Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/_I7CTJXuGmrY7ABC5qv7p8cUEmM.roa
File: _I7CTJXuGmrY7ABC5qv7p8cUEmM.roa (raw, json)
Hash identifier: 3RE0qazEv56Xs0mwW50FwpwDyAuhKKgdCnwgogB8nac=
Subject key identifier: FC:8E:C2:4C:95:EE:1A:6A:D8:EC:00:42:E6:AB:FB:A7:C7:14:12:63
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F85669945A6430BECEC45BBC68233597F
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/_I7CTJXuGmrY7ABC5qv7p8cUEmM.roa
Signing time: Fri 17 May 2024 07:14:04 +0000
ROA not before: Fri 17 May 2024 07:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:85:66:99:45:a6:43:0b:ec:ec:45:bb:c6:82:33:59:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 17 07:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc8ec24c95ee1a6ad8ec0042e6abfba7c7141263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:09:72:e3:03:42:42:36:75:9e:06:5d:f1:a1:
09:61:de:27:25:c3:11:b6:b4:f1:c9:83:e6:ba:ed:
3b:7a:8e:49:69:e5:51:b3:f9:04:2e:74:23:f8:90:
c4:7b:50:cf:68:9e:8d:2a:ea:53:6f:fa:7d:02:51:
6e:b6:4c:d8:ce:84:ae:84:54:50:d6:c1:77:0e:bc:
8a:11:54:d2:9e:92:e1:3c:14:49:f3:1f:e4:e3:78:
bf:9f:78:11:82:1d:ab:95:d8:5f:71:96:ca:0b:3c:
0f:72:0c:f8:4c:9a:5b:cd:1b:63:61:a3:cd:f2:30:
51:a2:9d:d8:5f:30:73:76:c0:0e:69:22:fd:7d:21:
99:e4:36:fa:d5:69:7d:a0:49:0c:90:e3:a5:6d:2b:
32:8e:86:8c:81:36:65:89:6a:65:14:b6:0c:37:fc:
75:94:b0:50:33:61:bd:c4:2d:26:16:67:3b:4c:8f:
65:64:fc:b6:3e:a1:3d:42:0f:dc:97:6e:00:05:c2:
11:9b:e5:fd:45:a4:fb:41:e8:fe:50:85:65:26:96:
d5:71:4a:6c:7d:7d:23:b2:2c:0b:96:77:dc:ca:8c:
5c:3f:cb:9c:88:29:52:ee:b6:bf:03:ac:33:81:e3:
ab:d6:63:a0:a4:9c:66:da:1b:cf:01:3d:e3:5d:c9:
45:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:8E:C2:4C:95:EE:1A:6A:D8:EC:00:42:E6:AB:FB:A7:C7:14:12:63
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/_I7CTJXuGmrY7ABC5qv7p8cUEmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bc:a8:8c:15:39:66:d8:96:13:ef:56:7c:af:71:9d:c1:72:5a:
87:46:6f:84:c3:ab:b8:02:45:e1:12:1d:f4:22:a1:de:8e:61:
ac:63:42:50:19:2a:5b:83:51:df:3a:e8:70:ca:c5:1b:8b:69:
39:93:cb:8f:6e:21:4c:0a:6b:06:0a:4c:a1:27:40:ef:15:45:
25:a6:c5:e7:3d:f3:01:8b:2f:22:59:46:c2:8d:c0:13:95:ed:
3c:8b:8b:b4:96:9a:f3:bc:d2:c5:28:e1:e3:07:93:ee:56:81:
36:08:64:99:82:1e:2e:7c:a1:94:d9:a0:27:74:62:f6:9e:d8:
ea:8e:cc:b6:f5:88:1f:5e:b8:45:d0:33:fa:f1:2a:7c:be:6e:
a2:43:9f:5b:31:c9:a7:4d:29:6b:06:e5:73:18:de:3a:9b:82:
fb:38:cf:86:ab:64:00:34:03:18:20:23:5d:db:f3:83:87:c1:
9f:63:36:f4:4d:71:05:1f:4e:14:b5:7e:dd:ba:7d:52:b9:6b:
fe:78:d9:45:f9:9f:9d:7d:f2:09:15:19:e6:5f:b7:9d:c0:28:
54:36:aa:f1:5d:ea:b9:82:5b:0a:bd:ea:0b:7e:d6:77:2b:59:
07:7a:b8:82:dd:b8:7d:7a:b3:dd:6c:16:a1:09:26:4c:0f:35:
5e:e8:4a:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+FZplFpkML7OxFu8aCM1l/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE3MDcxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzhlYzI0Yzk1ZWUxYTZhZDhlYzAwNDJlNmFiZmJhN2M3MTQxMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAly4wNCQjZ1ngZd8aEJYd4nJcMR
trTxyYPmuu07eo5JaeVRs/kELnQj+JDEe1DPaJ6NKupTb/p9AlFutkzYzoSuhFRQ
1sF3DryKEVTSnpLhPBRJ8x/k43i/n3gRgh2rldhfcZbKCzwPcgz4TJpbzRtjYaPN
8jBRop3YXzBzdsAOaSL9fSGZ5Db61Wl9oEkMkOOlbSsyjoaMgTZliWplFLYMN/x1
lLBQM2G9xC0mFmc7TI9lZPy2PqE9Qg/cl24ABcIRm+X9RaT7Qej+UIVlJpbVcUps
fX0jsiwLlnfcyoxcP8uciClS7ra/A6wzgeOr1mOgpJxm2hvPAT3jXclFfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPyOwkyV7hpq2OwAQuar+6fHFBJjMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvX0k3Q1RKWHVHbXJZN0FCQzVxdjdwOGNVRW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALyojBU5ZtiWE+9WfK9x
ncFyWodGb4TDq7gCReESHfQiod6OYaxjQlAZKluDUd866HDKxRuLaTmTy49uIUwK
awYKTKEnQO8VRSWmxec98wGLLyJZRsKNwBOV7TyLi7SWmvO80sUo4eMHk+5WgTYI
ZJmCHi58oZTZoCd0Yvae2OqOzLb1iB9euEXQM/rxKny+bqJDn1sxyadNKWsG5XMY
3jqbgvs4z4arZAA0AxggI13b84OHwZ9jNvRNcQUfThS1ft26fVK5a/542UX5n519
8gkVGeZft53AKFQ2qvFd6rmCWwq96gt+1ncrWQd6uILduH16s91sFqEJJkwPNV7o
Sgw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:39 2025 by rpki-client