Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/03Qbh7E7HmtGyaZ5AmqnzQA-SQA.roa
File: 03Qbh7E7HmtGyaZ5AmqnzQA-SQA.roa (raw, json)
Hash identifier: uo3IxGxMgoLxy7+KBgKRZ8CwuZQ9NwGyvHJ0e3npkVE=
Subject key identifier: D3:74:1B:87:B1:3B:1E:6B:46:C9:A6:79:02:6A:A7:CD:00:3E:49:00
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E7A06BA78E3612018FB9D23EAE545F01D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/03Qbh7E7HmtGyaZ5AmqnzQA-SQA.roa
Signing time: Tue 26 Mar 2024 09:10:45 +0000
ROA not before: Tue 26 Mar 2024 09:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:06:ba:78:e3:61:20:18:fb:9d:23:ea:e5:45:f0:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 26 09:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3741b87b13b1e6b46c9a679026aa7cd003e4900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:3b:9d:46:b2:19:1f:a5:13:bf:9d:df:24:cb:
2f:66:a3:ff:ea:4b:5e:98:5f:24:61:4f:73:3c:54:
45:8c:6d:c4:f8:e6:8b:cd:97:04:97:d0:97:a2:2c:
f7:7e:7a:c3:0f:23:21:bc:9a:99:4f:f7:19:66:c6:
41:ef:56:0d:85:ee:4e:b4:40:4a:75:c0:3a:5f:b3:
a8:77:21:f0:28:04:18:1f:b0:9a:87:f6:c7:31:52:
8d:39:ac:13:ad:ec:61:f5:c6:ba:52:c2:24:3b:38:
48:49:c0:73:16:01:6d:30:14:8c:11:a5:2b:12:da:
3a:31:08:cf:9f:e2:79:28:b8:6f:f5:56:be:9e:0a:
3f:c6:32:2b:5a:dc:ab:34:2d:77:3d:13:84:1c:93:
95:3f:a7:79:61:f8:53:a1:f2:7c:46:8e:e1:b9:57:
aa:b6:4f:6a:de:aa:05:3d:3c:89:88:66:30:4c:f8:
b5:a7:9b:4c:9d:18:12:77:32:be:70:b1:8c:7a:c8:
79:b7:27:30:02:9a:1f:d0:bc:aa:5f:9b:d7:de:db:
d8:68:d0:a2:e8:ce:8c:eb:4a:9c:0f:96:d8:ca:e0:
fe:57:65:64:cf:35:fd:d3:20:a0:67:e5:82:63:10:
80:c3:eb:a9:b4:8b:70:33:16:8d:f6:99:06:1b:61:
0d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:74:1B:87:B1:3B:1E:6B:46:C9:A6:79:02:6A:A7:CD:00:3E:49:00
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/03Qbh7E7HmtGyaZ5AmqnzQA-SQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:05:37:a8:d1:cb:18:23:39:1b:ae:63:9b:01:01:3c:35:a9:
1c:4d:9c:76:1b:ee:85:93:fd:15:75:ec:98:f9:8c:e0:a8:ed:
a0:89:be:b5:b9:0d:22:71:38:f1:8d:2d:6d:37:2e:98:19:82:
42:2c:4b:8f:81:e0:55:8f:f3:43:32:39:9d:14:6e:92:2f:94:
f6:0f:72:ef:76:e8:45:2e:02:a8:6f:3e:73:1b:6c:56:80:ac:
ef:a7:48:ad:e3:c5:14:fe:d5:55:5d:14:0a:bd:9c:11:39:74:
56:2e:b8:70:96:5a:c3:4a:3f:e4:31:b8:37:d5:08:78:84:e0:
fe:9c:48:d6:c1:46:31:e6:12:76:98:7b:ec:69:16:44:ea:ef:
6e:66:e1:c7:fa:1e:03:c8:27:35:83:3e:f1:2b:69:b2:f6:5e:
2a:14:f3:40:e3:9e:68:ea:55:ae:b1:01:0c:8a:3e:96:26:e3:
6f:11:b3:c9:92:2e:63:91:16:7f:a9:94:27:ed:e8:b6:57:9f:
a8:ad:7a:a0:24:d6:4a:25:d5:41:bf:0e:12:fe:39:f1:f3:dd:
8f:0f:44:df:21:dc:f2:37:49:01:65:45:d7:e6:62:e5:05:6c:
69:31:77:43:88:66:a2:a6:a6:82:bc:77:df:fa:45:ea:70:0d:
ed:17:c9:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY56Brp442EgGPudI+rlRfAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI2MDkxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzc0MWI4N2IxM2IxZTZiNDZjOWE2NzkwMjZhYTdjZDAwM2U0OTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zudRrIZH6UTv53fJMsvZqP/6kte
mF8kYU9zPFRFjG3E+OaLzZcEl9CXoiz3fnrDDyMhvJqZT/cZZsZB71YNhe5OtEBK
dcA6X7OodyHwKAQYH7Cah/bHMVKNOawTrexh9ca6UsIkOzhIScBzFgFtMBSMEaUr
Eto6MQjPn+J5KLhv9Va+ngo/xjIrWtyrNC13PROEHJOVP6d5YfhTofJ8Ro7huVeq
tk9q3qoFPTyJiGYwTPi1p5tMnRgSdzK+cLGMesh5tycwApof0LyqX5vX3tvYaNCi
6M6M60qcD5bYyuD+V2VkzzX90yCgZ+WCYxCAw+uptItwMxaN9pkGG2ENDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNN0G4exOx5rRsmmeQJqp80APkkAMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMDNRYmg3RTdIbXRHeWFaNUFtcW56UUEtU1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABAFN6jRyxgjORuuY5sB
ATw1qRxNnHYb7oWT/RV17Jj5jOCo7aCJvrW5DSJxOPGNLW03LpgZgkIsS4+B4FWP
80MyOZ0UbpIvlPYPcu926EUuAqhvPnMbbFaArO+nSK3jxRT+1VVdFAq9nBE5dFYu
uHCWWsNKP+QxuDfVCHiE4P6cSNbBRjHmEnaYe+xpFkTq725m4cf6HgPIJzWDPvEr
abL2XioU80DjnmjqVa6xAQyKPpYm428Rs8mSLmORFn+plCft6LZXn6iteqAk1kol
1UG/DhL+OfHz3Y8PRN8h3PI3SQFlRdfmYuUFbGkxd0OIZqKmpoK8d9/6RepwDe0X
yeI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:57:44 2025 by rpki-client