Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/y8x6SrBdMh6WhwpJtk7HCRyEMuM.roa
File: y8x6SrBdMh6WhwpJtk7HCRyEMuM.roa (raw, json)
Hash identifier: 96tk2F8kvb/Glc/IM0hIvWC8KG0daoydcRRvG2yd//8=
Subject key identifier: CB:CC:7A:4A:B0:5D:32:1E:96:87:0A:49:B6:4E:C7:09:1C:84:32:E3
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA0DC99B07BDC70E0FA13F58D8604B1D9
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/y8x6SrBdMh6WhwpJtk7HCRyEMuM.roa
Signing time: Wed 22 May 2024 15:12:42 +0000
ROA not before: Wed 22 May 2024 15:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:dc:99:b0:7b:dc:70:e0:fa:13:f5:8d:86:04:b1:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 22 15:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbcc7a4ab05d321e96870a49b64ec7091c8432e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cd:d0:c3:93:ee:5a:6b:d4:49:42:f0:8c:0d:
29:c8:24:c8:8d:9f:60:42:76:c8:3f:02:63:87:59:
f1:29:89:9d:f1:e9:3b:97:e7:c0:77:44:e6:9a:cb:
b4:31:ff:bb:14:b4:22:94:26:eb:ae:28:32:a4:67:
3f:0f:91:7f:d0:b1:15:cc:8a:68:1e:6e:55:bb:ab:
03:01:12:4f:88:01:e8:67:d6:d6:73:08:d3:f5:e1:
6a:15:56:42:41:ea:90:42:83:ed:3c:97:cc:b1:e1:
0c:dd:28:88:46:51:79:7e:11:91:cd:f4:46:21:35:
73:44:24:2a:43:29:f5:33:00:5f:1b:69:f1:63:43:
67:96:56:63:f1:9c:20:df:7a:81:32:30:9c:83:be:
d6:f3:ee:6a:88:c4:91:a4:b3:b5:63:54:c9:d9:e0:
3d:d2:da:52:5e:29:6f:e5:ad:b4:32:7b:2e:07:cf:
a9:cd:36:cc:1b:0f:cb:ce:cd:1f:ff:65:20:c6:ce:
79:bd:2f:73:8e:9a:ff:2b:09:70:7d:e1:ef:94:1f:
c1:28:d5:01:a2:9b:7a:d7:bc:91:be:55:78:00:ea:
94:48:88:cd:38:a7:d4:92:35:c2:68:18:ad:ce:5d:
21:fe:12:83:69:72:8e:ba:00:3f:45:14:0d:f0:03:
e9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:CC:7A:4A:B0:5D:32:1E:96:87:0A:49:B6:4E:C7:09:1C:84:32:E3
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/y8x6SrBdMh6WhwpJtk7HCRyEMuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:c6:a3:97:cb:09:ab:86:14:cc:16:03:7f:a7:cf:ea:89:e3:
a5:0d:15:86:78:44:5f:31:e5:96:8c:e3:7f:c6:b7:ef:b1:93:
2c:7a:5c:9e:49:bb:b0:c4:1b:36:0d:3f:bb:d1:b6:a6:9b:02:
03:ea:59:c7:48:cd:f4:85:15:bf:1c:85:25:21:23:00:9b:c8:
9a:87:e2:b7:03:14:cd:2a:99:7e:87:55:8c:dc:52:0f:50:ff:
05:a2:a9:f2:e7:60:c7:ed:98:b7:46:2a:ed:ff:f1:b4:10:7c:
1e:65:3b:d4:6b:b3:eb:59:d7:c5:d9:24:56:97:f6:21:cb:86:
3d:be:aa:c7:34:88:a9:8d:c7:4b:5f:69:fa:7c:16:30:12:07:
f8:23:27:cd:fb:36:33:7a:f5:96:f7:00:64:64:56:fb:f0:9b:
98:cd:10:2d:3f:4b:6d:35:02:7e:99:f9:b7:45:f1:33:ed:fd:
e0:d3:48:13:5e:07:3a:7d:78:df:0c:bc:5c:81:db:4b:18:17:
53:72:8a:49:b7:28:8a:16:2b:95:4a:c0:e0:4d:88:5d:50:f1:
8c:25:4d:59:fa:d7:fa:5e:9f:fb:a0:d8:84:52:45:15:b6:7c:
fa:9b:5d:a8:f7:2b:9b:c1:94:2f:66:01:c9:d5:c0:e0:92:c8:
1b:b9:1d:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+g3Jmwe9xw4PoT9Y2GBLHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIyMTUxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmNjN2E0YWIwNWQzMjFlOTY4NzBhNDliNjRlYzcwOTFjODQzMmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvs3Qw5PuWmvUSULwjA0pyCTIjZ9g
QnbIPwJjh1nxKYmd8ek7l+fAd0Tmmsu0Mf+7FLQilCbrrigypGc/D5F/0LEVzIpo
Hm5Vu6sDARJPiAHoZ9bWcwjT9eFqFVZCQeqQQoPtPJfMseEM3SiIRlF5fhGRzfRG
ITVzRCQqQyn1MwBfG2nxY0NnllZj8Zwg33qBMjCcg77W8+5qiMSRpLO1Y1TJ2eA9
0tpSXilv5a20MnsuB8+pzTbMGw/Lzs0f/2Ugxs55vS9zjpr/KwlwfeHvlB/BKNUB
opt617yRvlV4AOqUSIjNOKfUkjXCaBitzl0h/hKDaXKOugA/RRQN8APpiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMvMekqwXTIelocKSbZOxwkchDLjMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEveTh4NlNyQmRNaDZXaHdwSnRrN0hDUnlFTXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI3Go5fLCauGFMwWA3+n
z+qJ46UNFYZ4RF8x5ZaM43/Gt++xkyx6XJ5Ju7DEGzYNP7vRtqabAgPqWcdIzfSF
Fb8chSUhIwCbyJqH4rcDFM0qmX6HVYzcUg9Q/wWiqfLnYMftmLdGKu3/8bQQfB5l
O9Rrs+tZ18XZJFaX9iHLhj2+qsc0iKmNx0tfafp8FjASB/gjJ837NjN69Zb3AGRk
Vvvwm5jNEC0/S201An6Z+bdF8TPt/eDTSBNeBzp9eN8MvFyB20sYF1Nyikm3KIoW
K5VKwOBNiF1Q8YwlTVn61/pen/ug2IRSRRW2fPqbXaj3K5vBlC9mAcnVwOCSyBu5
HUU=
-----END CERTIFICATE-----
Generated at Sun May 11 22:03:17 2025 by rpki-client