Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/fmSwrT2rrhJpEayRLycbCH32BHY.roa
File: fmSwrT2rrhJpEayRLycbCH32BHY.roa (raw, json)
Hash identifier: PHErAACH5XrcgpJ3yoq/AeACXsHgVYk+crjkeN2ue40=
Subject key identifier: 7E:64:B0:AD:3D:AB:AE:12:69:11:AC:91:2F:27:1B:08:7D:F6:04:76
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EED40BB0C9549F8D3681A8C73657CEAA5
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/fmSwrT2rrhJpEayRLycbCH32BHY.roa
Signing time: Wed 17 Apr 2024 18:10:26 +0000
ROA not before: Wed 17 Apr 2024 18:10:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ed:40:bb:0c:95:49:f8:d3:68:1a:8c:73:65:7c:ea:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 17 18:10:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e64b0ad3dabae126911ac912f271b087df60476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:60:35:d0:04:43:58:d6:bc:8d:fd:ef:69:a3:
6b:72:74:27:99:b0:4e:d7:46:70:8c:62:cc:30:bb:
d8:d4:be:f9:f2:f4:22:07:56:59:a6:0d:32:1d:1f:
46:1b:c8:10:04:08:2c:f0:4f:65:97:83:e6:47:4b:
d2:ea:a1:52:66:16:35:ce:90:ef:05:0e:df:62:3e:
63:44:06:e5:a0:51:e0:1a:d7:a1:55:65:e5:73:93:
a7:ba:5b:fe:0d:c2:e2:07:b1:c1:b6:83:a6:36:83:
f4:27:3d:ba:7b:1d:e9:4a:10:54:95:2c:ba:b6:4e:
e6:7d:c2:72:0d:a9:ba:69:aa:d7:3f:6c:5c:ef:0b:
9d:c9:8c:fa:c0:24:af:84:1f:21:4f:ce:c0:f3:5f:
29:51:78:3b:fd:ce:72:08:50:69:89:5f:f6:59:38:
9f:01:88:f6:e6:93:db:45:dc:56:58:2e:58:db:af:
f6:ad:b4:e5:9a:d6:91:f2:16:07:71:ea:e9:05:0c:
70:44:4b:0b:8a:38:28:a0:21:3c:7f:31:89:76:35:
fa:39:dc:f3:95:7b:0b:b0:88:f7:db:35:8a:84:f4:
15:8a:eb:a6:af:9a:27:66:f6:4c:14:93:1e:4b:82:
61:f6:d8:b1:92:06:9d:2f:8d:ab:23:74:67:84:56:
68:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:64:B0:AD:3D:AB:AE:12:69:11:AC:91:2F:27:1B:08:7D:F6:04:76
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/fmSwrT2rrhJpEayRLycbCH32BHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:f3:a4:d4:d2:fe:fc:bd:a8:f1:bd:2d:d7:57:ae:6d:5f:ff:
b4:3d:b0:6d:87:2d:93:1f:73:a4:3e:a2:db:4e:86:ac:13:cd:
d9:eb:f5:dd:6d:87:fb:2b:bd:76:05:10:64:b9:ee:4d:ba:d9:
9c:f1:e0:57:1c:16:97:43:01:fe:a8:03:6e:6d:ef:8b:fb:a2:
7b:bb:ad:7e:c0:a9:f7:34:df:f9:49:29:31:d6:44:83:34:e8:
db:0a:85:3f:a4:23:07:41:ec:6a:ca:96:ea:ab:f3:8b:c4:f6:
1c:04:47:5d:ef:c6:99:be:a5:7a:e5:68:1e:b1:71:e1:dd:34:
a2:8a:12:40:e4:d6:af:fe:60:3e:ff:e9:1b:f2:d3:0c:03:a7:
49:bc:95:01:b5:b7:83:6a:4c:19:62:3c:42:d0:9e:2c:7a:8e:
51:92:b9:19:4e:16:c1:d5:ed:28:9b:45:04:f9:63:32:35:f3:
b2:5e:4a:03:bd:65:fb:1b:cf:1b:89:c4:89:e4:76:2b:64:61:
76:26:05:51:7a:a1:6c:79:e9:93:aa:46:41:74:0a:c1:bf:75:
0a:bf:64:00:d8:2a:4c:58:6b:88:37:40:ee:e2:b9:e7:59:f2:
d0:b1:18:5f:7a:7b:d2:03:45:59:af:38:12:9e:69:85:a3:e7:
bf:cc:1c:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7tQLsMlUn402gajHNlfOqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE3MTgxMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTY0YjBhZDNkYWJhZTEyNjkxMWFjOTEyZjI3MWIwODdkZjYwNDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mA10ARDWNa8jf3vaaNrcnQnmbBO
10ZwjGLMMLvY1L758vQiB1ZZpg0yHR9GG8gQBAgs8E9ll4PmR0vS6qFSZhY1zpDv
BQ7fYj5jRAbloFHgGtehVWXlc5Onulv+DcLiB7HBtoOmNoP0Jz26ex3pShBUlSy6
tk7mfcJyDam6aarXP2xc7wudyYz6wCSvhB8hT87A818pUXg7/c5yCFBpiV/2WTif
AYj25pPbRdxWWC5Y26/2rbTlmtaR8hYHcerpBQxwREsLijgooCE8fzGJdjX6Odzz
lXsLsIj32zWKhPQViuumr5onZvZMFJMeS4Jh9tixkgadL42rI3RnhFZo+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH5ksK09q64SaRGskS8nGwh99gR2MB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvZm1Td3JUMnJyaEpwRWF5Ukx5Y2JDSDMyQkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFbzpNTS/vy9qPG9LddX
rm1f/7Q9sG2HLZMfc6Q+ottOhqwTzdnr9d1th/srvXYFEGS57k262Zzx4FccFpdD
Af6oA25t74v7onu7rX7Aqfc03/lJKTHWRIM06NsKhT+kIwdB7GrKluqr84vE9hwE
R13vxpm+pXrlaB6xceHdNKKKEkDk1q/+YD7/6Rvy0wwDp0m8lQG1t4NqTBliPELQ
nix6jlGSuRlOFsHV7SibRQT5YzI187JeSgO9ZfsbzxuJxInkditkYXYmBVF6oWx5
6ZOqRkF0CsG/dQq/ZADYKkxYa4g3QO7iuedZ8tCxGF96e9IDRVmvOBKeaYWj57/M
HOU=
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:14:16 2025 by rpki-client