Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fCUsLWF0cKzp4GrJjdNfbudaOyQ.roa
File: fCUsLWF0cKzp4GrJjdNfbudaOyQ.roa (raw, json)
Hash identifier: 9CtPftoyx7FTT8SbHUq/EP9MFNBacA+Co6wSQxxnS8U=
Subject key identifier: 7C:25:2C:2D:61:74:70:AC:E9:E0:6A:C9:8D:D3:5F:6E:E7:5A:3B:24
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F63B54B0C732FE96A90E06B32F78D4F6E
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fCUsLWF0cKzp4GrJjdNfbudaOyQ.roa
Signing time: Fri 10 May 2024 18:12:56 +0000
ROA not before: Fri 10 May 2024 18:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:63:b5:4b:0c:73:2f:e9:6a:90:e0:6b:32:f7:8d:4f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 10 18:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c252c2d617470ace9e06ac98dd35f6ee75a3b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c2:3c:b8:f5:58:eb:f0:69:01:d3:50:ae:42:
02:3d:76:1a:e5:77:73:d1:81:c6:4f:ad:3f:ba:b9:
e5:f3:39:62:38:22:1f:4a:bb:49:ec:43:43:92:a0:
5e:f8:26:f7:3b:e2:52:a6:87:04:31:ae:da:5a:39:
ad:8b:23:30:f0:13:92:b0:ad:c9:4d:6f:2c:01:d2:
3b:57:e1:e8:2f:a6:10:4a:44:6d:fa:61:1b:d6:2f:
a2:6e:fa:89:6c:f9:e2:fc:c4:98:20:f6:8b:bb:aa:
a1:62:48:7b:dd:ea:2a:11:e8:f2:14:29:8d:27:81:
bf:91:e9:99:37:2c:3c:1d:1f:8f:70:be:0e:06:22:
cb:62:90:32:df:57:55:ad:6a:c4:69:1b:da:ad:e9:
83:af:b0:3f:b5:6d:17:b3:2d:8c:99:1b:4d:fd:d9:
9a:93:8a:cd:e3:a7:8b:45:58:42:2a:d3:a1:bb:01:
81:bd:8b:54:51:73:19:9b:02:ad:a1:8f:c5:3f:b8:
94:04:35:d4:70:f8:28:92:0a:25:14:62:1d:59:51:
26:d3:3a:7a:09:b0:6b:cb:9c:00:fd:14:c4:21:0a:
4c:e7:a8:a2:e1:a9:fc:ef:65:db:9a:1c:13:0d:3b:
e3:3a:0b:83:f7:5d:40:f7:b2:13:6c:53:cc:05:f0:
19:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:25:2C:2D:61:74:70:AC:E9:E0:6A:C9:8D:D3:5F:6E:E7:5A:3B:24
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fCUsLWF0cKzp4GrJjdNfbudaOyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:49:64:8b:92:d8:c1:e0:cd:1c:17:88:d7:d6:8b:c5:fb:36:
09:09:ad:ba:90:6f:6f:c5:6c:5d:47:96:4b:cf:e2:a4:54:d1:
a5:fb:5e:54:bb:ed:44:ca:74:8b:b7:4d:f9:9e:79:0f:a0:d1:
9a:f1:cd:e1:73:dd:6c:8f:a3:5c:b2:50:fb:23:ed:28:fa:29:
b3:7c:cc:a3:1a:94:44:02:38:ff:c6:6a:28:76:71:82:be:93:
21:79:2d:87:26:bb:4d:94:98:a3:80:d3:3c:4a:83:04:ee:3d:
df:40:a3:95:3c:19:9d:0b:f7:a5:63:33:17:71:03:09:7a:a9:
5e:2e:31:f6:84:30:ed:c9:49:43:c5:bc:12:d9:a4:16:4b:2e:
bc:2f:b0:59:05:51:1b:e2:b0:52:56:11:a2:01:e9:db:b4:f6:
23:05:58:78:b8:3f:6c:8c:65:f9:9e:76:87:c9:19:a9:94:cf:
b7:d0:7d:a5:ad:24:b0:31:cf:b5:02:ab:81:cb:7a:dc:66:bf:
c7:0e:6a:47:81:99:29:37:97:bd:3e:01:59:37:a1:d0:53:f4:
64:a7:5e:89:0b:b4:71:8e:f5:61:10:44:c6:4b:81:ca:51:58:
78:d9:44:b2:31:1f:e1:2a:2f:b3:79:ef:0e:94:33:72:74:60:
44:f8:70:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9jtUsMcy/papDgazL3jU9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEwMTgxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzI1MmMyZDYxNzQ3MGFjZTllMDZhYzk4ZGQzNWY2ZWU3NWEzYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8I8uPVY6/BpAdNQrkICPXYa5Xdz
0YHGT60/urnl8zliOCIfSrtJ7ENDkqBe+Cb3O+JSpocEMa7aWjmtiyMw8BOSsK3J
TW8sAdI7V+HoL6YQSkRt+mEb1i+ibvqJbPni/MSYIPaLu6qhYkh73eoqEejyFCmN
J4G/kemZNyw8HR+PcL4OBiLLYpAy31dVrWrEaRvaremDr7A/tW0Xsy2MmRtN/dma
k4rN46eLRVhCKtOhuwGBvYtUUXMZmwKtoY/FP7iUBDXUcPgokgolFGIdWVEm0zp6
CbBry5wA/RTEIQpM56ii4an872XbmhwTDTvjOguD911A97ITbFPMBfAZMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHwlLC1hdHCs6eBqyY3TX27nWjskMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZkNVc0xXRjBjS3pwNEdySmpkTmZidWRhT3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEBJZIuS2MHgzRwXiNfW
i8X7NgkJrbqQb2/FbF1HlkvP4qRU0aX7XlS77UTKdIu3TfmeeQ+g0ZrxzeFz3WyP
o1yyUPsj7Sj6KbN8zKMalEQCOP/Gaih2cYK+kyF5LYcmu02UmKOA0zxKgwTuPd9A
o5U8GZ0L96VjMxdxAwl6qV4uMfaEMO3JSUPFvBLZpBZLLrwvsFkFURvisFJWEaIB
6du09iMFWHi4P2yMZfmedofJGamUz7fQfaWtJLAxz7UCq4HLetxmv8cOakeBmSk3
l70+AVk3odBT9GSnXokLtHGO9WEQRMZLgcpRWHjZRLIxH+EqL7N57w6UM3J0YET4
cOE=
-----END CERTIFICATE-----
Generated at Sat May 10 05:17:14 2025 by rpki-client