Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/98c5d9-e2be-493b-8657-5e86006e20ae/1/_uzKcHUnRqCblBfJ7LQOWwPDs9E.roa
File: _uzKcHUnRqCblBfJ7LQOWwPDs9E.roa (raw, json)
Hash identifier: QtEg8CgvNKFjK8sDnq+KQm/gvMScP6wDUlBc5heZNlQ=
Subject key identifier: FE:EC:CA:70:75:27:46:A0:9B:94:17:C9:EC:B4:0E:5B:03:C3:B3:D1
Certificate issuer: /CN=de23f18c576d6fa609133533c0d0e38d7732c652
Certificate serial: 0194258F7CA55F7DA68551B2AE55E3A9CA26
Authority key identifier: DE:23:F1:8C:57:6D:6F:A6:09:13:35:33:C0:D0:E3:8D:77:32:C6:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3iPxjFdtb6YJEzUzwNDjjXcyxlI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/98c5d9-e2be-493b-8657-5e86006e20ae/1/_uzKcHUnRqCblBfJ7LQOWwPDs9E.roa
Signing time: Thu 02 Jan 2025 05:49:08 +0000
ROA not before: Thu 02 Jan 2025 05:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214008
IP address blocks: 64.190.21.0/24 maxlen: 24
2001:67c:f44::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:7c:a5:5f:7d:a6:85:51:b2:ae:55:e3:a9:ca:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de23f18c576d6fa609133533c0d0e38d7732c652
Validity
Not Before: Jan 2 05:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=feecca70752746a09b9417c9ecb40e5b03c3b3d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6c:d6:f4:b6:fa:28:17:14:0f:d4:28:0f:3a:
09:b5:6e:8b:96:07:a6:44:e8:0f:a1:35:03:52:49:
b1:fa:69:e2:d0:ee:c2:46:84:0a:85:97:a8:25:85:
fe:bf:36:c3:35:3b:90:09:9d:45:06:34:10:73:19:
42:75:05:34:2b:2c:19:04:13:38:58:b4:a8:d7:aa:
41:81:24:ce:01:f5:ee:62:bb:8c:95:5c:f9:fe:bf:
e3:a7:9b:2c:50:52:69:1a:c1:ad:93:02:38:7a:5f:
c6:0c:a0:a3:d2:03:13:b5:1d:33:24:c3:3c:31:2b:
57:e5:f8:dc:f1:a9:57:07:75:37:09:5b:e7:b3:49:
98:71:1b:a8:d6:32:f1:37:75:8a:c0:7a:67:ba:c2:
b2:83:15:62:ae:07:88:a3:a2:38:98:72:2e:ce:d6:
10:65:36:38:5f:66:ef:f2:47:24:b5:fb:73:a4:f0:
d3:3e:c7:c5:93:19:57:e7:83:0a:43:4f:69:b0:6a:
8e:59:9e:14:53:91:6f:c3:d3:93:3f:0c:f1:77:a8:
dc:e7:1c:3a:5e:fb:5c:93:19:00:24:1c:0c:65:93:
c5:69:fb:ca:d9:a9:b8:94:0e:a3:ff:a3:3f:61:f2:
f7:57:60:b7:cf:03:1f:8a:2c:78:bb:24:46:1e:1d:
97:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:EC:CA:70:75:27:46:A0:9B:94:17:C9:EC:B4:0E:5B:03:C3:B3:D1
X509v3 Authority Key Identifier:
keyid:DE:23:F1:8C:57:6D:6F:A6:09:13:35:33:C0:D0:E3:8D:77:32:C6:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3iPxjFdtb6YJEzUzwNDjjXcyxlI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/98c5d9-e2be-493b-8657-5e86006e20ae/1/_uzKcHUnRqCblBfJ7LQOWwPDs9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/98c5d9-e2be-493b-8657-5e86006e20ae/1/3iPxjFdtb6YJEzUzwNDjjXcyxlI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.190.21.0/24
