Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/gqFbTyfAqlXsxnXYL39RgSRl4fA.roa
File: gqFbTyfAqlXsxnXYL39RgSRl4fA.roa (raw, json)
Hash identifier: WI913LqPOvmc2njuz6ON1jUVUUmKhNNx+EPwESpzqdU=
Subject key identifier: 82:A1:5B:4F:27:C0:AA:55:EC:C6:75:D8:2F:7F:51:81:24:65:E1:F0
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F73CADD2283D231B98F50C767D4ADB820
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/gqFbTyfAqlXsxnXYL39RgSRl4fA.roa
Signing time: Mon 13 May 2024 21:10:25 +0000
ROA not before: Mon 13 May 2024 21:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:73:ca:dd:22:83:d2:31:b9:8f:50:c7:67:d4:ad:b8:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 13 21:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82a15b4f27c0aa55ecc675d82f7f51812465e1f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:f6:66:b3:90:56:65:3c:c7:42:fa:ff:e1:20:
4a:5f:a1:62:0e:f3:4d:ca:4f:cf:ee:57:08:22:c7:
f4:d4:63:37:d0:52:e4:81:36:2f:bc:45:a6:9c:9b:
06:4c:72:ae:b8:d7:48:5d:8b:90:f7:af:4e:dd:35:
39:7b:e6:24:b0:01:a0:74:1a:87:fa:11:b8:66:94:
93:e2:ff:f8:87:7a:3c:af:21:36:84:cb:e0:e5:2f:
0c:78:e2:34:7e:88:96:33:97:86:88:fb:47:a0:00:
f8:8a:fe:6f:02:ad:68:9a:89:e1:63:0c:1e:e1:b4:
90:ec:50:71:a2:6a:88:ef:fb:72:d9:b6:92:5a:9c:
8b:aa:e0:99:11:61:0f:59:0b:6d:28:96:ab:f1:2b:
2e:9e:ee:57:75:65:08:46:48:30:85:4d:27:47:b9:
2f:0c:93:03:58:c7:80:ba:15:01:ef:09:10:e6:81:
d8:d9:bb:73:f2:c8:5a:61:b0:f0:8e:61:58:84:b5:
6e:69:92:71:35:d9:ea:ff:01:b2:aa:08:b0:0a:fe:
ba:54:63:b8:06:16:43:8e:ce:9e:fa:09:8f:da:89:
87:41:e9:47:83:b1:04:54:16:03:9d:72:d2:94:ce:
ab:b4:af:ce:a8:75:8b:75:43:0b:37:cb:e2:5c:16:
20:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A1:5B:4F:27:C0:AA:55:EC:C6:75:D8:2F:7F:51:81:24:65:E1:F0
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/gqFbTyfAqlXsxnXYL39RgSRl4fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cf:56:53:65:37:a7:56:c1:1a:1d:ea:b2:5a:27:e9:6f:90:29:
84:55:2b:ff:a0:b1:1b:b6:e7:59:58:02:98:9c:d3:86:7c:3e:
29:b6:cc:91:e1:c8:6d:11:5a:53:cd:19:c3:27:6e:53:9b:0c:
dc:14:69:ed:e1:7c:e2:8b:d1:91:46:55:98:1b:e2:d5:62:fc:
06:11:16:3d:45:54:d0:bc:f3:2d:0b:72:65:5a:cd:62:e0:de:
d1:1a:7a:88:33:ba:99:1e:50:13:c4:05:9f:22:35:69:fc:d3:
0c:f4:2d:65:17:3b:db:58:9d:4c:16:99:d2:5c:a8:75:9f:dc:
bc:a2:24:06:c0:03:0b:92:bb:f0:cb:25:a7:cc:12:b2:83:55:
77:c5:74:1b:e1:85:eb:2e:ee:19:e0:15:c1:6b:97:11:f0:c3:
fc:49:38:81:27:4e:50:ad:d9:3a:c9:de:15:41:f1:d5:4b:1a:
4d:b7:14:90:29:cb:c6:fa:18:46:6d:61:67:1f:04:3c:e4:b6:
3c:82:e9:66:13:71:0d:ca:a7:34:a7:52:cd:85:57:c4:fa:90:
ca:8c:41:94:24:00:35:92:11:22:90:b6:82:94:76:a4:76:f0:
2f:6a:e9:2b:72:86:53:b1:1b:e9:4b:60:7d:04:02:f1:73:56:
a8:d9:29:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9zyt0ig9IxuY9Qx2fUrbggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEzMjExMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmExNWI0ZjI3YzBhYTU1ZWNjNjc1ZDgyZjdmNTE4MTI0NjVlMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vZms5BWZTzHQvr/4SBKX6FiDvNN
yk/P7lcIIsf01GM30FLkgTYvvEWmnJsGTHKuuNdIXYuQ969O3TU5e+YksAGgdBqH
+hG4ZpST4v/4h3o8ryE2hMvg5S8MeOI0foiWM5eGiPtHoAD4iv5vAq1omonhYwwe
4bSQ7FBxomqI7/ty2baSWpyLquCZEWEPWQttKJar8Ssunu5XdWUIRkgwhU0nR7kv
DJMDWMeAuhUB7wkQ5oHY2btz8shaYbDwjmFYhLVuaZJxNdnq/wGyqgiwCv66VGO4
BhZDjs6e+gmP2omHQelHg7EEVBYDnXLSlM6rtK/OqHWLdUMLN8viXBYgMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIKhW08nwKpV7MZ12C9/UYEkZeHwMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZ3FGYlR5ZkFxbFhzeG5YWUwzOVJnU1JsNGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAM9WU2U3p1bBGh3qslon
6W+QKYRVK/+gsRu251lYApic04Z8Pim2zJHhyG0RWlPNGcMnblObDNwUae3hfOKL
0ZFGVZgb4tVi/AYRFj1FVNC88y0LcmVazWLg3tEaeogzupkeUBPEBZ8iNWn80wz0
LWUXO9tYnUwWmdJcqHWf3LyiJAbAAwuSu/DLJafMErKDVXfFdBvhhesu7hngFcFr
lxHww/xJOIEnTlCt2TrJ3hVB8dVLGk23FJApy8b6GEZtYWcfBDzktjyC6WYTcQ3K
pzSnUs2FV8T6kMqMQZQkADWSESKQtoKUdqR28C9q6StyhlOxG+lLYH0EAvFzVqjZ
KbI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:37 2025 by rpki-client