Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/P8xxrNzxxXGR2UL7ol-FWXNhZIU.roa
File: P8xxrNzxxXGR2UL7ol-FWXNhZIU.roa (raw, json)
Hash identifier: i64uFEM+VP/PEfBgFA1w1L1ojs0ztNHLH4ExcafcBlA=
Subject key identifier: 3F:CC:71:AC:DC:F1:C5:71:91:D9:42:FB:A2:5F:85:59:73:61:64:85
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA0409CF4299346CCD405F3AFD00FA45A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/P8xxrNzxxXGR2UL7ol-FWXNhZIU.roa
Signing time: Mon 25 Dec 2023 09:13:58 +0000
ROA not before: Mon 25 Dec 2023 09:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a0:40:9c:f4:29:93:46:cc:d4:05:f3:af:d0:0f:a4:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 09:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fcc71acdcf1c57191d942fba25f855973616485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c6:22:8b:6e:a9:97:7c:b1:a1:b4:f7:8a:2b:
8b:07:ac:0e:3c:5b:9a:bc:56:d3:a7:50:8d:91:37:
fe:ed:43:d1:4b:7e:83:4f:64:a2:11:d1:e8:6d:c9:
63:34:d4:8f:84:50:67:62:d0:a6:a0:fb:a2:4b:5e:
0d:e1:f0:06:ac:6b:3e:02:a1:82:f4:69:2b:c0:05:
9a:e2:da:02:fb:1f:ec:46:48:2e:4c:da:dd:1a:b6:
ca:3f:61:c0:06:16:02:a9:35:6e:ab:b4:23:ae:2e:
16:f9:95:47:77:6d:fa:e7:68:fd:94:a3:61:82:6e:
2a:f3:f0:2c:d5:83:6d:2f:f8:6b:ba:cb:da:72:61:
e0:f4:d6:14:f9:15:2f:6f:b1:8b:81:96:c8:cc:a1:
24:29:8e:bb:30:67:dd:d9:d4:7b:c8:38:22:56:9d:
92:06:6d:63:08:9b:86:25:33:c9:83:c2:be:d5:b2:
ff:42:ed:30:9d:66:a4:c7:a2:ba:6b:0e:e3:94:4e:
13:ea:8a:6d:0f:a5:dc:07:2c:3a:54:c1:d5:b4:11:
bc:14:99:82:eb:2a:f0:b4:00:92:a8:49:58:b1:07:
ab:ab:72:7e:7e:9f:1c:f7:fc:e0:0e:24:24:ad:c4:
e5:56:5f:e3:b0:35:ca:cc:76:c2:21:0b:72:39:18:
6d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:CC:71:AC:DC:F1:C5:71:91:D9:42:FB:A2:5F:85:59:73:61:64:85
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/P8xxrNzxxXGR2UL7ol-FWXNhZIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:8d:6d:ed:34:86:b9:cc:b9:09:08:ab:16:29:12:86:85:12:
75:47:05:56:f6:5e:12:a9:37:66:b7:b8:78:2e:85:54:59:31:
63:6a:4a:a8:a0:40:69:05:bb:d0:5a:db:81:6b:79:d5:f5:0c:
df:6e:29:82:46:28:c0:78:e9:c6:08:55:dd:01:71:be:34:00:
3a:58:ee:79:ad:0c:b8:a3:c1:57:f6:1c:68:dd:41:fe:f9:e8:
1d:2d:22:39:e1:6c:b4:e4:a1:68:83:ef:87:55:7d:bb:8d:53:
64:2f:53:d7:c8:6b:ae:31:b5:ef:dd:09:05:b1:c6:49:48:d5:
1f:d3:b9:47:ca:02:fe:fa:7f:a3:ec:3f:f1:b4:9c:ae:39:b0:
34:53:a4:1d:70:8c:25:eb:92:85:8d:ad:6e:5d:ff:e2:bb:b0:
ae:d7:f1:87:4d:a2:da:1b:d1:c9:e0:c7:64:a1:b2:89:d1:aa:
b3:03:bc:80:4d:dc:f7:86:45:e5:fc:aa:1b:30:d5:af:07:8a:
51:68:1e:6d:fb:b0:2a:2c:37:b1:71:11:5a:20:a3:17:b8:ba:
44:fc:22:46:d2:5e:b0:81:8b:7a:84:93:d4:aa:f3:5a:7d:b2:
85:21:e0:79:91:2f:4b:06:33:da:51:8c:0e:0c:b0:0c:e7:f0:
78:e3:7f:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYygQJz0KZNGzNQF86/QD6RaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MDkxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmNjNzFhY2RjZjFjNTcxOTFkOTQyZmJhMjVmODU1OTczNjE2NDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMYii26pl3yxobT3iiuLB6wOPFua
vFbTp1CNkTf+7UPRS36DT2SiEdHobcljNNSPhFBnYtCmoPuiS14N4fAGrGs+AqGC
9GkrwAWa4toC+x/sRkguTNrdGrbKP2HABhYCqTVuq7Qjri4W+ZVHd23652j9lKNh
gm4q8/As1YNtL/hrusvacmHg9NYU+RUvb7GLgZbIzKEkKY67MGfd2dR7yDgiVp2S
Bm1jCJuGJTPJg8K+1bL/Qu0wnWakx6K6aw7jlE4T6optD6XcByw6VMHVtBG8FJmC
6yrwtACSqElYsQerq3J+fp8c9/zgDiQkrcTlVl/jsDXKzHbCIQtyORhtiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD/Mcazc8cVxkdlC+6JfhVlzYWSFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUDh4eHJOenh4WEdSMlVMN29sLUZXWE5oWklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJqNbe00hrnMuQkIqxYp
EoaFEnVHBVb2XhKpN2a3uHguhVRZMWNqSqigQGkFu9Ba24FredX1DN9uKYJGKMB4
6cYIVd0Bcb40ADpY7nmtDLijwVf2HGjdQf756B0tIjnhbLTkoWiD74dVfbuNU2Qv
U9fIa64xte/dCQWxxklI1R/TuUfKAv76f6PsP/G0nK45sDRTpB1wjCXrkoWNrW5d
/+K7sK7X8YdNotob0cngx2ShsonRqrMDvIBN3PeGReX8qhsw1a8HilFoHm37sCos
N7FxEVogoxe4ukT8IkbSXrCBi3qEk9Sq81p9soUh4HmRL0sGM9pRjA4MsAzn8Hjj
fzY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:44 2025 by rpki-client