Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/FQgDLJOSuKw6n0qoSTvyhTrym1o.roa
File: FQgDLJOSuKw6n0qoSTvyhTrym1o.roa (raw, json)
Hash identifier: U/j57Qy13goBCG05mnpBPf3N84I61UEUcaNY16gYQ9M=
Subject key identifier: 15:08:03:2C:93:92:B8:AC:3A:9F:4A:A8:49:3B:F2:85:3A:F2:9B:5A
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5B1F1C8DCC2EC05B5B50BE9133BA0941
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/FQgDLJOSuKw6n0qoSTvyhTrym1o.roa
Signing time: Thu 09 May 2024 02:11:56 +0000
ROA not before: Thu 09 May 2024 02:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5b:1f:1c:8d:cc:2e:c0:5b:5b:50:be:91:33:ba:09:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 9 02:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1508032c9392b8ac3a9f4aa8493bf2853af29b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:20:f2:78:b9:d8:9b:fa:d2:10:f8:1d:5a:43:
06:14:7f:7b:f9:da:ab:7d:b2:ef:cc:09:81:82:81:
b0:93:bd:8b:9b:bf:83:6d:4d:bc:4e:b5:d4:37:e8:
a4:c2:ac:c6:e0:b4:c2:32:1b:d8:d2:6e:e9:b6:b7:
8e:50:e9:2d:d0:08:cf:aa:58:2c:2b:80:a2:2e:e7:
6d:b1:10:e9:3b:53:c3:42:7a:db:4a:d5:53:59:7e:
53:77:eb:cb:68:98:10:60:fa:0f:bd:a2:f1:b9:80:
37:8c:df:5e:cc:96:da:a6:69:be:4b:bd:d3:55:2d:
5c:4f:78:1d:a0:14:8e:6b:db:a5:f5:67:11:af:56:
dc:5c:e8:1c:5e:ca:f1:c0:83:a9:67:c8:97:92:41:
48:d3:ec:5a:95:63:e7:64:11:d0:39:30:35:42:7d:
4e:e6:54:1a:c1:76:7e:18:d6:86:6c:ff:44:23:6c:
85:3b:36:71:da:a7:e5:4f:67:af:27:74:b5:25:5e:
30:07:75:f8:1a:8c:7d:3f:bf:61:1a:9b:a3:d3:35:
0e:76:6e:a0:5f:ca:8b:04:fa:7f:6b:de:00:8c:4a:
7f:00:dc:ff:78:a8:07:fb:0b:b7:83:14:00:a9:f4:
94:e7:ee:8c:df:34:3c:e8:db:5d:1d:c8:07:61:ce:
6d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:08:03:2C:93:92:B8:AC:3A:9F:4A:A8:49:3B:F2:85:3A:F2:9B:5A
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/FQgDLJOSuKw6n0qoSTvyhTrym1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b7:53:bc:2e:17:7a:31:a7:9d:58:9d:db:b9:01:e9:15:a2:85:
c0:d2:6f:44:ea:fb:66:43:ba:5c:2e:32:fd:95:bf:9b:de:00:
fc:e4:7e:36:1e:cc:17:a4:b1:56:10:ad:87:69:28:6f:90:9f:
7e:ee:4e:78:30:8c:3a:54:c9:e1:8e:97:0a:74:d6:9c:e5:02:
ff:04:1d:a4:ae:ce:92:bc:de:ee:bb:52:3b:f0:42:de:6f:7c:
d6:d0:fb:7b:d1:78:2d:2d:9d:0f:69:ca:37:8a:f6:37:bb:fb:
45:1c:5e:ac:90:ca:88:3c:26:53:0c:38:d8:7c:ec:6f:44:7e:
da:c1:06:46:ef:8a:8e:26:45:53:ba:53:87:58:de:33:53:d8:
72:35:6e:00:eb:95:1b:13:77:91:8b:52:a9:2e:a7:89:a3:c0:
bb:5e:71:c1:02:33:b9:8f:57:d4:60:da:4d:fb:8f:c3:05:ca:
98:0f:11:25:5b:bf:f8:0f:2b:fd:4e:7e:7e:83:f1:a3:04:eb:
7b:b3:da:f4:4b:db:11:8d:14:5e:fb:65:f1:3d:41:4c:ec:f5:
ed:be:a6:d5:5a:4e:e2:f0:60:3f:be:9a:a8:b1:7d:9b:e5:9d:
00:af:55:32:ce:94:bd:aa:33:75:ea:08:33:8c:bf:c9:f0:6f:
7b:01:bb:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9bHxyNzC7AW1tQvpEzuglBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA5MDIxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTA4MDMyYzkzOTJiOGFjM2E5ZjRhYTg0OTNiZjI4NTNhZjI5YjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCDyeLnYm/rSEPgdWkMGFH97+dqr
fbLvzAmBgoGwk72Lm7+DbU28TrXUN+ikwqzG4LTCMhvY0m7ptreOUOkt0AjPqlgs
K4CiLudtsRDpO1PDQnrbStVTWX5Td+vLaJgQYPoPvaLxuYA3jN9ezJbapmm+S73T
VS1cT3gdoBSOa9ul9WcRr1bcXOgcXsrxwIOpZ8iXkkFI0+xalWPnZBHQOTA1Qn1O
5lQawXZ+GNaGbP9EI2yFOzZx2qflT2evJ3S1JV4wB3X4Gox9P79hGpuj0zUOdm6g
X8qLBPp/a94AjEp/ANz/eKgH+wu3gxQAqfSU5+6M3zQ86NtdHcgHYc5tTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBUIAyyTkrisOp9KqEk78oU68ptaMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvRlFnRExKT1N1S3c2bjBxb1NUdnloVHJ5bTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALdTvC4XejGnnVid27kB
6RWihcDSb0Tq+2ZDulwuMv2Vv5veAPzkfjYezBeksVYQrYdpKG+Qn37uTngwjDpU
yeGOlwp01pzlAv8EHaSuzpK83u67UjvwQt5vfNbQ+3vReC0tnQ9pyjeK9je7+0Uc
XqyQyog8JlMMONh87G9EftrBBkbvio4mRVO6U4dY3jNT2HI1bgDrlRsTd5GLUqku
p4mjwLteccECM7mPV9Rg2k37j8MFypgPESVbv/gPK/1Ofn6D8aME63uz2vRL2xGN
FF77ZfE9QUzs9e2+ptVaTuLwYD++mqixfZvlnQCvVTLOlL2qM3XqCDOMv8nwb3sB
uwQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:06 2025 by rpki-client