Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fgASLE12tBq0A2le4DV1NeegesU.roa
File: fgASLE12tBq0A2le4DV1NeegesU.roa (raw, json)
Hash identifier: J+s+Lb7RPtGwROtFSj5F1YYGjuMkTZCyrY6ob8TzisM=
Subject key identifier: 7E:00:12:2C:4D:76:B4:1A:B4:03:69:5E:E0:35:75:35:E7:A0:7A:C5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DABA147355D39E0F94A93EB584CC8752F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fgASLE12tBq0A2le4DV1NeegesU.roa
Signing time: Thu 15 Feb 2024 07:18:09 +0000
ROA not before: Thu 15 Feb 2024 07:18:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ab:a1:47:35:5d:39:e0:f9:4a:93:eb:58:4c:c8:75:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 15 07:18:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e00122c4d76b41ab403695ee0357535e7a07ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1c:89:c9:3e:40:98:2a:82:c3:cd:2c:0b:d3:
80:9f:ef:fe:74:6b:8d:c7:70:c9:c5:3d:ba:7b:b6:
d3:64:d3:e2:81:4c:34:8e:b7:8c:7c:79:f7:76:52:
b7:a1:47:d4:1c:b5:9a:b3:95:67:78:0a:0d:5d:4e:
df:af:7a:fc:2a:12:76:1a:48:9a:8c:37:d5:70:e4:
6a:66:cb:45:b1:67:ce:50:b7:bb:9f:2f:c0:09:4b:
6b:a5:ea:b9:df:50:f1:1b:6c:91:e1:61:f5:7e:66:
8e:d4:89:9c:79:13:06:fc:aa:53:00:cb:8d:37:84:
56:dc:16:01:6d:d5:a1:ca:82:60:0e:80:8f:2b:01:
2b:23:66:b1:1a:8b:fe:b0:28:6e:bc:a6:57:4a:1e:
b8:df:dc:a9:a8:95:0b:0b:55:c4:7a:a9:5c:bf:2d:
fd:cf:0a:a9:cf:8c:08:2b:94:19:87:e5:69:6f:b6:
de:4a:b6:5a:74:e1:b5:dc:aa:6c:c2:84:47:af:18:
58:94:b6:61:bb:08:2d:77:79:e7:6f:57:ee:0d:df:
ed:d6:c0:d6:77:8e:07:8e:48:2c:3f:d3:20:61:c9:
96:f9:03:43:21:64:50:f2:7d:57:99:a6:ed:55:61:
ea:a9:b1:8c:6b:d0:b8:6c:03:d8:56:06:3c:64:59:
84:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:00:12:2C:4D:76:B4:1A:B4:03:69:5E:E0:35:75:35:E7:A0:7A:C5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fgASLE12tBq0A2le4DV1NeegesU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:4b:d2:62:8c:df:bc:02:01:f2:f4:87:53:95:cb:37:46:df:
64:4e:b5:3c:89:43:b1:72:dc:00:20:d4:92:8b:b2:17:1a:67:
9f:88:04:f1:ba:41:a8:d7:73:42:20:97:39:a9:fe:33:32:16:
0b:ed:5d:13:6b:8d:01:69:81:02:12:a4:aa:28:bd:20:b5:66:
31:d3:eb:68:32:07:e2:c7:eb:56:ec:72:07:78:58:96:ad:69:
d9:79:ce:84:c5:e8:a6:72:cf:d4:b6:18:87:af:91:aa:78:88:
01:6c:4a:4b:ec:a6:4a:43:f6:cc:21:22:16:67:65:6b:b2:62:
92:ed:83:36:fc:ba:44:46:de:a4:08:c5:59:38:58:6e:27:a3:
4d:a1:02:e5:51:eb:fd:6b:95:0c:85:09:a7:7f:5a:97:6b:c6:
b3:b5:f5:4a:8e:bd:bf:64:31:fe:1f:fb:a4:0d:03:ee:e6:01:
cc:b5:85:10:18:cb:b5:ba:59:84:06:7f:c5:73:f1:78:5a:c3:
b8:b0:be:ed:78:88:19:71:9b:f1:75:5b:17:1e:c0:37:81:2d:
62:40:ad:08:db:12:8c:74:d5:bf:41:c4:e9:f0:88:53:52:f8:
da:00:74:65:80:ad:73:4e:82:31:49:7b:b7:2f:cc:7f:d1:a8:
76:28:b9:5e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2roUc1XTng+UqT61hMyHUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE1MDcxODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTAwMTIyYzRkNzZiNDFhYjQwMzY5NWVlMDM1NzUzNWU3YTA3YWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRyJyT5AmCqCw80sC9OAn+/+dGuN
x3DJxT26e7bTZNPigUw0jreMfHn3dlK3oUfUHLWas5VneAoNXU7fr3r8KhJ2Gkia
jDfVcORqZstFsWfOULe7ny/ACUtrpeq531DxG2yR4WH1fmaO1ImceRMG/KpTAMuN
N4RW3BYBbdWhyoJgDoCPKwErI2axGov+sChuvKZXSh6439ypqJULC1XEeqlcvy39
zwqpz4wIK5QZh+Vpb7beSrZadOG13KpswoRHrxhYlLZhuwgtd3nnb1fuDd/t1sDW
d44HjkgsP9MgYcmW+QNDIWRQ8n1XmabtVWHqqbGMa9C4bAPYVgY8ZFmElQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH4AEixNdrQatANpXuA1dTXnoHrFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZmdBU0xFMTJ0QnEwQTJsZTREVjFOZWVnZXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIBL0mKM37wCAfL0h1OV
yzdG32ROtTyJQ7Fy3AAg1JKLshcaZ5+IBPG6QajXc0Iglzmp/jMyFgvtXRNrjQFp
gQISpKoovSC1ZjHT62gyB+LH61bscgd4WJatadl5zoTF6KZyz9S2GIevkap4iAFs
SkvspkpD9swhIhZnZWuyYpLtgzb8ukRG3qQIxVk4WG4no02hAuVR6/1rlQyFCad/
WpdrxrO19UqOvb9kMf4f+6QNA+7mAcy1hRAYy7W6WYQGf8Vz8Xhaw7iwvu14iBlx
m/F1WxcewDeBLWJArQjbEox01b9BxOnwiFNS+NoAdGWArXNOgjFJe7cvzH/RqHYo
uV4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:26 2025 by rpki-client