Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FgiPY_y2bFVGVB04U9cLx5hVlRQ.roa
File: FgiPY_y2bFVGVB04U9cLx5hVlRQ.roa (raw, json)
Hash identifier: EAXpkJYnf685FhtsqU55XxQgDtkcYrJKGjX0PCpMI3E=
Subject key identifier: 16:08:8F:63:FC:B6:6C:55:46:54:1D:38:53:D7:0B:C7:98:55:95:14
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E104155C3C3C03796ABC366D4EB428393
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FgiPY_y2bFVGVB04U9cLx5hVlRQ.roa
Signing time: Tue 05 Mar 2024 20:15:01 +0000
ROA not before: Tue 05 Mar 2024 20:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:10:41:55:c3:c3:c0:37:96:ab:c3:66:d4:eb:42:83:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 5 20:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16088f63fcb66c5546541d3853d70bc798559514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:59:6f:3e:66:3c:c0:9e:ae:ea:eb:fa:a1:d7:
5c:66:92:06:c7:f4:c4:27:5d:7f:d9:78:b6:b4:d5:
b1:36:e9:98:e2:cf:7e:6b:9e:c7:14:43:25:47:d9:
c7:cd:02:25:30:12:3d:06:09:41:0d:2c:3e:9b:7d:
e4:91:e2:cc:80:ce:6b:1b:91:3f:f8:13:27:17:f5:
d4:51:60:ed:f0:90:79:03:f8:80:59:7d:98:0b:fa:
35:6e:b5:ab:9f:b7:64:d3:8c:d8:50:09:20:7d:dc:
c7:66:91:af:ec:f9:09:6a:4e:70:9a:49:59:df:3a:
ee:15:cb:d2:6c:ce:fa:b8:51:9a:20:fc:78:ba:0c:
fd:75:21:31:18:36:24:9e:e3:b3:a3:2d:4f:5c:63:
0f:d0:9f:e9:e1:3d:59:e0:5c:d1:b1:bf:15:26:00:
0f:c9:7a:0d:d4:da:f5:b5:be:5e:f9:c5:f0:37:e9:
61:02:4b:dc:63:17:60:ed:c6:2e:73:b1:d3:be:8b:
d6:ed:ea:71:ed:2d:ea:3a:aa:8f:32:d0:e6:d1:8c:
2a:68:05:08:77:76:e7:52:ff:4e:00:9d:88:8d:06:
35:71:07:20:1e:1d:c3:4c:6b:c6:8b:fb:0b:5c:2e:
6e:d7:83:b8:b8:2f:e1:02:4f:a0:c2:3c:2d:d9:a6:
2b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:08:8F:63:FC:B6:6C:55:46:54:1D:38:53:D7:0B:C7:98:55:95:14
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FgiPY_y2bFVGVB04U9cLx5hVlRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:8b:fd:f7:b8:39:22:34:af:f4:98:d0:5f:4b:2e:5b:4e:15:
c5:42:1d:66:bb:1f:03:85:d4:be:93:bf:d8:f7:8f:81:cb:6f:
34:e5:57:83:7c:ab:b0:55:d2:82:98:ab:28:da:e6:93:d2:7a:
d1:e9:1e:aa:9c:7e:cb:ad:bc:66:32:70:32:cc:be:03:ec:c3:
33:41:44:8d:54:86:3e:e3:e4:91:0c:8b:46:46:94:b1:c6:99:
a2:76:45:c7:92:10:69:bb:ad:ce:d7:7f:e0:1a:2c:d6:f8:27:
b5:72:de:72:51:d5:5d:76:d1:80:a0:80:bb:66:01:39:d0:49:
1e:d3:b0:f9:5f:21:c5:5f:23:50:bf:5c:cc:41:98:aa:cc:62:
2a:03:02:80:f1:ff:17:74:ea:d2:79:5c:f0:59:c3:68:6f:fa:
41:f4:89:3c:10:aa:23:f5:0b:8d:fa:22:3a:db:db:57:12:1f:
c0:48:12:6e:99:ac:3c:e3:ed:a2:ba:50:12:68:2c:98:b7:04:
0d:89:6e:09:97:bb:b4:4f:f0:06:10:20:dd:cd:5b:04:06:94:
4a:0f:cd:0c:6a:c2:87:1b:8b:10:1b:49:ba:48:c2:36:02:0a:
bf:f9:95:4f:1f:b2:1f:19:b1:68:fc:5b:bd:d9:f2:b7:4b:3b:
8e:9f:b1:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4QQVXDw8A3lqvDZtTrQoOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA1MjAxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjA4OGY2M2ZjYjY2YzU1NDY1NDFkMzg1M2Q3MGJjNzk4NTU5NTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFlvPmY8wJ6u6uv6oddcZpIGx/TE
J11/2Xi2tNWxNumY4s9+a57HFEMlR9nHzQIlMBI9BglBDSw+m33kkeLMgM5rG5E/
+BMnF/XUUWDt8JB5A/iAWX2YC/o1brWrn7dk04zYUAkgfdzHZpGv7PkJak5wmklZ
3zruFcvSbM76uFGaIPx4ugz9dSExGDYknuOzoy1PXGMP0J/p4T1Z4FzRsb8VJgAP
yXoN1Nr1tb5e+cXwN+lhAkvcYxdg7cYuc7HTvovW7epx7S3qOqqPMtDm0YwqaAUI
d3bnUv9OAJ2IjQY1cQcgHh3DTGvGi/sLXC5u14O4uC/hAk+gwjwt2aYruwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBYIj2P8tmxVRlQdOFPXC8eYVZUUMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRmdpUFlfeTJiRlZHVkIwNFU5Y0x4NWhWbFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFmL/fe4OSI0r/SY0F9L
LltOFcVCHWa7HwOF1L6Tv9j3j4HLbzTlV4N8q7BV0oKYqyja5pPSetHpHqqcfsut
vGYycDLMvgPswzNBRI1Uhj7j5JEMi0ZGlLHGmaJ2RceSEGm7rc7Xf+AaLNb4J7Vy
3nJR1V120YCggLtmATnQSR7TsPlfIcVfI1C/XMxBmKrMYioDAoDx/xd06tJ5XPBZ
w2hv+kH0iTwQqiP1C436Ijrb21cSH8BIEm6ZrDzj7aK6UBJoLJi3BA2JbgmXu7RP
8AYQIN3NWwQGlEoPzQxqwocbixAbSbpIwjYCCr/5lU8fsh8ZsWj8W73Z8rdLO46f
sTY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:42 2025 by rpki-client