Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FU9031rR4eWvs-j0qcGhyZCirXY.roa
File: FU9031rR4eWvs-j0qcGhyZCirXY.roa (raw, json)
Hash identifier: sKVInGuQofLGrbPXqH/BhlVTfD5NlypDxyruVgaiF7A=
Subject key identifier: 15:4F:74:DF:5A:D1:E1:E5:AF:B3:E8:F4:A9:C1:A1:C9:90:A2:AD:76
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C8980F2B4E0E5FCA142C9A052E80A21B2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FU9031rR4eWvs-j0qcGhyZCirXY.roa
Signing time: Wed 20 Dec 2023 23:12:58 +0000
ROA not before: Wed 20 Dec 2023 23:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:89:80:f2:b4:e0:e5:fc:a1:42:c9:a0:52:e8:0a:21:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 20 23:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=154f74df5ad1e1e5afb3e8f4a9c1a1c990a2ad76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:70:d4:31:cc:14:cb:a7:87:1f:f3:96:27:32:
b1:6b:e6:63:b6:a9:7f:6d:9f:ee:71:f5:b8:be:1c:
4f:8b:aa:be:99:31:ac:f6:c7:77:0b:36:9f:c2:02:
dd:4b:55:87:f3:a8:a7:cb:3c:51:bc:fb:e4:fa:33:
b2:3d:01:4c:fe:b2:81:25:0c:d4:51:fe:5c:c8:7e:
2d:50:c4:b9:f6:7b:1e:67:dc:39:61:02:50:2b:2c:
a5:75:88:41:ec:41:f2:ac:91:6b:b0:41:ed:3c:ed:
10:3d:39:f6:ea:60:19:7d:f0:2a:62:f3:66:ca:aa:
6f:54:6a:75:e8:1a:91:14:1f:08:e9:9b:34:d5:a5:
86:81:11:05:f8:6a:79:c6:66:0c:94:0e:55:8f:14:
57:e2:af:1a:82:52:05:25:46:41:6c:33:f4:11:27:
7d:4c:d6:af:c9:0b:6b:71:42:ef:5b:7f:16:6a:b0:
ae:61:54:2e:1b:b5:25:ee:0b:87:ed:fb:8b:54:3a:
17:43:aa:9f:9d:4f:a2:67:a8:8a:bf:16:45:8d:db:
94:cb:6e:7f:94:45:c3:e3:ab:07:65:c6:c4:49:c7:
d2:07:ef:ed:68:cd:8d:1b:d9:e0:7a:53:28:d6:69:
35:aa:93:0e:95:e1:d0:29:f5:a7:d8:36:49:04:e2:
14:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:4F:74:DF:5A:D1:E1:E5:AF:B3:E8:F4:A9:C1:A1:C9:90:A2:AD:76
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FU9031rR4eWvs-j0qcGhyZCirXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:86:c3:c8:40:32:2c:2e:9c:30:1e:ae:cd:59:df:af:e7:8e:
ac:da:ab:85:64:f8:62:ba:4b:ae:e5:1b:95:00:94:bb:c2:79:
2c:1c:d3:4d:d2:bc:bc:5c:1a:5d:a5:d6:8e:ae:49:c2:d9:67:
a0:cb:8d:2c:7f:ee:5d:05:d8:d9:d9:6f:11:03:35:a0:38:60:
5f:f3:f7:c1:01:b8:da:40:8c:79:d5:7e:d2:93:fd:b7:e6:d4:
a1:41:7a:2a:f5:db:96:12:84:34:9c:7b:f9:5e:cc:a6:36:e0:
30:ae:04:b4:6c:e1:3b:d6:9b:70:47:3b:83:08:f1:e4:84:4b:
04:73:3f:ea:61:99:50:2f:27:2d:39:84:ee:69:8a:63:c6:85:
f6:4a:9b:9c:db:e3:18:ae:63:67:f3:59:f2:44:32:f5:d6:85:
38:3c:3c:e5:39:76:ce:c6:e4:de:9b:15:59:43:df:3c:eb:2b:
40:f8:dc:e4:02:61:6e:e8:40:8c:d1:8c:5b:67:43:8e:58:65:
d8:ab:19:0e:f1:e2:e4:7f:02:3e:67:fc:c5:84:a4:83:c8:e7:
29:2c:11:c7:18:12:84:a0:a1:c9:20:4c:7b:49:8a:75:9c:f4:
da:42:e2:02:48:db:c5:5e:d6:a1:59:0a:b5:99:5e:3a:e9:4e:
a6:fc:6a:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyJgPK04OX8oULJoFLoCiGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIwMjMxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTRmNzRkZjVhZDFlMWU1YWZiM2U4ZjRhOWMxYTFjOTkwYTJhZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA93DUMcwUy6eHH/OWJzKxa+Zjtql/
bZ/ucfW4vhxPi6q+mTGs9sd3CzafwgLdS1WH86inyzxRvPvk+jOyPQFM/rKBJQzU
Uf5cyH4tUMS59nseZ9w5YQJQKyyldYhB7EHyrJFrsEHtPO0QPTn26mAZffAqYvNm
yqpvVGp16BqRFB8I6Zs01aWGgREF+Gp5xmYMlA5VjxRX4q8aglIFJUZBbDP0ESd9
TNavyQtrcULvW38WarCuYVQuG7Ul7guH7fuLVDoXQ6qfnU+iZ6iKvxZFjduUy25/
lEXD46sHZcbEScfSB+/taM2NG9ngelMo1mk1qpMOleHQKfWn2DZJBOIU2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBVPdN9a0eHlr7Po9KnBocmQoq12MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRlU5MDMxclI0ZVd2cy1qMHFjR2h5WkNpclhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABaGw8hAMiwunDAers1Z
36/njqzaq4Vk+GK6S67lG5UAlLvCeSwc003SvLxcGl2l1o6uScLZZ6DLjSx/7l0F
2NnZbxEDNaA4YF/z98EBuNpAjHnVftKT/bfm1KFBeir125YShDSce/lezKY24DCu
BLRs4TvWm3BHO4MI8eSESwRzP+phmVAvJy05hO5pimPGhfZKm5zb4xiuY2fzWfJE
MvXWhTg8POU5ds7G5N6bFVlD3zzrK0D43OQCYW7oQIzRjFtnQ45YZdirGQ7x4uR/
Aj5n/MWEpIPI5yksEccYEoSgockgTHtJinWc9NpC4gJI28Ve1qFZCrWZXjrpTqb8
amU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:33 2025 by rpki-client