Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PcvbNw7L9lur7UopermjUow_qbo.roa
File: PcvbNw7L9lur7UopermjUow_qbo.roa (raw, json)
Hash identifier: 6x8GS2A4+utq4gdlF8vc9Vt8nIA/AQlovQazS5UtE3A=
Subject key identifier: 3D:CB:DB:37:0E:CB:F6:5B:AB:ED:4A:29:7A:B9:A3:52:8C:3F:A9:BA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E42DBCD9F94FE0B71024D3550A47121AF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PcvbNw7L9lur7UopermjUow_qbo.roa
Signing time: Fri 15 Mar 2024 16:04:45 +0000
ROA not before: Fri 15 Mar 2024 16:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:42db:b380/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:db:cd:9f:94:fe:0b:71:02:4d:35:50:a4:71:21:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 15 16:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dcbdb370ecbf65babed4a297ab9a3528c3fa9ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ff:92:8c:c7:30:d7:71:e1:e9:da:6a:e4:e4:
66:e1:2a:ab:2f:e2:6c:b7:a6:71:67:a7:99:7f:95:
6e:b5:9a:36:46:fd:ac:87:a6:19:3a:04:07:e1:0c:
44:21:fc:96:dc:6b:8e:2d:d1:31:cb:a8:85:33:c7:
2f:6c:d1:8f:fd:e3:db:a9:a0:04:68:6a:6c:b9:02:
06:fd:92:ee:fb:f8:81:af:6c:de:9d:0e:47:2f:29:
71:96:c2:5b:a5:d4:8b:71:b2:1d:70:d8:ef:89:c5:
11:1c:e2:6a:61:94:69:01:87:8b:6b:8f:08:0e:af:
a7:b8:43:6c:04:bf:20:aa:4a:e1:64:5f:b7:25:34:
2b:1d:d9:7f:5f:a0:40:00:33:43:57:1f:ba:1d:63:
a6:fa:2a:64:77:e2:ba:d5:b6:22:78:8f:b4:0e:75:
7a:c5:c9:6e:94:e4:dd:fb:1c:19:36:0d:a8:1c:6e:
47:94:6f:d9:04:4e:97:25:60:1c:fa:5c:62:8e:e0:
ae:8a:20:4b:e7:0e:27:b1:2b:c6:79:06:d8:43:06:
4b:ab:8b:f1:3d:89:e6:fb:6a:f5:8e:d2:75:ae:ad:
34:00:f9:ae:c7:5f:6a:c9:e5:4c:ae:1a:b9:fa:7e:
76:bb:00:76:76:4a:30:ee:49:85:43:fc:55:fa:00:
00:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:CB:DB:37:0E:CB:F6:5B:AB:ED:4A:29:7A:B9:A3:52:8C:3F:A9:BA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PcvbNw7L9lur7UopermjUow_qbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:e4:ed:fd:08:a4:46:2c:9a:99:eb:8a:a9:ec:d1:dd:ca:9c:
84:8a:5f:7a:04:7e:46:7c:7d:15:dc:7d:72:66:20:2b:19:a0:
be:3f:c6:54:91:54:69:fc:11:5a:66:ab:d9:57:c2:a0:c7:ac:
bd:81:2b:a3:70:e0:cc:17:17:7c:9b:7a:80:54:eb:e4:38:d2:
a7:e0:01:02:2d:0b:cd:11:69:fb:3a:9f:84:61:97:0b:c0:c7:
eb:a0:59:36:5f:ce:95:53:1e:1c:56:94:77:eb:10:bb:df:79:
b5:70:d4:ed:aa:42:23:53:39:59:c5:75:e0:02:9e:e6:64:83:
84:03:04:a1:1e:32:04:1f:13:36:36:59:96:54:b9:5a:18:d5:
e0:6d:ae:16:23:d5:25:d5:ed:c5:db:1e:ec:53:df:92:7f:cb:
af:00:50:f9:fc:c7:bf:ce:1b:e3:e9:ed:8a:c3:c0:e9:aa:0f:
28:77:49:01:83:aa:08:68:bd:2e:b4:e1:62:e0:1b:df:2f:38:
59:ed:45:9e:87:fd:70:b6:f1:0e:9a:a3:33:21:53:71:88:09:
74:15:e4:79:99:a4:84:9a:ed:4b:47:72:f3:14:b7:e7:85:85:
b7:0b:82:44:10:7c:ea:55:36:02:4f:b5:c1:18:a7:9c:6b:66:
af:9f:47:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5C282flP4LcQJNNVCkcSGvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE1MTYwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGNiZGIzNzBlY2JmNjViYWJlZDRhMjk3YWI5YTM1MjhjM2ZhOWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP+SjMcw13Hh6dpq5ORm4SqrL+Js
t6ZxZ6eZf5VutZo2Rv2sh6YZOgQH4QxEIfyW3GuOLdExy6iFM8cvbNGP/ePbqaAE
aGpsuQIG/ZLu+/iBr2zenQ5HLylxlsJbpdSLcbIdcNjvicURHOJqYZRpAYeLa48I
Dq+nuENsBL8gqkrhZF+3JTQrHdl/X6BAADNDVx+6HWOm+ipkd+K61bYieI+0DnV6
xclulOTd+xwZNg2oHG5HlG/ZBE6XJWAc+lxijuCuiiBL5w4nsSvGeQbYQwZLq4vx
PYnm+2r1jtJ1rq00APmux19qyeVMrhq5+n52uwB2dkow7kmFQ/xV+gAAFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD3L2zcOy/Zbq+1KKXq5o1KMP6m6MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUGN2Yk53N0w5bHVyN1VvcGVybWpVb3dfcWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIvk7f0IpEYsmpnriqns
0d3KnISKX3oEfkZ8fRXcfXJmICsZoL4/xlSRVGn8EVpmq9lXwqDHrL2BK6Nw4MwX
F3ybeoBU6+Q40qfgAQItC80Rafs6n4RhlwvAx+ugWTZfzpVTHhxWlHfrELvfebVw
1O2qQiNTOVnFdeACnuZkg4QDBKEeMgQfEzY2WZZUuVoY1eBtrhYj1SXV7cXbHuxT
35J/y68AUPn8x7/OG+Pp7YrDwOmqDyh3SQGDqghovS604WLgG98vOFntRZ6H/XC2
8Q6aozMhU3GICXQV5HmZpISa7UtHcvMUt+eFhbcLgkQQfOpVNgJPtcEYp5xrZq+f
R/4=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:49:57 2025 by rpki-client