Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FT1mKmiXyT4yIvX48bhQLCR8dxc.roa
File: FT1mKmiXyT4yIvX48bhQLCR8dxc.roa (raw, json)
Hash identifier: WmneowQEOEYmM5Zm+HlOzRGINbUsuZDVIGJNzS/CXFs=
Subject key identifier: 15:3D:66:2A:68:97:C9:3E:32:22:F5:F8:F1:B8:50:2C:24:7C:77:17
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB576EEB8B49A6F9BD917BCA9391728C6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FT1mKmiXyT4yIvX48bhQLCR8dxc.roa
Signing time: Sat 06 Apr 2024 22:10:54 +0000
ROA not before: Sat 06 Apr 2024 22:10:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b5:76:ee:b8:b4:9a:6f:9b:d9:17:bc:a9:39:17:28:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 6 22:10:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=153d662a6897c93e3222f5f8f1b8502c247c7717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cf:ee:a2:50:d3:e8:5d:8e:a2:5a:ff:ba:46:
59:6d:23:1f:37:a5:db:9b:0f:75:cb:44:d3:31:99:
8c:25:ec:4f:ae:64:a5:08:f4:45:90:87:ba:5f:87:
75:e4:4c:56:79:ef:8c:a7:49:0a:ef:91:76:58:6f:
8f:9a:78:02:62:f2:52:08:2c:b4:35:a9:81:25:92:
b9:d8:27:8e:fa:33:2d:25:ef:37:d0:3b:a0:76:dc:
4b:98:f6:77:55:a3:fe:8e:b7:f9:d7:8a:2e:3a:65:
e0:a3:9d:02:50:32:15:41:80:9f:76:d5:1f:27:ea:
56:ca:cc:f5:b5:42:63:ef:53:47:4c:8d:e2:36:70:
99:6c:da:b3:e8:21:a5:8e:fd:bd:64:e9:92:df:6d:
8b:37:0d:8d:68:a5:91:26:88:b2:73:c0:e3:e4:76:
fa:7c:c0:9a:79:92:dc:68:53:7c:54:d8:a7:77:7e:
9e:9c:9a:b2:a7:c8:ba:69:1f:ee:b1:a1:28:55:fe:
89:56:3a:0b:8d:82:8c:94:fd:ba:d0:4f:36:0b:64:
a6:7a:e5:ac:50:15:52:02:1e:10:05:27:43:03:9d:
81:e4:eb:61:33:3f:fc:9e:76:06:dd:15:0b:bd:cc:
b3:8a:1f:e0:dc:c9:ec:53:f1:44:d2:d2:9a:9c:3b:
b6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:3D:66:2A:68:97:C9:3E:32:22:F5:F8:F1:B8:50:2C:24:7C:77:17
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FT1mKmiXyT4yIvX48bhQLCR8dxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:4f:e4:32:9f:7b:18:ab:a5:c0:19:a1:43:1f:ec:e3:e9:99:
c5:c2:0a:f0:8e:7b:b7:2c:5b:60:68:a9:76:3a:6d:c6:e9:06:
fe:cc:33:33:70:75:f8:d8:3f:a0:bd:5d:d9:9e:03:ac:95:28:
0e:b3:8e:42:40:8f:25:42:53:3c:87:7d:6a:0a:f8:85:49:5c:
21:13:48:6d:16:70:f4:a6:f0:6a:b8:c1:7b:65:18:94:5a:86:
d8:7a:a7:f5:36:57:0b:9e:d9:ea:5d:df:2a:25:66:fa:86:f6:
a4:2e:2e:18:39:d6:fa:be:e2:08:05:07:ad:a1:68:a9:a9:62:
29:1f:0c:19:0b:c1:ea:ec:3c:ea:dd:47:9a:0b:c5:4f:0a:aa:
37:5c:44:6c:04:ad:72:6d:c9:ce:61:1d:e6:69:cf:00:2f:7e:
9d:49:d0:1f:34:df:26:dd:3a:4e:d6:bd:a5:5e:83:0f:bd:9c:
34:d7:10:cc:17:24:34:02:e0:f0:57:01:ce:f9:4c:2a:0d:e2:
5f:e2:7f:ea:cd:f9:f1:91:d9:df:35:2d:04:68:6c:f1:48:fb:
76:0e:c1:fe:48:f3:61:a2:e7:85:d6:84:1a:3c:d3:79:44:6f:
53:1d:83:ac:6c:b2:a9:9e:a1:4f:c3:7b:e9:f5:8f:38:e0:7d:
25:42:5d:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY61du64tJpvm9kXvKk5FyjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA2MjIxMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTNkNjYyYTY4OTdjOTNlMzIyMmY1ZjhmMWI4NTAyYzI0N2M3NzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyc/uolDT6F2Oolr/ukZZbSMfN6Xb
mw91y0TTMZmMJexPrmSlCPRFkIe6X4d15ExWee+Mp0kK75F2WG+PmngCYvJSCCy0
NamBJZK52CeO+jMtJe830DugdtxLmPZ3VaP+jrf514ouOmXgo50CUDIVQYCfdtUf
J+pWysz1tUJj71NHTI3iNnCZbNqz6CGljv29ZOmS322LNw2NaKWRJoiyc8Dj5Hb6
fMCaeZLcaFN8VNind36enJqyp8i6aR/usaEoVf6JVjoLjYKMlP260E82C2SmeuWs
UBVSAh4QBSdDA52B5OthMz/8nnYG3RULvcyzih/g3MnsU/FE0tKanDu2wwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBU9Zipol8k+MiL1+PG4UCwkfHcXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRlQxbUttaVh5VDR5SXZYNDhiaFFMQ1I4ZHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHZP5DKfexirpcAZoUMf
7OPpmcXCCvCOe7csW2BoqXY6bcbpBv7MMzNwdfjYP6C9XdmeA6yVKA6zjkJAjyVC
UzyHfWoK+IVJXCETSG0WcPSm8Gq4wXtlGJRahth6p/U2Vwue2epd3yolZvqG9qQu
Lhg51vq+4ggFB62haKmpYikfDBkLwersPOrdR5oLxU8KqjdcRGwErXJtyc5hHeZp
zwAvfp1J0B803ybdOk7WvaVegw+9nDTXEMwXJDQC4PBXAc75TCoN4l/if+rN+fGR
2d81LQRobPFI+3YOwf5I82Gi54XWhBo803lEb1Mdg6xssqmeoU/De+n1jzjgfSVC
XeM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:58:17 2025 by rpki-client