Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/F4x-PNdxzMZOQqwxWFBr-Hyk-2Y.roa
File: F4x-PNdxzMZOQqwxWFBr-Hyk-2Y.roa (raw, json)
Hash identifier: aCiGsDIQAZfrlVXgA0oyZwTOJ+/zKH2Or1TMNwksAdg=
Subject key identifier: 17:8C:7E:3C:D7:71:CC:C6:4E:42:AC:31:58:50:6B:F8:7C:A4:FB:66
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8641D513AE91FCC4C4446F5FDA2EA4D9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/F4x-PNdxzMZOQqwxWFBr-Hyk-2Y.roa
Signing time: Thu 28 Mar 2024 18:10:45 +0000
ROA not before: Thu 28 Mar 2024 18:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:41:d5:13:ae:91:fc:c4:c4:44:6f:5f:da:2e:a4:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 28 18:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=178c7e3cd771ccc64e42ac3158506bf87ca4fb66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0f:23:42:1f:7c:8b:84:2c:ee:21:5d:d4:d0:
bd:64:62:c0:8c:5c:2a:83:7b:83:ba:cb:f4:7d:35:
da:7b:5a:27:71:b3:55:9a:28:c2:bc:24:0f:49:04:
fa:57:49:35:b8:d0:39:91:30:c0:73:be:73:5d:6b:
6b:02:b6:9b:21:c8:08:49:ed:2c:7e:63:b7:62:d8:
98:be:d2:c4:5f:b4:d4:b7:fe:7e:7d:cd:42:4b:c3:
e0:c2:3b:46:f8:8f:8a:6d:f1:be:d7:22:5a:fa:75:
bc:1b:36:40:dc:bf:64:a3:0a:83:3c:d3:fa:3f:68:
66:b6:85:36:f4:c9:5a:5c:c0:45:00:30:67:ae:c6:
e1:6e:2a:60:bc:1c:86:59:11:f6:bd:31:30:94:a8:
71:96:ee:24:80:24:a9:57:3b:f0:84:38:97:0e:0e:
14:9d:6a:75:2c:ef:ea:a1:87:98:da:c5:5e:84:fb:
98:59:fc:2b:1c:48:41:12:5d:f0:91:83:b0:41:a3:
2f:ee:8b:67:52:5c:66:c5:fd:ee:bd:7a:58:c3:92:
9d:d8:15:dc:fd:62:40:40:b4:56:b6:a7:21:df:56:
01:d1:53:de:66:74:70:a7:12:95:06:69:c0:97:70:
97:c9:67:6c:42:c9:4b:90:eb:3d:d9:6a:3c:06:d4:
d9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8C:7E:3C:D7:71:CC:C6:4E:42:AC:31:58:50:6B:F8:7C:A4:FB:66
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/F4x-PNdxzMZOQqwxWFBr-Hyk-2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:e7:62:5c:19:20:c3:7c:81:08:72:53:65:47:a4:6b:90:ba:
c3:66:8c:31:8a:89:bd:e9:44:b9:29:63:7a:bf:8b:97:78:b4:
a9:99:e7:5e:82:15:f1:24:c4:1c:a4:dd:ed:90:13:6f:60:03:
0d:53:f6:61:5b:db:05:6c:75:87:d3:f1:5c:b2:12:3b:39:28:
9f:7b:16:bb:cb:01:a7:72:07:51:ff:26:d7:d4:83:13:f9:36:
ee:0a:32:d9:62:3b:11:16:5e:95:18:16:52:a6:fd:cb:ba:d3:
89:06:9b:b0:73:4a:b6:eb:01:c5:8c:38:5c:71:c1:0b:b9:18:
3a:aa:6d:73:f4:50:c4:79:e8:b9:b5:aa:ac:93:54:e6:65:9e:
62:4a:6e:df:3b:21:39:53:5c:7f:c8:9f:7e:4d:7b:26:11:16:
f8:36:95:f9:d7:15:55:7c:2d:00:0a:61:7b:6c:36:a1:66:8d:
1c:ff:fb:79:4d:91:33:46:52:ae:c3:34:58:20:4e:92:98:78:
67:f8:75:54:fe:eb:ab:d3:a4:7c:97:75:0a:20:d6:1e:9a:3c:
0e:5f:fc:c1:24:f0:63:ca:2b:c9:f8:49:07:a1:a9:ab:73:c9:
b2:08:9b:69:50:58:e6:81:0f:d6:d4:a9:0b:23:4b:d2:f3:fa:
62:15:93:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6GQdUTrpH8xMREb1/aLqTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI4MTgxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzhjN2UzY2Q3NzFjY2M2NGU0MmFjMzE1ODUwNmJmODdjYTRmYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA8jQh98i4Qs7iFd1NC9ZGLAjFwq
g3uDusv0fTXae1oncbNVmijCvCQPSQT6V0k1uNA5kTDAc75zXWtrArabIcgISe0s
fmO3YtiYvtLEX7TUt/5+fc1CS8PgwjtG+I+KbfG+1yJa+nW8GzZA3L9kowqDPNP6
P2hmtoU29MlaXMBFADBnrsbhbipgvByGWRH2vTEwlKhxlu4kgCSpVzvwhDiXDg4U
nWp1LO/qoYeY2sVehPuYWfwrHEhBEl3wkYOwQaMv7otnUlxmxf3uvXpYw5Kd2BXc
/WJAQLRWtqch31YB0VPeZnRwpxKVBmnAl3CXyWdsQslLkOs92Wo8BtTZwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBeMfjzXcczGTkKsMVhQa/h8pPtmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRjR4LVBOZHh6TVpPUXF3eFdGQnItSHlrLTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKHnYlwZIMN8gQhyU2VH
pGuQusNmjDGKib3pRLkpY3q/i5d4tKmZ516CFfEkxByk3e2QE29gAw1T9mFb2wVs
dYfT8VyyEjs5KJ97FrvLAadyB1H/JtfUgxP5Nu4KMtliOxEWXpUYFlKm/cu604kG
m7BzSrbrAcWMOFxxwQu5GDqqbXP0UMR56Lm1qqyTVOZlnmJKbt87ITlTXH/In35N
eyYRFvg2lfnXFVV8LQAKYXtsNqFmjRz/+3lNkTNGUq7DNFggTpKYeGf4dVT+66vT
pHyXdQog1h6aPA5f/MEk8GPKK8n4SQehqatzybIIm2lQWOaBD9bUqQsjS9Lz+mIV
k5g=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:34 2025 by rpki-client