Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/f_lPEOzp5LToJmZ9F85CBAb1IjY.roa
File: f_lPEOzp5LToJmZ9F85CBAb1IjY.roa (raw, json)
Hash identifier: Ap6RGeYsz/3sPLwwfdeI8ai44UWrctfH7juHGd712pw=
Subject key identifier: 7F:F9:4F:10:EC:E9:E4:B4:E8:26:66:7D:17:CE:42:04:06:F5:22:36
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ECFE2201C8BC9F8380AF3D80EBD44A140
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/f_lPEOzp5LToJmZ9F85CBAb1IjY.roa
Signing time: Fri 12 Apr 2024 01:18:06 +0000
ROA not before: Fri 12 Apr 2024 01:18:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cf:e2:20:1c:8b:c9:f8:38:0a:f3:d8:0e:bd:44:a1:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 12 01:18:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ff94f10ece9e4b4e826667d17ce420406f52236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bd:c1:31:ad:fa:cb:b2:37:fd:65:d2:25:22:
ec:2d:4c:e0:5b:47:d9:58:7d:79:24:0c:ef:dc:1a:
21:36:bb:f3:92:ab:78:41:fa:35:42:b3:37:7a:ac:
39:e6:3d:8a:e0:22:2c:34:5a:4a:9f:d2:4c:89:76:
95:26:64:0e:3e:da:b1:b7:03:27:a7:a4:34:bb:e4:
0c:f3:27:05:ac:16:ac:d6:c1:b4:42:66:d8:29:8f:
b0:12:ae:d9:79:76:2c:10:c5:bb:fb:f5:a3:99:a6:
ef:a5:38:52:78:50:22:80:76:a0:2d:54:a3:96:a1:
02:20:fe:6e:bc:31:8b:dc:e6:d5:31:ca:e2:37:74:
7c:38:cc:7b:8c:84:8f:4f:b4:53:d1:bb:fc:cf:c0:
2e:0e:9e:e3:1b:4f:c3:47:87:a4:d5:fa:b8:34:ee:
33:cb:af:f7:69:16:88:91:00:64:82:39:e5:f3:53:
55:b4:16:1e:3b:63:86:4e:9e:94:29:d8:54:d2:02:
4f:5f:75:49:0b:43:69:19:77:9b:3b:41:46:e6:fd:
ff:55:aa:ea:1d:d8:bb:6c:e5:5a:df:b7:49:6e:87:
d9:a3:ee:49:1b:94:c3:3f:1e:51:cf:9e:db:1d:c4:
d0:17:ca:ac:de:0c:08:67:0e:34:41:ee:44:b1:9f:
9d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F9:4F:10:EC:E9:E4:B4:E8:26:66:7D:17:CE:42:04:06:F5:22:36
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/f_lPEOzp5LToJmZ9F85CBAb1IjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:6c:b0:c4:48:00:a4:0f:90:03:8c:b6:f8:b4:9e:ab:26:b0:
25:ef:8b:83:ae:1b:62:12:e0:d7:67:15:7d:da:51:9d:53:cc:
aa:4e:1a:44:07:8c:24:d2:3c:0c:45:13:58:96:63:f2:82:f2:
d1:89:d5:f7:0c:db:8a:00:88:5d:e3:f7:4b:c8:89:b0:d1:e3:
da:33:97:2f:45:86:07:f9:b9:e9:c1:26:ed:a0:c5:f0:84:36:
a6:8e:29:73:fa:ad:b9:6e:60:cf:c9:aa:13:cd:e6:61:53:70:
21:35:74:35:0d:88:bf:44:d9:13:a7:6f:6f:06:fb:89:6c:4d:
1f:f7:d5:8c:05:a7:77:fe:cf:e7:15:13:7a:1e:d9:18:f8:a3:
89:bb:c6:35:18:1d:91:14:37:ed:6c:c1:db:09:87:e5:60:7b:
46:b4:4e:bb:8f:ac:d0:05:08:b1:b1:2b:0a:e9:83:30:b7:ca:
2f:83:ef:6c:15:73:da:75:43:bf:8e:df:93:89:3f:6c:9f:89:
1e:a7:cd:6f:b6:03:89:35:43:26:08:0a:43:6e:f1:2b:45:b5:
42:0a:f0:59:b4:0a:2c:0e:90:90:98:d7:17:3c:81:74:d5:45:
48:f2:c9:86:5a:9f:a1:c9:e3:98:35:94:3b:84:c8:f1:57:a0:
d5:1c:94:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7P4iAci8n4OArz2A69RKFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEyMDExODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmY5NGYxMGVjZTllNGI0ZTgyNjY2N2QxN2NlNDIwNDA2ZjUyMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn73BMa36y7I3/WXSJSLsLUzgW0fZ
WH15JAzv3BohNrvzkqt4Qfo1QrM3eqw55j2K4CIsNFpKn9JMiXaVJmQOPtqxtwMn
p6Q0u+QM8ycFrBas1sG0QmbYKY+wEq7ZeXYsEMW7+/WjmabvpThSeFAigHagLVSj
lqECIP5uvDGL3ObVMcriN3R8OMx7jISPT7RT0bv8z8AuDp7jG0/DR4ek1fq4NO4z
y6/3aRaIkQBkgjnl81NVtBYeO2OGTp6UKdhU0gJPX3VJC0NpGXebO0FG5v3/Varq
Hdi7bOVa37dJbofZo+5JG5TDPx5Rz57bHcTQF8qs3gwIZw40Qe5EsZ+ddwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH/5TxDs6eS06CZmfRfOQgQG9SI2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZl9sUEVPenA1TFRvSm1aOUY4NUNCQWIxSWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKNssMRIAKQPkAOMtvi0
nqsmsCXvi4OuG2IS4NdnFX3aUZ1TzKpOGkQHjCTSPAxFE1iWY/KC8tGJ1fcM24oA
iF3j90vIibDR49ozly9Fhgf5uenBJu2gxfCENqaOKXP6rbluYM/JqhPN5mFTcCE1
dDUNiL9E2ROnb28G+4lsTR/31YwFp3f+z+cVE3oe2Rj4o4m7xjUYHZEUN+1swdsJ
h+Vge0a0TruPrNAFCLGxKwrpgzC3yi+D72wVc9p1Q7+O35OJP2yfiR6nzW+2A4k1
QyYICkNu8StFtUIK8Fm0CiwOkJCY1xc8gXTVRUjyyYZan6HJ45g1lDuEyPFXoNUc
lLI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:29:58 2025 by rpki-client