:ca:8e:e5:cc:7c:81:2b:
87:9f:ee:a0:a7:9b:e9:ea:f3:11:5d:ff:51:25:46:
1d:2c:ce:ac:84:f5:4a:c0:15:0a:94:f8:39:60:23:
c5:e0:d3:8f:19:4e:bb:82:96:7d:f7:31:98:ac:9a:
62:4a:4c:8e:c8:51:cd:8a:c6:4e:ef:1c:32:33:e3:
9e:00:ba:77:f3:43:92:dc:b6:bf:63:87:17:09:98:
b0:ec:93:45:01:48:67:1c:87:86:92:89:33:34:6d:
6a:17:1b:37:68:43:e9:f5:d2:5a:d6:0e:ae:5b:90:
df:f9:80:6f:b1:f4:1d:f8:dd:d7:f5:db:7b:24:72:
77:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C5:A3:F0:C4:5B:3F:76:8B:E5:84:5E:4A:52:9C:59:6A:06:4F:27
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/v8Wj8MRbP3aL5YReSlKcWWoGTyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0b:ac:43:2f:2b:69:96:5b:a2:79:5c:bc:4f:cc:32:dd:f2:1e:
0b:4d:2a:e9:31:84:4b:12:b1:f5:0a:ac:2e:45:53:4e:14:f8:
29:09:f3:3e:9a:b5:ff:90:9c:ce:30:29:4e:7c:ac:7c:a2:00:
32:6c:51:94:93:9b:28:9f:20:14:cf:92:03:96:ae:3a:08:04:
2e:dc:ca:84:91:dd:b5:26:9a:85:5f:35:7f:c6:ab:2c:10:7f:
80:fe:c0:fb:0f:d9:96:a1:56:2f:be:49:4e:55:2b:57:2a:18:
ee:ca:7d:16:61:13:56:f2:5f:c2:ca:ad:01:d6:58:2e:2b:3a:
12:01:38:3a:e8:06:a5:3f:e6:04:f2:13:30:7b:41:b6:ee:35:
8b:0e:ea:5c:fa:c3:33:02:f4:5d:c2:25:e3:34:33:3a:c2:15:
fc:04:cb:79:26:da:8c:dd:d8:34:65:55:23:0f:40:58:53:b7:
d1:c9:c5:b9:e4:56:0f:8e:5c:11:d3:49:9e:cb:66:83:d0:74:
89:64:22:39:4e:32:6a:db:ae:8b:b4:38:5e:b2:9e:a0:b5:d2:
54:08:f0:62:a5:1d:fe:bc:c9:c8:4d:0f:ca:61:ab:ab:84:40:
e7:3c:cc:7a:e3:a9:31:b2:9b:33:67:70:4c:10:64:57:dc:27:
9c:58:2c:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+ht2f8dI2aAHciYHjkcFQ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIyMTkxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmM1YTNmMGM0NWIzZjc2OGJlNTg0NWU0YTUyOWM1OTZhMDY0ZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1DKvJ7vn7tQBcH0CxXY/tLXG2WK
QFP6mGpuhZHm4Zp5JmY3lZDYqQhjGXtJqVSaByrHOYCs8Y5RpPANxhywB8nukvDK
aAPtEPxqNO2tvHG+HqM7g9TPzdP1WE8P7EucD7jWEDbKul7lwxwoFRXKTlmk3P9P
y5gNTqN2xgy7bMqO5cx8gSuHn+6gp5vp6vMRXf9RJUYdLM6shPVKwBUKlPg5YCPF
4NOPGU67gpZ99zGYrJpiSkyOyFHNisZO7xwyM+OeALp380OS3La/Y4cXCZiw7JNF
AUhnHIeGkokzNG1qFxs3aEPp9dJa1g6uW5Df+YBvsfQd+N3X9dt7JHJ3EQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL/Fo/DEWz92i+WEXkpSnFlqBk8nMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvdjhXajhNUmJQM2FMNVlSZVNsS2NXV29HVHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAusQy8raZZbonlcvE/M
Mt3yHgtNKukxhEsSsfUKrC5FU04U+CkJ8z6atf+QnM4wKU58rHyiADJsUZSTmyif
IBTPkgOWrjoIBC7cyoSR3bUmmoVfNX/GqywQf4D+wPsP2ZahVi++SU5VK1cqGO7K
fRZhE1byX8LKrQHWWC4rOhIBODroBqU/5gTyEzB7QbbuNYsO6lz6wzMC9F3CJeM0
MzrCFfwEy3km2ozd2DRlVSMPQFhTt9HJxbnkVg+OXBHTSZ7LZoPQdIlkIjlOMmrb
rou0OF6ynqC10lQI8GKlHf68ychND8phq6uEQOc8zHrjqTGymzNncEwQZFfcJ5xY
LDU=
-----END CERTIFICATE-----
Generated at Sat May 10 16:49:36 2025 by rpki-client