IPv6:
2001:67c:f44::/48
Signature Algorithm: sha256WithRSAEncryption
a1:dd:a5:09:f7:64:a2:c4:1f:44:75:ad:5a:2c:f5:55:ef:7e:
aa:00:f2:1b:d0:15:55:42:82:b2:df:6e:b6:99:61:a9:f2:77:
62:95:c3:e5:3a:5f:53:36:13:5a:68:63:5d:a7:54:16:77:56:
30:61:d7:84:cc:ab:05:21:86:88:d2:e7:d4:5a:9e:c3:27:6a:
8c:27:ae:eb:83:01:56:3e:68:c6:fa:3b:46:84:e9:3c:c0:29:
7c:78:b7:16:9c:c6:9b:3f:ec:05:77:2b:d9:0c:bf:d1:12:db:
86:27:0b:90:db:c4:c4:4c:65:46:a6:8d:89:db:0c:23:31:ff:
9d:c3:9a:2b:f4:60:bb:34:34:38:8c:26:ce:5f:8d:24:e2:d5:
58:55:7a:11:2a:f4:40:28:e0:5d:1a:02:8f:4b:b3:f4:2f:75:
27:98:31:89:f4:cd:8c:65:70:76:5b:79:c8:97:0e:47:f7:9d:
54:5b:c9:76:e0:2c:dc:86:17:e5:87:df:b8:60:26:18:e9:de:
0e:c8:2a:2d:6f:99:4e:fd:b6:34:5d:2e:85:39:ea:1d:33:e3:
6a:6d:b7:82:c4:1f:54:33:43:a2:66:20:14:bc:6c:8d:09:36:
90:0d:e6:30:e7:e6:b4:da:56:d7:4e:30:c8:b4:96:c3:be:04:
04:da:fd:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlj3ylX32mhVGyrlXjqcomMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMjNmMThjNTc2ZDZmYTYwOTEzMzUzM2MwZDBlMzhkNzcz
MmM2NTIwHhcNMjUwMTAyMDU0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWVjY2E3MDc1Mjc0NmEwOWI5NDE3YzllY2I0MGU1YjAzYzNiM2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WzW9Lb6KBcUD9QoDzoJtW6Llgem
ROgPoTUDUkmx+mni0O7CRoQKhZeoJYX+vzbDNTuQCZ1FBjQQcxlCdQU0KywZBBM4
WLSo16pBgSTOAfXuYruMlVz5/r/jp5ssUFJpGsGtkwI4el/GDKCj0gMTtR0zJMM8
MStX5fjc8alXB3U3CVvns0mYcRuo1jLxN3WKwHpnusKygxVirgeIo6I4mHIuztYQ
ZTY4X2bv8kcktftzpPDTPsfFkxlX54MKQ09psGqOWZ4UU5Fvw9OTPwzxd6jc5xw6
XvtckxkAJBwMZZPFafvK2am4lA6j/6M/YfL3V2C3zwMfiix4uyRGHh2XhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP7synB1J0agm5QXyey0DlsDw7PRMB8GA1UdIwQY
MBaAFN4j8YxXbW+mCRM1M8DQ4413MsZSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2lQeGpGZHRiNllKRXpVendORGpqWGN5eGxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85OGM1ZDktZTJiZS00OTNiLTg2NTct
NWU4NjAwNmUyMGFlLzEvX3V6S2NIVW5ScUNibEJmSjdMUU9Xd1BEczlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85OGM1ZDktZTJiZS00OTNiLTg2NTctNWU4NjAwNmUyMGFl
LzEvM2lQeGpGZHRiNllKRXpVendORGpqWGN5eGxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAQL4VMA8E
AgACMAkDBwAgAQZ8D0QwDQYJKoZIhvcNAQELBQADggEBAKHdpQn3ZKLEH0R1rVos
9VXvfqoA8hvQFVVCgrLfbraZYanyd2KVw+U6X1M2E1poY12nVBZ3VjBh14TMqwUh
hojS59RansMnaownruuDAVY+aMb6O0aE6TzAKXx4txacxps/7AV3K9kMv9ES24Yn
C5DbxMRMZUamjYnbDCMx/53Dmiv0YLs0NDiMJs5fjSTi1VhVehEq9EAo4F0aAo9L
s/QvdSeYMYn0zYxlcHZbeciXDkf3nVRbyXbgLNyGF+WH37hgJhjp3g7IKi1vmU79
tjRdLoU56h0z42ptt4LEH1QzQ6JmIBS8bI0JNpAN5jDn5rTaVtdOMMi0lsO+BATa
/fs=
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:53:30 2025 by rpki-client