Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/af2adb-ff69-4b04-a806-46dd1205dcff/1/_bpQxkOlq5E5sfD-TRrVShfO1_g.roa
File: _bpQxkOlq5E5sfD-TRrVShfO1_g.roa (raw, json)
Hash identifier: Cmap0SfmTY3ewNfpHCQp60zls00ay/Wfaow7zPF2W9U=
Subject key identifier: FD:BA:50:C6:43:A5:AB:91:39:B1:F0:FE:4D:1A:D5:4A:17:CE:D7:F8
Certificate issuer: /CN=fc7cfab24f15cd262176af0d1ccd88127dbf6335
Certificate serial: 018CC348E74CFB23BD2820C57EA097F192D6
Authority key identifier: FC:7C:FA:B2:4F:15:CD:26:21:76:AF:0D:1C:CD:88:12:7D:BF:63:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Hz6sk8VzSYhdq8NHM2IEn2_YzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/af2adb-ff69-4b04-a806-46dd1205dcff/1/_bpQxkOlq5E5sfD-TRrVShfO1_g.roa
Signing time: Mon 01 Jan 2024 04:29:44 +0000
ROA not before: Mon 01 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57846
IP address blocks: 37.130.152.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e7:4c:fb:23:bd:28:20:c5:7e:a0:97:f1:92:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc7cfab24f15cd262176af0d1ccd88127dbf6335
Validity
Not Before: Jan 1 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdba50c643a5ab9139b1f0fe4d1ad54a17ced7f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:59:64:17:a4:dd:5f:8f:99:cb:e0:b8:94:7b:
39:7b:38:40:64:d1:d1:b0:d9:17:a4:11:08:f6:93:
22:5a:cc:4a:ec:80:8c:0c:14:29:84:ed:fc:e3:9f:
0f:42:15:ac:31:98:e4:33:fd:28:03:aa:4d:61:e3:
dd:19:53:b2:3c:e8:a1:33:3c:09:82:78:27:51:ba:
a0:10:1e:e0:e0:a9:5b:c4:73:91:3a:9d:04:19:4f:
bc:49:11:80:f4:2a:00:d2:72:0e:69:fb:12:2f:a8:
95:3b:cf:a6:49:79:99:b5:9d:db:81:e9:6f:bb:63:
60:6d:c7:7f:0e:b5:06:3a:7e:0f:55:24:43:d3:ca:
26:f5:dd:52:47:e8:89:d8:af:70:21:62:ee:c1:53:
77:0d:53:46:82:80:a3:f9:4e:5f:eb:05:0b:62:a8:
e9:51:4f:dd:17:58:5d:81:d3:de:3a:fb:d8:ec:bb:
5e:2e:62:79:eb:39:e8:74:d7:12:c9:0a:70:ed:30:
8e:ea:e9:48:d7:c0:10:64:5f:02:f2:b8:91:78:48:
1f:8b:1e:bd:d7:1c:88:58:d4:e4:a2:6a:96:56:e2:
63:60:d7:05:98:d7:40:4f:fa:99:3d:24:09:b9:a9:
41:e3:f9:4b:ea:ef:1b:16:bc:5c:33:63:95:a1:68:
57:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:BA:50:C6:43:A5:AB:91:39:B1:F0:FE:4D:1A:D5:4A:17:CE:D7:F8
X509v3 Authority Key Identifier:
keyid:FC:7C:FA:B2:4F:15:CD:26:21:76:AF:0D:1C:CD:88:12:7D:BF:63:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Hz6sk8VzSYhdq8NHM2IEn2_YzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/af2adb-ff69-4b04-a806-46dd1205dcff/1/_bpQxkOlq5E5sfD-TRrVShfO1_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/af2adb-ff69-4b04-a806-46dd1205dcff/1/_Hz6sk8VzSYhdq8NHM2IEn2_YzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.152.0/21
