Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CHQgR1PPWbhHqZThtA8Udk9zqLc.roa
File: CHQgR1PPWbhHqZThtA8Udk9zqLc.roa (raw, json)
Hash identifier: QGSlnBxW6aWsU+wOsNCxS3yeaVPnzgfZvq5HYzOlV8w=
Subject key identifier: 08:74:20:47:53:CF:59:B8:47:A9:94:E1:B4:0F:14:76:4F:73:A8:B7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E84FAFD64E2DB4FF28458AA0841A59F83
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CHQgR1PPWbhHqZThtA8Udk9zqLc.roa
Signing time: Thu 28 Mar 2024 12:13:45 +0000
ROA not before: Thu 28 Mar 2024 12:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:84:fa:fd:64:e2:db:4f:f2:84:58:aa:08:41:a5:9f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 28 12:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0874204753cf59b847a994e1b40f14764f73a8b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2e:5e:a3:ac:b9:88:11:e4:25:00:7c:98:08:
94:9c:12:1c:90:ef:a2:91:18:4f:af:09:e9:88:3e:
a3:c5:60:92:91:5f:44:89:71:dd:41:fe:6c:d8:9e:
7e:9f:cd:8d:e9:9c:f0:20:69:b7:03:82:a8:57:eb:
5a:25:48:db:7c:58:c0:2b:51:38:39:5e:78:a0:6a:
7f:88:3f:3d:a3:c6:1d:5c:54:62:d3:df:23:b9:5e:
ef:25:99:e1:15:48:e2:ea:7a:29:66:d6:fc:f1:9f:
ad:ce:bb:27:d2:30:6b:69:d4:ce:0a:d7:ca:9a:93:
58:13:dd:12:60:25:20:83:c8:e5:73:b9:3a:4e:88:
6e:65:db:bc:f0:ab:18:49:01:35:53:30:0f:e8:df:
7e:5c:ea:14:86:76:66:f2:a8:06:22:5c:09:b4:c1:
af:86:60:b2:07:48:77:7f:43:73:fc:1c:06:c7:ff:
47:d0:89:40:1d:aa:70:cd:ef:7f:15:89:4b:5b:2d:
e7:32:47:df:0d:1b:d7:c3:86:ab:1b:d1:df:5c:e0:
72:b1:8a:6b:f4:c3:c5:b4:4f:c1:41:ee:e6:74:6f:
6d:4d:2a:fc:7a:10:59:98:ff:50:51:d5:6d:c4:c6:
e6:82:9d:7f:8b:c2:55:f0:8a:55:ea:ce:a7:67:18:
56:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:74:20:47:53:CF:59:B8:47:A9:94:E1:B4:0F:14:76:4F:73:A8:B7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CHQgR1PPWbhHqZThtA8Udk9zqLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:db:94:7b:25:64:84:96:c6:20:f9:9e:c4:6a:fb:a7:ae:40:
19:5b:3e:8d:5f:2d:d9:43:ef:8a:35:76:ba:0e:fc:d7:d0:30:
cf:af:82:80:8f:c4:4e:89:45:48:10:62:5b:88:6a:ad:68:68:
82:2e:44:cd:ad:8c:c1:3f:66:2b:62:ec:12:62:20:f5:b1:cd:
ea:65:5a:3a:93:43:a0:99:a6:8c:f6:5a:1d:d6:00:97:40:32:
33:64:3c:db:01:c2:b9:22:c1:90:80:71:20:f3:80:45:08:3b:
3b:24:70:54:b9:24:16:38:b0:bd:e4:c5:83:f8:21:11:ec:b9:
38:c0:d2:0c:9e:33:9d:5a:20:d1:ef:66:fa:a0:d4:94:e8:dd:
7d:73:e9:71:fa:da:e5:1c:fe:0e:9a:53:5c:46:81:c6:d3:06:
ec:e6:69:18:bb:c6:e9:3d:09:06:9c:f1:6a:1a:67:2b:d9:c5:
40:36:69:75:b1:e2:5b:8a:10:fe:19:fd:4d:92:1d:83:1d:b7:
f4:6a:72:b3:ca:88:a1:5b:e5:dd:85:45:01:a9:d2:4d:84:0a:
3a:62:39:3c:33:c3:3a:ab:03:99:41:e5:df:c3:68:85:16:8c:
85:23:01:0b:24:65:21:40:d8:1b:cf:5b:0f:f4:ae:6b:91:64:
9b:ec:8f:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6E+v1k4ttP8oRYqghBpZ+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI4MTIxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODc0MjA0NzUzY2Y1OWI4NDdhOTk0ZTFiNDBmMTQ3NjRmNzNhOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri5eo6y5iBHkJQB8mAiUnBIckO+i
kRhPrwnpiD6jxWCSkV9EiXHdQf5s2J5+n82N6ZzwIGm3A4KoV+taJUjbfFjAK1E4
OV54oGp/iD89o8YdXFRi098juV7vJZnhFUji6nopZtb88Z+tzrsn0jBradTOCtfK
mpNYE90SYCUgg8jlc7k6TohuZdu88KsYSQE1UzAP6N9+XOoUhnZm8qgGIlwJtMGv
hmCyB0h3f0Nz/BwGx/9H0IlAHapwze9/FYlLWy3nMkffDRvXw4arG9HfXOBysYpr
9MPFtE/BQe7mdG9tTSr8ehBZmP9QUdVtxMbmgp1/i8JV8IpV6s6nZxhWkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAh0IEdTz1m4R6mU4bQPFHZPc6i3MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ0hRZ1IxUFBXYmhIcVpUaHRBOFVkazl6cUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABfblHslZISWxiD5nsRq
+6euQBlbPo1fLdlD74o1droO/NfQMM+vgoCPxE6JRUgQYluIaq1oaIIuRM2tjME/
Ziti7BJiIPWxzeplWjqTQ6CZpoz2Wh3WAJdAMjNkPNsBwrkiwZCAcSDzgEUIOzsk
cFS5JBY4sL3kxYP4IRHsuTjA0gyeM51aINHvZvqg1JTo3X1z6XH62uUc/g6aU1xG
gcbTBuzmaRi7xuk9CQac8WoaZyvZxUA2aXWx4luKEP4Z/U2SHYMdt/RqcrPKiKFb
5d2FRQGp0k2ECjpiOTwzwzqrA5lB5d/DaIUWjIUjAQskZSFA2BvPWw/0rmuRZJvs
j/I=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:43 2025 by rpki-client