Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/FzXiqwSIgJrNIn9qGUdHNEQuO3Q.roa
File: FzXiqwSIgJrNIn9qGUdHNEQuO3Q.roa (raw, json)
Hash identifier: U+uKTgzKC3Ny0KB1W4Pds4V3vpyFy5WJdOm1vk0yr9g=
Subject key identifier: 17:35:E2:AB:04:88:80:9A:CD:22:7F:6A:19:47:47:34:44:2E:3B:74
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F382BA9923710A729D83850EA25191D48
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/FzXiqwSIgJrNIn9qGUdHNEQuO3Q.roa
Signing time: Thu 02 May 2024 07:18:56 +0000
ROA not before: Thu 02 May 2024 07:18:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:2b:a9:92:37:10:a7:29:d8:38:50:ea:25:19:1d:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 2 07:18:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1735e2ab0488809acd227f6a19474734442e3b74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:74:26:41:38:dd:83:e7:73:1a:c2:c1:86:ed:
7b:62:9c:9f:39:1d:5b:8c:a8:a1:5e:cb:13:ad:35:
c8:68:35:d9:97:11:c3:d4:fa:4e:bd:88:06:3d:4e:
72:11:84:8e:f0:18:70:c0:fc:75:bb:54:94:7c:bd:
1c:3e:44:bd:d8:34:fe:89:e3:94:f2:e7:ac:cb:d7:
5d:b3:8e:d5:72:49:fc:95:54:c0:fc:2a:c3:31:2c:
3e:b3:95:55:8f:aa:00:b6:d5:d1:25:22:c7:5f:67:
95:c6:69:a9:fb:58:3b:56:ed:c3:20:d7:25:63:3c:
e9:f2:8e:ba:43:a7:4f:bb:0e:85:69:1e:3a:60:48:
ff:83:d7:05:c1:2d:13:1d:03:a9:60:2e:6b:16:ec:
93:df:a1:e5:26:4d:06:61:4f:94:e8:86:4e:7c:86:
7f:bb:3e:6d:d2:a5:4a:0b:ec:ad:16:f2:fb:6b:58:
5d:95:21:e2:a5:fe:85:45:ff:70:0f:cf:3c:b3:fc:
e3:7c:45:b5:88:45:f7:98:f8:0c:7d:fd:54:9a:ef:
9f:db:f0:b3:d4:e0:d0:23:39:ed:69:7e:0b:bd:5b:
f7:25:a2:fa:ac:a9:f6:4e:3b:08:8e:f6:39:c0:04:
85:b6:3b:b4:51:a7:c3:3c:35:6d:b4:40:bc:24:83:
0c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:35:E2:AB:04:88:80:9A:CD:22:7F:6A:19:47:47:34:44:2E:3B:74
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/FzXiqwSIgJrNIn9qGUdHNEQuO3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
92:31:56:39:b2:1c:7d:0e:97:0e:88:ef:3a:01:6f:9d:76:6a:
67:12:31:73:08:2d:0e:c1:35:32:68:c3:37:87:91:d8:a6:d7:
02:4c:b3:cd:d8:ae:08:4b:24:3a:f7:9f:d9:b8:d5:c2:49:81:
6f:c8:e5:16:80:6f:af:32:b2:c1:2f:77:94:f6:a1:e5:a3:6f:
9b:9e:1a:44:fd:04:5a:e0:8b:25:98:94:01:b5:9a:bc:12:51:
91:de:d0:1f:4b:54:8d:c1:bd:aa:1b:c4:50:0e:b1:60:95:2b:
6c:24:7d:f9:87:72:1e:4f:c7:41:0d:77:df:1d:0c:c8:af:69:
12:19:47:8f:ca:50:b1:26:6f:98:87:84:e7:47:3d:ea:fd:db:
2d:fb:aa:98:cf:6b:ec:4d:de:0e:27:66:51:67:6a:08:fe:3f:
f2:30:34:db:42:dd:57:ff:6b:f2:d2:14:46:2e:97:38:8a:1e:
5c:13:fa:31:b4:76:bc:bd:63:4c:e4:6b:ac:39:13:02:c6:e3:
64:5b:46:c3:35:e7:2e:9f:80:e1:51:db:0f:02:47:2d:52:f0:
83:19:5f:09:21:7d:3a:6f:1e:a6:12:67:a9:3f:13:2c:3d:24:
e1:ce:af:db:84:7f:42:e2:e5:db:6b:14:4c:c2:95:d0:36:d7:
a7:e0:f7:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY84K6mSNxCnKdg4UOolGR1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAyMDcxODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzM1ZTJhYjA0ODg4MDlhY2QyMjdmNmExOTQ3NDczNDQ0MmUzYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03QmQTjdg+dzGsLBhu17YpyfOR1b
jKihXssTrTXIaDXZlxHD1PpOvYgGPU5yEYSO8BhwwPx1u1SUfL0cPkS92DT+ieOU
8uesy9dds47Vckn8lVTA/CrDMSw+s5VVj6oAttXRJSLHX2eVxmmp+1g7Vu3DINcl
Yzzp8o66Q6dPuw6FaR46YEj/g9cFwS0THQOpYC5rFuyT36HlJk0GYU+U6IZOfIZ/
uz5t0qVKC+ytFvL7a1hdlSHipf6FRf9wD888s/zjfEW1iEX3mPgMff1Umu+f2/Cz
1ODQIzntaX4LvVv3JaL6rKn2TjsIjvY5wASFtju0UafDPDVttEC8JIMM1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBc14qsEiICazSJ/ahlHRzRELjt0MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvRnpYaXF3U0lnSnJOSW45cUdVZEhORVF1TzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJIxVjmyHH0Olw6I7zoB
b512amcSMXMILQ7BNTJowzeHkdim1wJMs83YrghLJDr3n9m41cJJgW/I5RaAb68y
ssEvd5T2oeWjb5ueGkT9BFrgiyWYlAG1mrwSUZHe0B9LVI3BvaobxFAOsWCVK2wk
ffmHch5Px0ENd98dDMivaRIZR4/KULEmb5iHhOdHPer92y37qpjPa+xN3g4nZlFn
agj+P/IwNNtC3Vf/a/LSFEYulziKHlwT+jG0dry9Y0zka6w5EwLG42RbRsM15y6f
gOFR2w8CRy1S8IMZXwkhfTpvHqYSZ6k/Eyw9JOHOr9uEf0Li5dtrFEzCldA216fg
99c=
-----END CERTIFICATE-----
Generated at Sun May 11 15:24:35 2025 by rpki-client