Signature Algorithm: sha256WithRSAEncryption
34:1a:7f:7f:1c:e7:ec:81:bc:ff:18:6f:b9:98:55:41:2e:f6:
d6:c1:f9:35:83:ae:3a:e4:de:19:52:53:1c:54:f9:24:ec:cb:
fd:eb:84:68:04:61:7c:04:7e:21:a1:f1:1d:a7:3b:f6:65:2e:
f0:16:4f:e4:6a:4d:22:e4:99:fd:b7:41:c8:39:e9:1f:6e:6b:
4e:f0:2e:32:0f:ce:57:d1:9d:a4:40:8d:17:ef:3b:b5:fe:64:
d1:2a:63:3e:4a:2a:12:89:90:3b:2e:39:17:c3:b5:3b:2b:1d:
18:c8:ae:16:8a:e7:a3:10:cc:fe:eb:c2:56:5f:33:88:c4:9f:
3e:26:fa:33:6e:d1:94:86:8c:b7:48:62:78:ba:f2:c9:8d:42:
d2:2f:05:56:38:97:b4:dc:97:88:ae:cf:a2:3b:47:3e:cd:38:
88:59:85:81:16:ed:d0:60:65:4c:97:4e:2e:d2:ef:5d:6f:e2:
16:00:2a:66:89:ec:d7:c4:45:db:db:5b:92:07:85:4d:93:59:
24:f7:5a:d3:ac:d0:a1:cd:46:da:95:cf:dc:aa:ff:31:23:9c:
4c:d2:2c:c9:e5:ee:84:14:dd:c8:8b:8e:1d:f0:58:06:c0:04:
56:dc:09:a5:88:59:1c:59:5b:c4:a6:af:73:6e:67:48:48:b7:
af:db:b8:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSOdM+yO9KCDFfqCX8ZLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjN2NmYWIyNGYxNWNkMjYyMTc2YWYwZDFjY2Q4ODEyN2Ri
ZjYzMzUwHhcNMjQwMTAxMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGJhNTBjNjQzYTVhYjkxMzliMWYwZmU0ZDFhZDU0YTE3Y2VkN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVlkF6TdX4+Zy+C4lHs5ezhAZNHR
sNkXpBEI9pMiWsxK7ICMDBQphO38458PQhWsMZjkM/0oA6pNYePdGVOyPOihMzwJ
gngnUbqgEB7g4KlbxHOROp0EGU+8SRGA9CoA0nIOafsSL6iVO8+mSXmZtZ3bgelv
u2Ngbcd/DrUGOn4PVSRD08om9d1SR+iJ2K9wIWLuwVN3DVNGgoCj+U5f6wULYqjp
UU/dF1hdgdPeOvvY7LteLmJ56znodNcSyQpw7TCO6ulI18AQZF8C8riReEgfix69
1xyIWNTkomqWVuJjYNcFmNdAT/qZPSQJualB4/lL6u8bFrxcM2OVoWhXZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP26UMZDpauRObHw/k0a1UoXztf4MB8GA1UdIwQY
MBaAFPx8+rJPFc0mIXavDRzNiBJ9v2M1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0h6NnNrOFZ6U1loZHE4TkhNMklFbjJfWXpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9hZjJhZGItZmY2OS00YjA0LWE4MDYt
NDZkZDEyMDVkY2ZmLzEvX2JwUXhrT2xxNUU1c2ZELVRSclZTaGZPMV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9hZjJhZGItZmY2OS00YjA0LWE4MDYtNDZkZDEyMDVkY2Zm
LzEvX0h6NnNrOFZ6U1loZHE4TkhNMklFbjJfWXpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJYKYMA0G
CSqGSIb3DQEBCwUAA4IBAQA0Gn9/HOfsgbz/GG+5mFVBLvbWwfk1g6465N4ZUlMc
VPkk7Mv964RoBGF8BH4hofEdpzv2ZS7wFk/kak0i5Jn9t0HIOekfbmtO8C4yD85X
0Z2kQI0X7zu1/mTRKmM+SioSiZA7LjkXw7U7Kx0YyK4WiuejEMz+68JWXzOIxJ8+
JvozbtGUhoy3SGJ4uvLJjULSLwVWOJe03JeIrs+iO0c+zTiIWYWBFu3QYGVMl04u
0u9db+IWACpmiezXxEXb21uSB4VNk1kk91rTrNChzUbalc/cqv8xI5xM0izJ5e6E
FN3Ii44d8FgGwARW3AmliFkcWVvEpq9zbmdISLev27hg
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:35 2025 by rpki-client