Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fxHewpH7Veene6o-cNeB6RSuoj4.roa
File: fxHewpH7Veene6o-cNeB6RSuoj4.roa (raw, json)
Hash identifier: r23WQF1JQitcpmvmvjsp2G24QoJqiZm3lk97DZPjedQ=
Subject key identifier: 7F:11:DE:C2:91:FB:55:E7:A7:7B:AA:3E:70:D7:81:E9:14:AE:A2:3E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ECD4C3368A5C56D404EA7CBA0991E1FA1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fxHewpH7Veene6o-cNeB6RSuoj4.roa
Signing time: Thu 11 Apr 2024 13:15:06 +0000
ROA not before: Thu 11 Apr 2024 13:15:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cd:4c:33:68:a5:c5:6d:40:4e:a7:cb:a0:99:1e:1f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 11 13:15:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f11dec291fb55e7a77baa3e70d781e914aea23e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f6:2c:7d:7b:6b:bc:13:49:43:24:0d:00:2c:
5b:54:98:46:e4:a2:81:d9:05:95:a4:41:c8:8e:60:
08:9b:d2:cd:cf:18:96:65:29:ad:d3:dc:d0:b2:73:
c6:74:94:67:b9:8d:75:dc:39:2f:8c:18:d6:24:a5:
e6:52:ec:f0:9a:ab:32:dd:f5:c3:62:b0:fe:98:72:
06:75:4e:d2:17:27:e5:ba:ad:8b:fd:fd:25:f2:07:
f6:a7:27:25:9e:80:65:07:87:f9:48:b7:1d:0e:bc:
15:39:b3:e4:7f:2d:0a:06:2d:1f:ae:04:30:31:df:
70:92:fc:c3:de:09:c1:18:fb:24:3d:85:71:68:64:
50:56:b7:26:bb:dd:8d:18:ab:49:53:0c:9c:44:93:
01:70:c2:11:00:34:7f:6d:e9:34:c1:1c:81:cd:be:
1c:85:66:48:41:20:53:ae:40:6c:ea:f7:72:da:53:
0c:4a:dd:69:66:0b:06:17:b3:c9:dc:86:e0:e9:34:
96:51:a6:d7:09:1c:0c:66:c4:15:af:4e:b8:8f:70:
cc:08:ab:a1:5b:83:65:f4:2d:4a:11:d6:32:55:0f:
97:e9:e6:5b:5d:9d:ad:b9:1e:7b:e0:a0:a5:ab:c8:
87:0d:e2:91:da:4d:55:19:d3:ed:7c:1c:7c:c4:f8:
cd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:11:DE:C2:91:FB:55:E7:A7:7B:AA:3E:70:D7:81:E9:14:AE:A2:3E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fxHewpH7Veene6o-cNeB6RSuoj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:cb:5a:3d:e2:90:1b:38:a6:09:ad:18:08:9f:66:2e:99:93:
1c:ec:ce:24:a5:28:0b:5c:af:85:c5:4f:c9:82:eb:d6:bb:5e:
aa:3a:c1:7a:f0:b4:33:1e:82:c5:61:36:5c:0a:7c:76:c8:90:
54:e0:52:6b:76:14:e3:9b:b9:cf:b2:4c:6b:36:b8:41:a8:c1:
2c:ba:af:ba:ee:16:7a:59:96:07:5d:fd:4b:ab:e0:de:51:20:
e1:4a:95:c0:38:cb:0a:f2:a7:26:2b:1f:d3:96:4e:ec:50:b8:
9d:fc:0d:eb:64:3e:d5:26:6a:f7:4e:d9:79:df:ed:85:22:1a:
68:9f:bf:ab:0c:bf:a7:e6:13:cb:33:2b:f2:46:75:93:99:95:
80:75:59:19:58:79:51:d4:2d:0b:a0:18:e6:d0:2c:ae:b2:76:
6a:75:83:6c:4b:77:30:ea:3b:6b:61:b7:ee:7d:14:b5:9c:4d:
ca:76:9c:e7:a9:87:c0:fc:79:3a:ed:a1:10:0a:0d:5e:2f:84:
bf:2e:61:1d:ba:44:1c:91:3b:17:7a:05:a8:a5:00:bb:91:78:
61:de:26:2f:a8:28:1d:c1:f0:f2:80:78:1c:ea:1f:72:f7:0b:
60:c9:6d:f9:a8:2d:e3:01:8d:7c:e4:89:89:f2:31:ed:91:75:
ca:14:e5:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7NTDNopcVtQE6ny6CZHh+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDExMTMxNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjExZGVjMjkxZmI1NWU3YTc3YmFhM2U3MGQ3ODFlOTE0YWVhMjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/YsfXtrvBNJQyQNACxbVJhG5KKB
2QWVpEHIjmAIm9LNzxiWZSmt09zQsnPGdJRnuY113DkvjBjWJKXmUuzwmqsy3fXD
YrD+mHIGdU7SFyfluq2L/f0l8gf2pyclnoBlB4f5SLcdDrwVObPkfy0KBi0frgQw
Md9wkvzD3gnBGPskPYVxaGRQVrcmu92NGKtJUwycRJMBcMIRADR/bek0wRyBzb4c
hWZIQSBTrkBs6vdy2lMMSt1pZgsGF7PJ3Ibg6TSWUabXCRwMZsQVr064j3DMCKuh
W4Nl9C1KEdYyVQ+X6eZbXZ2tuR574KClq8iHDeKR2k1VGdPtfBx8xPjNzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH8R3sKR+1Xnp3uqPnDXgekUrqI+MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZnhIZXdwSDdWZWVuZTZvLWNOZUI2UlN1b2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAALLWj3ikBs4pgmtGAif
Zi6ZkxzsziSlKAtcr4XFT8mC69a7Xqo6wXrwtDMegsVhNlwKfHbIkFTgUmt2FOOb
uc+yTGs2uEGowSy6r7ruFnpZlgdd/Uur4N5RIOFKlcA4ywrypyYrH9OWTuxQuJ38
DetkPtUmavdO2Xnf7YUiGmifv6sMv6fmE8szK/JGdZOZlYB1WRlYeVHULQugGObQ
LK6ydmp1g2xLdzDqO2tht+59FLWcTcp2nOeph8D8eTrtoRAKDV4vhL8uYR26RByR
Oxd6BailALuReGHeJi+oKB3B8PKAeBzqH3L3C2DJbfmoLeMBjXzkiYnyMe2RdcoU
5R0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:25 2025 by rpki-client