Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fRHqhpO2-TMCxmHX7kkTHxdhlv4.roa
File: fRHqhpO2-TMCxmHX7kkTHxdhlv4.roa (raw, json)
Hash identifier: hI4kuN0q8bcwC6SsbkuKCAmcTua2l5Jxj28mNCqFNcI=
Subject key identifier: 7D:11:EA:86:93:B6:F9:33:02:C6:61:D7:EE:49:13:1F:17:61:96:FE
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F494FC952995856F1D70252EE091F045D
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fRHqhpO2-TMCxmHX7kkTHxdhlv4.roa
Signing time: Sun 05 May 2024 15:11:56 +0000
ROA not before: Sun 05 May 2024 15:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:49:4f:c9:52:99:58:56:f1:d7:02:52:ee:09:1f:04:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 5 15:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d11ea8693b6f93302c661d7ee49131f176196fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:76:7b:78:f2:82:54:45:e2:90:f3:e7:9e:21:
99:07:38:21:63:bb:3e:c8:dc:95:c3:ee:a1:de:35:
65:2e:4b:29:46:74:5d:ac:a6:88:c6:5b:8e:0c:44:
37:3a:95:50:9e:82:ac:a4:87:5c:ad:37:76:00:55:
d2:6c:28:43:f0:8f:ec:4d:da:04:cf:b2:cf:a9:28:
ff:53:2a:f7:d3:d0:2b:61:f5:0f:49:d3:14:10:79:
77:a0:f6:ac:21:dd:72:95:b7:70:a9:23:f2:60:6e:
16:1c:ad:64:3c:5e:85:c0:be:78:ee:0b:f9:fb:e5:
31:b2:24:a8:34:59:4b:46:ac:1d:62:e0:0a:fb:78:
fb:51:30:1e:c5:f3:30:de:98:90:f6:b7:f2:1e:02:
91:af:57:a3:df:20:7c:82:65:18:48:1f:9c:f9:75:
f8:85:43:92:5d:a4:4f:14:5b:e2:d0:24:61:41:ff:
5d:3a:9a:af:16:18:7a:96:ce:a2:d4:03:94:b5:c6:
32:f9:60:71:92:91:87:28:35:1f:4e:bc:41:ca:8a:
cf:51:cb:6e:91:e7:96:e4:1c:79:45:eb:8f:e5:cf:
00:0d:f2:9e:7d:ea:0e:da:a1:a2:37:d7:5d:ab:dc:
7b:42:4a:ae:e6:33:df:e6:63:a7:58:8d:58:18:db:
6c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:11:EA:86:93:B6:F9:33:02:C6:61:D7:EE:49:13:1F:17:61:96:FE
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fRHqhpO2-TMCxmHX7kkTHxdhlv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:ff:cd:1c:de:55:7c:3b:dc:00:52:6a:54:6b:f4:ab:23:d6:
62:fe:e9:65:e0:a0:7c:ce:94:3c:45:30:c4:18:82:76:ba:2e:
30:46:6a:05:df:3b:1e:a0:40:36:ca:5b:80:86:42:f4:dd:c0:
77:f0:02:f5:9e:74:30:55:18:fb:0d:58:59:85:fb:20:6e:f3:
96:7f:75:8b:24:c4:f3:a1:74:35:15:73:5e:f6:6e:64:55:dd:
01:e0:76:e1:ad:9c:aa:5e:a8:6f:fa:19:b4:31:9f:de:8c:45:
55:13:1f:58:63:37:e6:15:cb:41:f9:5e:69:4e:95:f3:65:29:
ee:ca:50:c5:3e:ca:59:2e:e2:e4:31:1d:bc:3e:4f:a0:a4:0b:
dd:96:fd:8e:9e:80:b9:a7:ee:04:35:61:b5:d9:fc:93:49:a8:
1b:21:2d:82:03:3d:a5:08:76:59:33:21:69:4a:a7:00:20:e0:
85:e6:39:73:36:4f:db:19:96:5d:62:95:67:10:d8:91:dc:78:
1a:61:5c:c5:bf:bc:dd:c9:30:a3:13:33:a2:55:9e:01:07:02:
bf:97:1e:84:f4:99:28:8c:0f:3c:99:f0:af:34:dc:96:4c:41:
c2:5c:fa:e1:46:ae:00:ad:66:5b:22:88:2b:fd:fb:d4:eb:4b:
32:31:ea:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9JT8lSmVhW8dcCUu4JHwRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA1MTUxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDExZWE4NjkzYjZmOTMzMDJjNjYxZDdlZTQ5MTMxZjE3NjE5NmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43Z7ePKCVEXikPPnniGZBzghY7s+
yNyVw+6h3jVlLkspRnRdrKaIxluODEQ3OpVQnoKspIdcrTd2AFXSbChD8I/sTdoE
z7LPqSj/Uyr309ArYfUPSdMUEHl3oPasId1ylbdwqSPyYG4WHK1kPF6FwL547gv5
++UxsiSoNFlLRqwdYuAK+3j7UTAexfMw3piQ9rfyHgKRr1ej3yB8gmUYSB+c+XX4
hUOSXaRPFFvi0CRhQf9dOpqvFhh6ls6i1AOUtcYy+WBxkpGHKDUfTrxByorPUctu
keeW5Bx5ReuP5c8ADfKefeoO2qGiN9ddq9x7Qkqu5jPf5mOnWI1YGNtsaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH0R6oaTtvkzAsZh1+5JEx8XYZb+MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZlJIcWhwTzItVE1DeG1IWDdra1RIeGRobHY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH7/zRzeVXw73ABSalRr
9Ksj1mL+6WXgoHzOlDxFMMQYgna6LjBGagXfOx6gQDbKW4CGQvTdwHfwAvWedDBV
GPsNWFmF+yBu85Z/dYskxPOhdDUVc172bmRV3QHgduGtnKpeqG/6GbQxn96MRVUT
H1hjN+YVy0H5XmlOlfNlKe7KUMU+ylku4uQxHbw+T6CkC92W/Y6egLmn7gQ1YbXZ
/JNJqBshLYIDPaUIdlkzIWlKpwAg4IXmOXM2T9sZll1ilWcQ2JHceBphXMW/vN3J
MKMTM6JVngEHAr+XHoT0mSiMDzyZ8K803JZMQcJc+uFGrgCtZlsiiCv9+9TrSzIx
6tw=
-----END CERTIFICATE-----
Generated at Sun Jul 27 15:03:14 2025 by rpki-client