Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q1sZOIrMuBdax2KoneE8Gfyd1Yg.roa
File: Q1sZOIrMuBdax2KoneE8Gfyd1Yg.roa (raw, json)
Hash identifier: JqzIpuIbausHUJIYAj+FRKTdGVVsHKpUUjQsbYf/9Qc=
Subject key identifier: 43:5B:19:38:8A:CC:B8:17:5A:C7:62:A8:9D:E1:3C:19:FC:9D:D5:88
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA1F3AD1D0549D0679799EF3990EA7FDC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q1sZOIrMuBdax2KoneE8Gfyd1Yg.roa
Signing time: Wed 03 Apr 2024 03:14:45 +0000
ROA not before: Wed 03 Apr 2024 03:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a1:f3:ad:1d:05:49:d0:67:97:99:ef:39:90:ea:7f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 3 03:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=435b19388accb8175ac762a89de13c19fc9dd588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9c:bc:bc:f3:4d:64:5c:14:34:d7:ab:c6:ae:
47:a1:6a:e2:42:aa:49:af:fb:b1:40:33:21:c6:32:
8d:3b:e7:72:2c:a0:10:24:04:2b:ba:38:b0:af:42:
20:ee:77:e6:26:4b:3d:76:6b:34:f6:d5:72:93:5d:
de:e5:ca:80:c9:d4:ec:0e:45:09:72:46:25:30:0e:
f7:84:bd:87:5e:ab:43:f7:0d:b1:65:a3:1a:d7:57:
3f:94:7c:07:df:4f:df:1c:61:87:03:b3:a8:1e:32:
f5:f3:ff:1a:7e:f3:67:ad:43:f7:e7:f5:c4:56:80:
f4:e4:13:4d:d2:bf:99:47:c1:9d:20:3b:b4:89:5f:
bb:77:95:7b:e0:ff:e2:95:39:fc:17:f2:12:ef:11:
96:a9:6c:8e:0c:ac:26:a2:08:86:b3:ba:41:65:dc:
30:99:2c:49:bf:d7:6b:de:0f:ce:3a:cb:33:1f:9a:
ae:92:e1:3b:88:18:78:67:aa:a2:74:82:71:da:3f:
50:e7:7e:6b:5c:71:4d:51:ea:3e:5b:80:3a:11:17:
7a:11:1e:8d:8a:96:8f:56:48:30:69:bc:b9:53:ef:
47:71:a9:c9:b5:e1:80:d7:56:5e:6c:fa:12:e4:2d:
60:0b:fa:0c:d3:8a:62:5f:c3:70:4d:88:be:ca:c3:
bc:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:5B:19:38:8A:CC:B8:17:5A:C7:62:A8:9D:E1:3C:19:FC:9D:D5:88
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q1sZOIrMuBdax2KoneE8Gfyd1Yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:10:0f:86:af:87:ff:c6:88:87:36:ec:43:02:18:07:2d:3f:
d1:8a:48:3b:9a:1d:69:a5:a9:d0:e1:fd:28:0e:0e:87:11:02:
e5:0a:8e:4d:43:86:22:af:d2:00:f6:a1:ce:27:f0:99:d9:54:
49:72:91:b8:8a:5b:b1:07:d6:1d:cd:fb:fc:a7:d3:3f:15:7c:
16:72:84:c3:bc:40:c0:46:24:1a:2b:e4:3c:c2:c3:7c:59:c1:
a2:0f:09:98:c2:40:45:f3:04:97:db:07:5c:5d:18:6f:a4:9c:
a6:d7:96:1b:de:af:a8:2b:45:8a:0e:0a:60:cd:aa:3d:04:a0:
f0:b6:2c:63:c6:a0:6b:04:49:d5:99:4a:99:39:c6:e5:11:1a:
20:82:12:73:4a:90:ff:b3:37:26:f9:33:6f:a6:1c:e5:5f:d4:
d5:4c:6f:8f:5e:1e:01:fb:d4:6c:33:bc:f1:a1:87:72:bd:95:
3d:b9:46:74:c8:10:4b:53:e1:44:ce:4a:7d:75:8e:1b:e1:cc:
ca:b0:1b:0f:bd:37:cc:d1:4f:6d:a7:61:0c:c6:a9:29:a9:3c:
c1:13:4b:7d:f8:65:04:21:b2:51:84:ae:4b:04:62:34:44:0f:
c7:b3:3d:c6:d0:cd:f9:f1:c5:8e:f6:2b:21:09:f2:c9:90:b2:
14:ce:f1:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6h860dBUnQZ5eZ7zmQ6n/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAzMDMxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzViMTkzODhhY2NiODE3NWFjNzYyYTg5ZGUxM2MxOWZjOWRkNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25y8vPNNZFwUNNerxq5HoWriQqpJ
r/uxQDMhxjKNO+dyLKAQJAQrujiwr0Ig7nfmJks9dms09tVyk13e5cqAydTsDkUJ
ckYlMA73hL2HXqtD9w2xZaMa11c/lHwH30/fHGGHA7OoHjL18/8afvNnrUP35/XE
VoD05BNN0r+ZR8GdIDu0iV+7d5V74P/ilTn8F/IS7xGWqWyODKwmogiGs7pBZdww
mSxJv9dr3g/OOsszH5qukuE7iBh4Z6qidIJx2j9Q535rXHFNUeo+W4A6ERd6ER6N
ipaPVkgwaby5U+9HcanJteGA11ZebPoS5C1gC/oM04piX8NwTYi+ysO8lwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFENbGTiKzLgXWsdiqJ3hPBn8ndWIMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUTFzWk9Jck11QmRheDJLb25lRThHZnlkMVlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAIQD4avh//GiIc27EMC
GActP9GKSDuaHWmlqdDh/SgODocRAuUKjk1DhiKv0gD2oc4n8JnZVElykbiKW7EH
1h3N+/yn0z8VfBZyhMO8QMBGJBor5DzCw3xZwaIPCZjCQEXzBJfbB1xdGG+knKbX
lhver6grRYoOCmDNqj0EoPC2LGPGoGsESdWZSpk5xuURGiCCEnNKkP+zNyb5M2+m
HOVf1NVMb49eHgH71GwzvPGhh3K9lT25RnTIEEtT4UTOSn11jhvhzMqwGw+9N8zR
T22nYQzGqSmpPMETS334ZQQhslGErksEYjRED8ezPcbQzfnxxY72KyEJ8smQshTO
8fY=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:50:02 2025 by rpki-client