Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_fFNLHFWte5zAosP-XyMW0G4Pug.roa
File: _fFNLHFWte5zAosP-XyMW0G4Pug.roa (raw, json)
Hash identifier: PyNxnpA2lgfOVTu3YGCwKcXefnL0aedkSlgVoSQgNDw=
Subject key identifier: FD:F1:4D:2C:71:56:B5:EE:73:02:8B:0F:F9:7C:8C:5B:41:B8:3E:E8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E57B3808D8C36757042131AECFEA3B73A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_fFNLHFWte5zAosP-XyMW0G4Pug.roa
Signing time: Tue 19 Mar 2024 17:12:45 +0000
ROA not before: Tue 19 Mar 2024 17:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:57:b3:80:8d:8c:36:75:70:42:13:1a:ec:fe:a3:b7:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 19 17:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdf14d2c7156b5ee73028b0ff97c8c5b41b83ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:06:5e:9a:98:4f:d1:7e:40:8b:22:02:71:08:
56:69:06:bc:53:4a:3b:e2:92:30:a0:5c:09:b4:a4:
1d:ea:8f:57:1d:07:88:21:bf:f6:93:98:32:fe:ee:
d1:ef:d5:24:a5:33:1e:fb:a7:ef:f2:03:e4:1d:aa:
08:b7:9a:d8:ec:be:57:e9:84:7f:93:0d:86:de:3f:
68:b7:e1:4f:64:13:4e:23:0b:b3:99:c8:aa:0e:b6:
8e:05:72:c4:36:af:81:50:15:f2:03:f9:17:f2:57:
20:17:45:93:29:65:57:c0:7f:c3:fa:c0:d1:78:e8:
9d:65:2e:3c:f7:d9:87:32:74:e0:46:75:b6:b4:29:
13:5f:cb:df:1e:4e:01:db:54:49:17:73:74:94:c6:
75:78:68:d9:9e:17:ba:61:7e:fb:4d:56:90:87:25:
08:e0:b9:f5:49:6b:52:cd:73:a4:df:6f:d9:19:f7:
88:77:f9:46:16:21:46:e2:5e:3f:cc:f1:a8:2b:0e:
fc:7c:a1:f1:23:8b:fb:19:fc:b5:3c:f9:dd:86:4d:
b7:17:1f:2d:dc:cf:79:c1:15:05:92:94:b5:ae:aa:
06:91:d4:59:6f:ed:95:df:0f:19:cb:28:2b:4f:18:
db:86:f3:fc:3a:11:02:d7:4f:5e:46:e5:de:02:87:
06:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F1:4D:2C:71:56:B5:EE:73:02:8B:0F:F9:7C:8C:5B:41:B8:3E:E8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_fFNLHFWte5zAosP-XyMW0G4Pug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:fe:3c:14:eb:d4:bd:45:dc:7a:d9:a9:00:96:a3:ef:70:7f:
31:d8:f9:cc:45:63:af:0e:d0:bc:83:ed:6f:b3:00:68:ba:e7:
50:b9:b8:75:92:9b:f2:28:25:3a:ec:9b:32:8e:60:5e:a5:ac:
23:e9:eb:28:54:d0:0b:f8:a9:83:06:65:d1:81:e6:e0:a5:37:
98:a0:f7:3c:b9:a5:24:57:7d:f5:14:bb:9e:c8:76:5b:14:56:
1c:e4:e6:02:2b:17:f9:33:bb:f3:3b:8b:93:bc:a3:7e:6c:48:
a4:c6:dc:e7:9b:a3:54:d9:0c:10:66:b9:8b:05:1a:f6:aa:97:
17:03:f8:1f:9b:89:a0:c3:02:dd:c8:29:6a:90:83:bb:b1:6d:
7c:ca:d4:62:84:b8:f3:1e:77:b0:ed:fb:8b:1f:89:20:74:8e:
54:d6:97:2e:97:9d:e6:6d:98:ee:51:c3:69:ce:1e:51:a2:da:
0b:69:45:81:7f:12:87:89:67:63:ca:bd:ce:6a:c7:ee:da:fa:
7c:19:f6:4d:97:9d:81:e1:ed:1f:da:85:49:ab:a7:82:11:ee:
20:34:17:38:a7:ea:6c:30:1b:09:1c:83:0b:43:4f:d8:b4:03:
12:0e:b0:e0:2f:9d:e3:83:0b:e3:a9:31:ac:f0:79:7b:1f:70:
c7:07:8f:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5Xs4CNjDZ1cEITGuz+o7c6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE5MTcxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGYxNGQyYzcxNTZiNWVlNzMwMjhiMGZmOTdjOGM1YjQxYjgzZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQZemphP0X5AiyICcQhWaQa8U0o7
4pIwoFwJtKQd6o9XHQeIIb/2k5gy/u7R79UkpTMe+6fv8gPkHaoIt5rY7L5X6YR/
kw2G3j9ot+FPZBNOIwuzmciqDraOBXLENq+BUBXyA/kX8lcgF0WTKWVXwH/D+sDR
eOidZS4899mHMnTgRnW2tCkTX8vfHk4B21RJF3N0lMZ1eGjZnhe6YX77TVaQhyUI
4Ln1SWtSzXOk32/ZGfeId/lGFiFG4l4/zPGoKw78fKHxI4v7Gfy1PPndhk23Fx8t
3M95wRUFkpS1rqoGkdRZb+2V3w8ZyygrTxjbhvP8OhEC109eRuXeAocGBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP3xTSxxVrXucwKLD/l8jFtBuD7oMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvX2ZGTkxIRld0ZTV6QW9zUC1YeU1XMEc0UHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEL+PBTr1L1F3HrZqQCW
o+9wfzHY+cxFY68O0LyD7W+zAGi651C5uHWSm/IoJTrsmzKOYF6lrCPp6yhU0Av4
qYMGZdGB5uClN5ig9zy5pSRXffUUu57IdlsUVhzk5gIrF/kzu/M7i5O8o35sSKTG
3Oebo1TZDBBmuYsFGvaqlxcD+B+biaDDAt3IKWqQg7uxbXzK1GKEuPMed7Dt+4sf
iSB0jlTWly6XneZtmO5Rw2nOHlGi2gtpRYF/EoeJZ2PKvc5qx+7a+nwZ9k2XnYHh
7R/ahUmrp4IR7iA0Fzin6mwwGwkcgwtDT9i0AxIOsOAvneODC+OpMazweXsfcMcH
j3c=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:15:15 2025 by rpki-client