Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/1-ffiNQExVDzQvxa6PGM-QbMZXBU.roa
File: 1-ffiNQExVDzQvxa6PGM-QbMZXBU.roa (raw, json)
Hash identifier: 6F7N8AhIoCbfW1KJLAGiG0MfunEnd9hp8M0CbeRGfo0=
Subject key identifier: F9:F7:E2:35:01:31:54:3C:D0:BF:16:BA:3C:63:3E:41:B3:19:5C:15
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F965B1C740AA28223A3E1724A3D383D7D
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/1-ffiNQExVDzQvxa6PGM-QbMZXBU.roa
Signing time: Mon 20 May 2024 14:15:04 +0000
ROA not before: Mon 20 May 2024 14:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:96:5b:1c:74:0a:a2:82:23:a3:e1:72:4a:3d:38:3d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 20 14:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9f7e2350131543cd0bf16ba3c633e41b3195c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:48:b5:19:58:48:90:27:1a:f0:f2:56:e3:b8:
d3:38:74:f1:96:69:b4:93:f1:0c:63:8e:f0:c0:ca:
b3:6f:0f:99:b2:b8:15:0f:37:53:aa:e8:49:c0:9f:
9b:2d:0d:2e:3d:cd:5d:0e:87:59:94:d0:7e:87:f3:
88:fb:c4:1d:59:a9:c7:18:2b:0c:b2:63:d9:86:52:
1d:82:81:4a:33:c6:a8:12:5c:b5:4d:67:f7:35:93:
e2:c6:a0:61:4b:c6:2e:2b:7d:7e:0a:f1:b2:6b:0b:
02:1a:59:31:50:27:de:83:94:e5:34:ec:88:b7:61:
47:32:e6:2b:f9:62:2f:82:d4:fb:c2:34:fa:5d:16:
20:fc:7b:91:e6:6f:d5:15:02:8a:99:40:73:8e:75:
ee:6d:e5:ff:1e:a4:fb:35:93:81:c4:f7:6a:07:e9:
81:6f:21:1f:8e:52:51:6c:6c:df:5f:ae:56:7d:c3:
7d:fb:ae:16:2b:08:70:15:4b:bd:5d:79:de:32:7a:
b6:41:5b:3d:65:bc:c7:2a:3a:02:69:94:8c:ea:e0:
8d:dd:99:47:f4:91:29:cc:50:f9:0d:26:0c:7f:01:
d4:f5:2e:18:19:2e:81:f2:00:10:77:8b:69:dd:47:
a5:fb:52:ef:03:60:8a:29:8f:0f:0c:7a:b7:40:6f:
dc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F7:E2:35:01:31:54:3C:D0:BF:16:BA:3C:63:3E:41:B3:19:5C:15
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/1-ffiNQExVDzQvxa6PGM-QbMZXBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:09:a5:10:8d:8b:12:2a:84:2a:20:64:ae:93:ce:5c:fe:01:
9e:79:b2:0f:d8:16:8e:e0:db:25:54:cd:6b:15:c0:eb:f9:64:
f2:33:86:94:91:c3:7c:93:52:fd:f1:e4:90:99:5e:8e:0f:5c:
04:31:89:a4:97:82:22:77:09:81:93:a3:86:86:cc:16:a5:ae:
69:2c:06:25:95:0b:38:05:20:25:b7:33:89:ef:61:aa:d5:ee:
d6:a1:31:fe:1c:0f:c5:4a:d8:9c:a3:d3:aa:f6:4c:0b:3f:91:
c4:f1:d2:59:8a:04:84:18:78:f6:29:4e:ae:fc:29:dd:c4:83:
86:88:cd:65:c8:f7:c2:b8:0f:ee:2a:fa:16:78:d9:5f:6e:0b:
21:2b:a8:5e:05:56:3a:30:44:1d:bf:41:e3:49:e7:51:92:61:
77:c7:1d:2e:4b:f9:61:62:1b:7f:a4:85:c7:f6:c9:fd:1c:90:
bc:59:fd:ba:4c:32:51:1c:79:fb:32:9a:7a:ef:af:fc:9b:e8:
00:29:bd:2b:0a:4e:76:79:59:d5:e4:3d:fe:ef:f9:31:fb:3c:
5f:c0:8b:e8:51:ef:ef:8d:f4:40:6b:77:e4:ca:1b:00:e8:fa:
6e:f3:b8:0c:8c:d8:2f:ec:c1:84:aa:56:32:31:75:3a:9c:b3:
31:3d:79:b2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY+WWxx0CqKCI6Phcko9OD19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIwMTQxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWY3ZTIzNTAxMzE1NDNjZDBiZjE2YmEzYzYzM2U0MWIzMTk1YzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUi1GVhIkCca8PJW47jTOHTxlmm0
k/EMY47wwMqzbw+ZsrgVDzdTquhJwJ+bLQ0uPc1dDodZlNB+h/OI+8QdWanHGCsM
smPZhlIdgoFKM8aoEly1TWf3NZPixqBhS8YuK31+CvGyawsCGlkxUCfeg5TlNOyI
t2FHMuYr+WIvgtT7wjT6XRYg/HuR5m/VFQKKmUBzjnXubeX/HqT7NZOBxPdqB+mB
byEfjlJRbGzfX65WfcN9+64WKwhwFUu9XXneMnq2QVs9ZbzHKjoCaZSM6uCN3ZlH
9JEpzFD5DSYMfwHU9S4YGS6B8gAQd4tp3Uel+1LvA2CKKY8PDHq3QG/c4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPn34jUBMVQ80L8WujxjPkGzGVwVMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvMS1mZmlOUUV4VkR6UXZ4YTZQR00tUWJNWlhCVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmUvZDg5MDI1LWQ2ZjMtNDg5MS05ZDg2LWQxMmYwMzlkYjJj
OS8xL3NyN0VHOUx6c1huZUNWRkRCbE1MMF91c2NIcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQBxCaUQjYsSKoQqIGSu
k85c/gGeebIP2BaO4NslVM1rFcDr+WTyM4aUkcN8k1L98eSQmV6OD1wEMYmkl4Ii
dwmBk6OGhswWpa5pLAYllQs4BSAltzOJ72Gq1e7WoTH+HA/FStico9Oq9kwLP5HE
8dJZigSEGHj2KU6u/CndxIOGiM1lyPfCuA/uKvoWeNlfbgshK6heBVY6MEQdv0Hj
SedRkmF3xx0uS/lhYht/pIXH9sn9HJC8Wf26TDJRHHn7Mpp676/8m+gAKb0rCk52
eVnV5D3+7/kx+zxfwIvoUe/vjfRAa3fkyhsA6Ppu87gMjNgv7MGEqlYyMXU6nLMx
PXmy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:06 2025 by rpki-client