Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Iq6rrqgHrI3Q1FG_Bbvtyfo57_U.roa
File: Iq6rrqgHrI3Q1FG_Bbvtyfo57_U.roa (raw, json)
Hash identifier: ma2nQ8nQpVYWHRj3XxftCVJVnY4UpoOsjNMyJ3JOeXE=
Subject key identifier: 22:AE:AB:AE:A8:07:AC:8D:D0:D4:51:BF:05:BB:ED:C9:FA:39:EF:F5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EDAFEAB9CAE64A14DD90D1CB8AA44BE12
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Iq6rrqgHrI3Q1FG_Bbvtyfo57_U.roa
Signing time: Sun 14 Apr 2024 05:05:06 +0000
ROA not before: Sun 14 Apr 2024 05:05:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:dafd:dcb9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:da:fe:ab:9c:ae:64:a1:4d:d9:0d:1c:b8:aa:44:be:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 14 05:05:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22aeabaea807ac8dd0d451bf05bbedc9fa39eff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:34:38:20:ec:19:6e:4d:d0:53:81:aa:33:a3:
9a:d2:e8:6d:21:45:f9:0a:fb:ad:8b:06:7c:db:8f:
86:43:3a:25:60:87:3b:43:a9:1e:b8:25:dc:21:27:
a1:38:39:18:e4:d5:4e:2d:e3:9e:1e:21:ba:bf:05:
44:66:cf:aa:8b:4c:93:44:7a:be:2b:b1:b2:67:6c:
1a:23:72:3a:ce:f3:4e:fc:cf:6e:8c:b2:14:0c:5a:
29:16:b6:05:73:68:79:d6:e6:58:b5:0a:d4:ba:02:
67:ac:3c:ee:52:f2:7e:60:e7:85:b1:33:e7:9c:a2:
27:ee:3c:93:b2:fd:39:e6:98:7b:71:c0:cf:fc:41:
c5:3d:53:f4:ce:b5:18:68:71:c0:2d:e1:a5:10:48:
37:87:10:a9:01:eb:b9:5a:e0:14:16:ec:35:44:18:
b2:97:40:c1:3d:5e:c6:7b:14:fd:c2:de:8c:4a:a3:
1b:37:4a:63:d8:2e:42:22:10:5f:42:f9:b3:14:5e:
b6:cc:21:21:c8:a5:07:f7:ea:b4:36:98:7a:d5:f6:
ad:ec:47:3f:1f:6e:ed:62:41:ae:4e:04:80:1b:d6:
39:36:70:45:42:13:56:5e:6a:75:5b:4a:a4:2e:5f:
97:6f:e3:2c:6f:ab:2f:01:cb:de:1b:55:02:ce:5e:
df:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:AE:AB:AE:A8:07:AC:8D:D0:D4:51:BF:05:BB:ED:C9:FA:39:EF:F5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Iq6rrqgHrI3Q1FG_Bbvtyfo57_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:d4:c5:ea:dc:a8:33:71:39:9e:ce:ec:8b:b5:b0:38:d6:a5:
82:4a:44:28:17:29:09:35:37:f9:a4:5a:89:39:a9:73:f3:9e:
a3:dd:0b:51:78:51:41:97:a4:aa:ec:0b:a9:4b:bb:6a:60:3d:
50:73:fa:f3:cf:71:be:fe:9f:7d:0e:ba:6c:2c:a4:c9:ea:50:
a8:49:57:6e:91:a2:2d:51:55:8b:f4:12:6f:4c:1f:6d:17:4b:
5c:1e:e9:be:cb:dd:ba:9b:e1:b1:08:a5:d0:f9:6c:cb:91:66:
7d:48:8f:07:ee:95:5f:a3:d4:fe:24:65:15:7e:c5:1c:fa:63:
47:9d:13:4c:d3:e9:28:ba:6d:0f:e5:46:05:37:53:98:c7:06:
7e:14:59:a3:69:d8:52:da:7c:07:af:72:f7:55:56:cb:b8:a4:
bf:d5:e1:65:14:47:39:59:ef:0f:43:c5:0f:7e:ab:d8:c7:06:
e9:e4:44:fc:d9:ff:1f:6c:6d:9f:df:bf:ba:e6:39:0b:b5:cc:
50:6c:56:60:6e:94:63:43:b9:69:4f:ac:7a:7e:f7:dd:d9:ed:
e3:df:00:17:28:67:fe:22:93:77:ee:39:56:31:7f:4a:d8:f7:
ef:b7:1a:25:cf:96:11:49:94:da:9b:1a:d1:da:77:08:a7:75:
e1:54:67:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7a/qucrmShTdkNHLiqRL4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE0MDUwNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmFlYWJhZWE4MDdhYzhkZDBkNDUxYmYwNWJiZWRjOWZhMzllZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzQ4IOwZbk3QU4GqM6Oa0uhtIUX5
CvutiwZ824+GQzolYIc7Q6keuCXcISehODkY5NVOLeOeHiG6vwVEZs+qi0yTRHq+
K7GyZ2waI3I6zvNO/M9ujLIUDFopFrYFc2h51uZYtQrUugJnrDzuUvJ+YOeFsTPn
nKIn7jyTsv055ph7ccDP/EHFPVP0zrUYaHHALeGlEEg3hxCpAeu5WuAUFuw1RBiy
l0DBPV7GexT9wt6MSqMbN0pj2C5CIhBfQvmzFF62zCEhyKUH9+q0Nph61fat7Ec/
H27tYkGuTgSAG9Y5NnBFQhNWXmp1W0qkLl+Xb+Msb6svAcveG1UCzl7fVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCKuq66oB6yN0NRRvwW77cn6Oe/1MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSXE2cnJxZ0hySTNRMUZHX0JidnR5Zm81N19VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACfUxercqDNxOZ7O7Iu1
sDjWpYJKRCgXKQk1N/mkWok5qXPznqPdC1F4UUGXpKrsC6lLu2pgPVBz+vPPcb7+
n30OumwspMnqUKhJV26Roi1RVYv0Em9MH20XS1we6b7L3bqb4bEIpdD5bMuRZn1I
jwfulV+j1P4kZRV+xRz6Y0edE0zT6Si6bQ/lRgU3U5jHBn4UWaNp2FLafAevcvdV
Vsu4pL/V4WUURzlZ7w9DxQ9+q9jHBunkRPzZ/x9sbZ/fv7rmOQu1zFBsVmBulGND
uWlPrHp+993Z7ePfABcoZ/4ik3fuOVYxf0rY9++3GiXPlhFJlNqbGtHadwindeFU
Z7Q=
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:47:16 2025 by rpki-client